Skip to main content
Delphix

Troubleshooting "login to log in first" API Responses After Login (KBA1835)

 

KBA

KBA#1835

Issue

After using the API login call to log in to the Delphix Engine, subsequent calls to other API endpoints (e.g.,database) may respond with the following error:

HTTP Status: 403
Message: Use /resources/json/delphix/login to log in first

This may occur when writing new scripts to use the Delphix Engine APIs, or with old scripts and automation tools after upgrading to Delphix Engine 5.3.1.0 or later.

Applicable Delphix Versions

Click here to view the versions of the Delphix engine to which this article applies
Major Release All Sub Releases
6.0 6.0.0.0, 6.0.1.0, 6.0.1.1

5.3

5.3.1.0, 5.3.1.1, 5.3.1.2, 5.3.2.0, 5.3.3.0, 5.3.3.1, 5.3.4.0, 5.3.5.0 5.3.6.0, 5.3.7.0, 5.3.7.1, 5.3.8.0

Resolution

To resolve this behavior, ensure that the login API call both reads and writes to the "cookie jar" used by your API tool, so that changes to the client-side session information made by the API are persisted.

Our document API Cookbook: Authentication shows how this can be used with the command line tool curl.

To establish a new session:
$ curl -s -X POST -k --data @- http://delphix-server/resources/json/delphix/session \
   -c ~/cookies.txt -H "Content-Type: application/json" <<EOF
{
   "type": "APISession",
   "version": {
       "type": "APIVersion",
       "major": 1,
       "minor": 9,
       "micro": 0
   }
}
EOF
{
   "status":"OK",
   "result": {
       "type":"APISession",
       "version": {
           "type": "APIVersion",
           "major": 1,
           "minor": 9,
           "micro": 0
       },
       "locale": "en_US",
       "client": null
   },
   "job": null
}
To log in:

$ curl -s -X POST -k --data @- http://delphix-server/resources/json/delphix/login \
   -b ~/cookies.txt -c ~/cookies.txt -H "Content-Type: application/json" <<EOF
{
   "type": "LoginRequest",
   "username": "delphix_username",
   "password": "delphix_password"
}
EOF

Subsequent API calls will fail unless the curl -c parameter is supplied during the login call, as shown above.

 

Note

Note:

The login API currently only supports authentication by password.