cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2813
Views
1
Helpful
1
Replies

'Not Authorized' Issue trying to use api.cisco.com

rmazgon
Level 1
Level 1

Hello!

I am testing https://api.cisco.com/. I have made all steps before using tht API:

* User account registration

* API client creation

After, I have requested a token, using cURL as test scenary. After that, I obtained a correct token:

# curl -s -k -H "Content-Type: application/x-www-form-urlencoded" -X POST -d "client_id=*****" -d "client_secret=****" -d "grant_type=client_credentials" https://cloudsso.cisco.com/as/token.oauth2

{"access_token":"3MuvqRWQtLPQ5Vr1YTJpBi*****","token_type":"Bearer","expires_in":3599}

But when I try to call the API, I always obtain the same response:

# curl -v -X GET -s -k -H "Authorization: Bearer 3MuvqRWQtLPQ5Vr1YTJpBi*****" https://api.cisco.com/hello

*   Trying 72.163.8.72...

* TCP_NODELAY set

* Connected to api.cisco.com (72.163.8.72) port 443 (#0)

* ALPN, offering h2

* ALPN, offering http/1.1

* TLSv1.2 (OUT), TLS handshake, Client hello (1):

* TLSv1.2 (IN), TLS handshake, Server hello (2):

* TLSv1.2 (IN), TLS handshake, Certificate (11):

* TLSv1.2 (IN), TLS handshake, Server finished (14):

* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):

* TLSv1.2 (OUT), TLS change cipher, Client hello (1):

* TLSv1.2 (OUT), TLS handshake, Finished (20):

* TLSv1.2 (IN), TLS handshake, Finished (20):

* SSL connection using TLSv1.2 / AES128-SHA256

* ALPN, server did not agree to a protocol

* Server certificate:

*  subject: C=US; ST=CA; L=San Jose; O=Cisco Systems, Inc.; CN=api.cisco.com

*  start date: Nov 29 23:58:54 2017 GMT

*  expire date: Nov 30 00:08:00 2019 GMT

*  issuer: C=US; O=HydrantID (Avalanche Cloud Corporation); CN=HydrantID SSL ICA G2

*  SSL certificate verify result: self signed certificate in certificate chain (19), continuing anyway.

> GET /hello HTTP/1.1

> Host: api.cisco.com

> User-Agent: curl/7.59.0

> Accept: */*

> Authorization: Bearer 3MuvqRWQtLPQ5Vr1YTJpBi*****

>

< HTTP/1.1 403 Forbidden

< Date: Fri, 06 Apr 2018 13:53:49 GMT

< Server: Mashery Proxy

< X-Mashery-Responder: apix-prd-01

< X-Mashery-Message-ID: 6e06ae52-e1aa-4989-ba59-f8dfda8811c0

< X-Error-Detail-Header: Not Authorized

< X-Mashery-Error-Code: ERR_403_NOT_AUTHORIZED

< Content-Type: text/xml

< Content-Length: 23

< Connection: close

<

<h1>Not Authorized</h1>

* Closing connection 0

* TLSv1.2 (OUT), TLS alert, Client hello (1):

Any suggestion please? I have tested with other webservices aka:

'https://api.cisco.com/security/advisories/ios?version=15.2(3)E2'

'https://api.cisco.com/security/advisories/cvrf/all'

Thanks a lot!

1 Reply 1

Geevarghese Cheria
Cisco Employee
Cisco Employee

Hi

   Apologies for the delay in responding to you. Please find this related url - Re: Cisco PSIRT openVuln API oauth2 Token "Not Authorized"

Moving your question under PSIRT community for more visibility of support engineers.

Thanks and Regards,

Geevarghese

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: