Dear Team,
Hope you all are doing well and Happy NEw Year 2020 in advance.
I am new to web API objects in APPIAN and trying to develop one. Goal is to make data in one of my data store entity available to third party system outside APPIAN.
Here is what I did : Created a web API with GET 'Query Data Store' template and passed my data store entity in it. Created a http connected system with basic authentication usernam/password combo. Created third party credntials as well (not sure if this is required). Created integration object with basic authentication.
Now when I am hitting the URL in same session of chrome or test the API within API, I get expected data in JSON format 200 Ok. Eveything looks fine here but as soon as access the api URL from other machin or in other session of IE, I get following error :
{"resource":"\/suite\/webapi\/rpttr","error":"APNX-1-4187-000","message":"Authentication failed. Please check your credentials and try again.","title":"An Error Has Occurred"}
and when I am testing integration object : I get following error "Appian was not able to authenticate with the username and password you provided. This request requires Basic authentication."
I know its a naive question but any help to sort this would be appreciated.
Thanks.
Discussion posts and replies are publicly visible
Hi Vidhu,
In order to use a Web API, follow the steps.
Create one Service Account user
Add the Service Account user to the Service Account group
Go to the Admin console, under API Keys create one API key and mention the Service Account User
Once you create you will get the API key and save it first.
Create Web API access group, add the Service Account user in that group
Create Web API
Add security for the Web API by making Web API access group as viewers
Create a connected system with API key Authentication by providing header Appian-API-Key or as mentioned in community
Call the integration as a rule by passing the required parameters if any.
In old versions.
You have to create a user with the same basic authentication username and password
You need to create the secure credential store with the same basic authentication username and password
You have to add the user to the Web API Access group (Any group that has to access the Web API)
You have to make Web API Access group as a viewer to the web api and the application.
Dude A service account is recommended but not required. Good to keep these in mind as typically, not that service accounts are available, there are benefits to using them in production.
Also, while there are some use cases to connect to an Appian Web API from an Appian Integration; two things to consider:1) speaking personally - I've only encountered 1 use case of this that I believe is valid.2) for the general public the use case is going to be to access Appian from an external system. for this reason, I would encourage the use of a 3rd party client for testing. Calling Appian from Appian isn't a strong validation of the expected behavior of request that originates from an external source.
Hi , Thanks for the response. I followed the steps, and request you to provide some additional guidance.
[Vidhu] : Completed the steps mentioned above successfully
[Vidhu] : you please elaborate this one. Where in API I would enter/pass my API Key.??
Vidhu
Inside the integration designer, under Headers section click on Add Header link. Type Appian-API-Key as a name and paste the API key under value. For further details you can find in this link community
Robert Shankin I have mentioned both the ways of creation for the learner's convenience. Thank you.
I actually don't think creating a connected system / integration is necessary. This would only be necessary if you wanted to do a circular reference - essentially have Appian call itself for testing purposes.
Since you mentioned that you plan on calling the Web API from an external system, I'd recommend testing it externally too since that will be a better test of how your Web API should be used. There are a bunch of external tools you can use that call rest APIs (for example, I like SOAP UI). You can set up a tool like that to point to your web API and provide the API key credentials. See the Web API documentation for the different methods of adding your credentials to the request: https://docs.appian.com/suite/help/latest/Web_API_Authentication.html#using-api-keys
Thanks Dudeand Peter Lewis for suggestions.
I was finally able to get the data via SOAP UI. I now have a user which I have assigned to my API but as soon as I put that user in Service Accounts groups, I stop getting data and API starts to fail with Authentication failed error. Any suggestion how can I resolve this ? The user I have created is a Basic user which has access to webAPI hence it is working but I am able to login in my application using that user as well (which I dont want).
Can you make the service account user as system administrator instead of basic user and try?
I tried that too, did not work.
Any other suggestions from anyone ?
Please check the security for web api and Datastore objects whether that user has proper access.