[UPDATE]

Hi,

Please find attached the updated sample implementations (Python & PowerShell scripts) using OAuth 2.0 tokens. Read this article to know more on configuring Postman authorization for Site24x7 APIs.

For any questions, please comment in the below thread.

Regards

Mathangi

Just as an FYI, there is a bug with the Python script. While refreshing the access token using the refresh token, the refresh token will not be re-saved to the json.

In its current state the script can only generate the access token and the refresh it just one time.

Just adding one line to the refreshAccessToken() method fixed it for me.

[UPDATE]

Hi,

Thanks for pointing it out. Please find attached the updated Python script. Have re-uploaded the Python file in my previous comment as well.

Hope this helps. Let us know for further queries, if any. 

Regards

Mathangi 

Hello, you wouldn't have an example written in java would you?  Thanks.

Hi,

Thanks for raising this. We are working on this. Will post an update here once the file is ready.

Regards

Mathangi

thanks, and sorry i should have said javascript not java... appreciate it.

Hello, 

We have released another sample implementation in Golang. Please find the script attached in this post.

Note: go1.12 is the minimum version required to run this program. 

For any questions, please comment in the below thread.

Regards

Mathangi

We have been testing with the Powershell script you provided.  We were successful in calling the Get-AccessToken and Sample-GetRequest functions many times. 

But the issue we are running into is we intermittently receive an error that states:
Invoke-WebRequest : The underlying connection was closed: An unexpected error occurred on a send.
.......
WARNING: access_token is missing

We are calling the Sample-GetRequest once every 10 minutes and it will eventually execute successful after a few retries.

Any guidance is welcome

We are also getting similar issue, message we get is "Unable to connect to the remote server". I even tried putting sleep command but still the same, seems to be intermittent.

[UPDATE]

Hi,

Please find attached the updated sample implementation in Javascript.

Note: Make sure Node.js and the request library is installed to run this file.

Hope this helps. For any questions, please comment in the below thread.

Regards

Mathangi

Mathangi,

Can you update the Powershell file as well?  We can't use node.js in our environment.

Thanks

Hi Walter,

Sure, our development team is working on it. Will post an update at the earliest.

Thanks for understanding.

Regards

Mathangi

Any update on this? Its been 4 days and I'm still getting constant failures when calling the api to generate access token from refresh token potion thats in the powershell stanza.

We added loop when using the invoke-request to get API data, we still see timeouts in the logs but the loop will keep trying until successful. Seems to be problem on Site 24x7 API servers

$GetAPM = $null
Do
{$GetAPM = Invoke-RestMethod -Uri $APMuri -UseBasicParsing -Method Get -Headers $headers | ConvertTo-Json}
While ($GetAPM.Length -eq 0)

Hi Walter,

We have shared a powershell script to you via our support mail id. Please let us know whether that resolves the problem.

Thillai.

Hi,

Refresh token is a permanent token. You have to use the refresh token to generate new access token after it got expired (in one hour).

Please check "PART 5: GENERATE ACCESS TOKEN FROM REFRESH TOKEN" in API Doc

https://www.site24x7.com/help/api/#authentication

Thillai.

We migrate our scripts to the new method, well this fails all the time, we have cases opened but with no solution, please roll back this until is stable

Is the Token data URL (accounts.zoho.com/oauth/v2/token) same for all data centers?

Please confirm if its the same for Europe.

No, the URL changes for each data center. For Europe you have to use https://accounts.zoho.eu/oauth/v2/token

For other data centers, please check API Doc https://www.site24x7.com/help/api/#authentication

How this OAuth 2.0 affect the RESP API Integration with ServiceNow?

as I understand you need to generate an OAuth Token everytime

If you are using our out of the box Service Now integration, there is no change in that because of OAuth 2.0. Because only how you call our api has been modified, not how and what we post to Service Now is. Same applies to all third party integrations.

Hi JuanManuel/Sam,

Hope you can make it work now. Let us know, if you need any further help.

Thillai.

Just ran into this issue and took me a while to figure it out (hadn't read the full post), can the example python files ('sample-implementation-scripts') be updated and reposted with the changes so that others don't trip on this as well,

Cheers

Hi Julian,

Thanks for raising this. We have updated the Python, JavaScript, and PowerShell samples. Have attached them in this comment as well as updated the attached zip in my previous comments.

Hope this helps. Please let us know for questions, if any.

Regards

Mathangi   

Hi Site24x7 team,

We are having some annoying issues obtaining access tokens using refresh token. There seems to be a mismatch between the behaviour and limits described in the API documentation and the actual behaviour.

The documentation section in question is the following:

Each refresh token can have a maximum of 30 active access tokens (non expired). When the user creates the 31st access token, the first created access token is automatically deleted to accommodate the latest one.

The short version of our issue is that the API rejects token requests with "access denied" even before requesting the 31th token. Also, from the documentation I'd assume that requesting the 31th token immediately creates one and deletes the oldest token in flight, but this is not what we are observing. Instead, we are unable to obtain new tokens for several minutes, which -- even with exponential backoff-retry -- makes our automations fail rather often.

For a complete explaination of the issue I prepared the description of the problem and two reproducer scripts as a Github gist which can be found here:

gist.github.com/martinohmann/2a73af2e2f1babab02fee37479937d00

Looking forward to feedback from you.

Thanks and best regards!

Martin

Please note that you can generate only a maximum of five access tokens in a minute similar to refresh tokens as a security measure. In some cases, you will be able to generate 15 access tokens in a minute.

"Each refresh token can have a maximum of 30 active access tokens (non expired). When the user creates the 31st access token, the first created access token is automatically deleted to accommodate the latest one."  The above statement denotes that only 30 active access tokens can be alive at a time, but you can not generate 30 or more access tokens in a minute.

You can have a centralized place to fetch access token, which will generate new access token when an old one expires.

Thank you for your reply! That at least explains the behaviour.

Can you point me to the place in the documentation where the per-minute limits are noted? I do not seem to find it.

Is it possible to fix the API to return a proper 429 Too Many Requests response with a Retry-After header? This would be super helpful for automated systems to properly handle this rate limit. Right now it returns status 200 with message access denied, which is a little confusing.

We are in fact reusing access tokens until they expire if possible, but we have some automated systems that fetch an access token from the same refresh token when they start up which causes problems when multiple of these start up in parallel or quickly one after the other. Proper rate limiting responses would certainly help here.

Best regards

Martin

Thank you for your suggestion, We will check and update the status code. 

"Can you point me to the place in the documentation where the per-minute limits are noted? I do not seem to find it." - We have not explicitly mentioned these for our APIs. It also varies based on the API. The count should be sufficient for typical usage. You can also refer to our community post regarding effective usage.

Regards,

Karthick

Martin, 

   Please share your Client ID to our support via Email:support@site24x7.com. We can change the error code for that Client ID alone, So that it does not break others who are already relying on 200.

Regards, 

Karthick

At support.site24x7.com/portal/en/kb/articles/create-a-postman-configuration-for-authorizing-requests-with-oauth-2-0 it states: "Provide a name for the client and select the Type as Web-based."

I don't have that type. I have:

Client-based Applications

Server-based Applications

Mobile-based Applications

Non-browser Applications

Self Client

Dear Tom,

     Please use Server-based applications as the client type. This will authenticate web-based applications that are built to run in a HTTP server.

Apologies for not updating the KBase. We will update asap.

-Jasper

PM, Site24x7

The result is this:

Dear Tom, 

   Can you contact us in support@site24x7.com so that we can debug and guide you better. 

Just before you reach us, it would be good to know if you enabled "Authorize using browser" option in Postman?

It should be disabled and you should login via postman's internal browser and authorize.

If this doesn't help please contact us. We will update here with the steps we took to resolve it. 

-Jasper

PM, Site24x7

Hi Jasper,

My reply crossed yours. The error I had was before using the Server-based application. Now all is well!

Thanks,
Tom