VMware Cloud Community
ccurry
Contributor
Contributor
‎03-16-2016 06:25 PM

Pulling Reports from vRealize Business Standard Server Public API

Further developments from this question: Powershell Token Authentication when connecting to vRealize Business Standard 7.0

I have followed the vRealize Business Standard documentation (vRealize Business Standard 7.0 Documentation Center) to retrieve a token from the vRealize Automation server, and pull an out-of-the-box report from the vRealize Business server. The wget commands I'm using are below:

wget --no-check-certificate -S -q --header "Accept: application/json" --header='Content-Type: application/json' --post-data '{"username":"[username]","password":"[password]","tenant":"[tenant"}' -O - https://[vRealizeAutomationServer]/identity/api/tokens


(This successfully retrieves a token from the server.)

wget --no-check-certificate -S -q --header "Accept: text/plain" --header="Content-Type: text/plain" --header "accept-encoding: gzip" --header="Authorization: Bearer [token]" -O - https://[vRealizeBusinessServer]/itfm-cloud/rest/reports/export-filters/servers>out.xls


This command returns the following error:


  HTTP/1.1 401 Unauthorized

  Server: Apache-Coyote/1.1

  Content-Type: text/html;charset=utf-8

  Content-Language: en

  Content-Length: 1098

  Date: Thu, 17 Mar 2016 01:05:35 GMT

  Connection: keep-alive

I have sent a similar call using Powershell's Invoke-RestMethod (Seen in the link at the top of this post), which returns a similar error. Can anyone recommend a way to fix this, or point me towards the source of the problem?

Reply
0 Kudos
3 Replies
pamarnath
VMware Employee
VMware Employee
‎03-17-2016 06:40 AM

Hi,

The commands you are using look fine. Are you copying the 'Bearer Token' properly? As I see the error is "401 Unauthorized", my first suspicion would be on the token, either it may not be properly copied or expired. Was there any long gap between token generation and usage?

Reply
0 Kudos
ccurry
Contributor
Contributor
‎03-17-2016 02:37 PM

Thanks for the reply.

I executed the second command barely a minute after the first. Here's the output, with the token usage:

wget --no-check-certificate -S -q --header "Accept: application/json" --header='Content-Type: application/json' --post-data '{"username":"[username]","password":"[password]","tenant":"[tenant]"}' -O - https://[vRealizeAutomationServer]/identity/api/tokens

  HTTP/1.1 200 OK

  Server: Apache-Coyote/1.1

  Cache-Control: no-cache, no-store

  Pragma: no-cache

  Expires: Wed, 31 Dec 1969 23:59:59 GMT

  Content-Type: application/json;charset=UTF-8

  Content-Length: 373

  Date: Thu, 17 Mar 2016 21:25:16 GMT

  Connection: keep-alive

{"expires":"2016-03-18T05:25:16.000Z","id":"MTQ1ODI0OTkxNjc4Nzo3OWNkMjI3YmQxYjk0YTE4MGI1NTp0ZW5hbnQ6bnpjbG91ZHVzZXJuYW1lOmNjdXJyeUB2c3BoZXJlLmxvY2FsZXhwaXJhdGlvbjoxNDU4Mjc4NzE2MDAwOjQ5Yzg0Nzc1MTQ1Njg5ZjZiZDc2OTgxN2I2YmU2MDhkMWRhMTRhMTQ2Mzk0ZDBmNWEyNjg5OTkzMDA2ZTllMTdjYmRlMTFkYmViNjc4NDM0ZDdlNTRjYTc5OTQwODBlNGQwZGY3NjEyZWYzMWJhYmE3NDI4OTBlMzY0N2I5ZmEx","tenant":"[tenant]"}

wget --no-check-certificate -S -q --header "Accept: text/plain" --header="Content-Type: text/plain" --header "accept-encoding: gzip" --header="Authorization: Bearer MTQ1ODI0OTkxNjc4Nzo3OWNkMjI3YmQxYjk0YTE4MGI1NTp0ZW5hbnQ6bnpjbG91ZHVzZXJuYW1lOmNjdXJyeUB2c3BoZXJlLmxvY2FsZXhwaXJhdGlvbjoxNDU4Mjc4NzE2MDAwOjQ5Yzg0Nzc1MTQ1Njg5ZjZiZDc2OTgxN2I2YmU2MDhkMWRhMTRhMTQ2Mzk0ZDBmNWEyNjg5OTkzMDA2ZTllMTdjYmRlMTFkYmViNjc4NDM0ZDdlNTRjYTc5OTQwODBlNGQwZGY3NjEyZWYzMWJhYmE3NDI4OTBlMzY0N2I5ZmEx" -O - https://[vRealizeBusinessServer]/itfm-cloud/rest/reports/export-filters/servers>out.xls

  HTTP/1.1 401 Unauthorized

  Server: Apache-Coyote/1.1

  Content-Type: text/html;charset=utf-8

  Content-Language: en

  Content-Length: 1098

  Date: Thu, 17 Mar 2016 21:26:12 GMT

  Connection: keep-alive

Is there possibly some configuration that needs to be done on the Business Standard server to accept these tokens, or something along those lines?

Reply
0 Kudos
FerrerDeCouto
Commander
Commander
‎05-23-2016 01:59 PM

Hi Conrad,

You don't need to do any extra configuration beyond than add the right permissions in vRB to the user you're using to request the token. Like you can see, the token request is in vRA so you get a valid token because the user has permissions in vRA, but when you use this token for vRB the user doesn't have selected the right vRB roles that enable the user to get the reports or access to vRB.

wget --no-check-certificate -S -q --header "Accept: application/json" --header='Content-Type:application/json' --post-data '{"username":"root","password":"VMware1!","tenant":"vsphere.local"}' -O- https://vra.corp.local/identity/api/tokens




  HTTP/1.1 200 OK


  Server: Apache-Coyote/1.1


  Cache-Control: no-cache, no-store


  Pragma: no-cache


  Expires: Wed, 31 Dec 1969 23:59:59 GMT


  Content-Type: application/json;charset=UTF-8


  Content-Length: 403


  Date: Mon, 23 May 2016 20:50:30 GMT


{"expires":"2016-05-24T04:50:31.000Z","id":"MTQ2NDAzNjYzMTA4Mjo3Nzc0YTFhYzhkMDA4NjJiODc0Yzp0ZW5hbnQ6dnNwaGVyZS5sb2NhbHVzZXJuYW1lOmNvbmZpZ3VyYXRpb25hZG1pbkB2c3BoZXJlLmxvY2FsZXhwaXJhdGlvbjoxNDY0MDY1NDMxMDAwOjdiY2I3MWM5NGFlNmYzN2I4ODc5MzIzZWRjYjAyNDQ2NTFhYWJkN2QzNGYyZmQ4NTNlNjk2NjE4MjNmMTA3YzRlZmIyYTM1MzI5OTRkNTZiNGEyZTk5NWY3ZTg2ZTY4OTMwOTVlMGU0OTFjNTMxZjBhNWJhNjQ2MjMxMDkwMjI0","tenant":"vsphere.local"}




wget --no-check-certificate -S -q --header "Accept: text/plain" --header='Content-Type:text/plain' --header "accept-encoding: gzip" --header="Authorization: Bearer MTQ2NDAzNjYzMTA4Mjo3Nzc0YTFhYzhkMDA4NjJiODc0Yzp0ZW5hbnQ6dnNwaGVyZS5sb2NhbHVzZXJuYW1lOmNvbmZpZ3VyYXRpb25hZG1pbkB2c3BoZXJlLmxvY2FsZXhwaXJhdGlvbjoxNDY0MDY1NDMxMDAwOjdiY2I3MWM5NGFlNmYzN2I4ODc5MzIzZWRjYjAyNDQ2NTFhYWJkN2QzNGYyZmQ4NTNlNjk2NjE4MjNmMTA3YzRlZmIyYTM1MzI5OTRkNTZiNGEyZTk5NWY3ZTg2ZTY4OTMwOTVlMGU0OTFjNTMxZjBhNWJhNjQ2MjMxMDkwMjI0" -O- https://vrb-main.corp.local/itfm-cloud/rest/reports/export-filters/servers>out.xls




  HTTP/1.1 200 OK


  Server: Apache-Coyote/1.1


  Content-Disposition: attachment;filename=servers_export_2016-05-23_20-36-22.xls


  Cache-Control: no-cache, max-age=0, no-store, must-revalidate, proxy-revalidate


  Content-Type: application/vnd.ms-excel;charset=UTF-8


  Transfer-Encoding: chunked


  Date: Mon, 23 May 2016 20:36:22 GMT

vrb.png

Regards,

Jose

José Luis Gómez Ferrer de Couto Founder of PiPo e2H Blog: http://blog.e2h.net Si encuentras que esta o cualquier otra respuesta fue de utilidad, por favor da el voto. Gracias. If you find this or any other answer useful, please consider awarding points. Thank you.
Reply
0 Kudos