3 Replies Latest reply on Aug 28, 2018 6:40 AM by WinStime

    vRA 7.4 : Destroying deployment request fails with http 401

    WinStime Novice

      Hi there,

       

      First of all, I apologize if I am not using the right place to discuss about my issue (did not find anything related to API issue in the vRealize Automation forum).

       

      I am trying to create a workflow to reject/approve any destroy related requests. I am able to run a simple GET request but when it comes to a POST one, I receive a http 401 message.

       

      I tried to run the curl command from a standalone linux station, our standalone vro instance and even from vra. Always the same result.

       

      I first tried to use the VMware vRealize Automation API Explorer available on the vRA appliance to format my request but got a http 404.

      vRealize Automation API documentation 7.4 seems to not be up to date. I had to use workitem-service instead of work-item-service in my request.

       

      My request is the following :

      curl -v -k -X POST --header 'Content-Type: application/json' --header 'Accept: text/html' -d "nope" https://VRA-FQDN/workitem-service/api/workitems/WORKITEMID/actions/com.vmware.csp.core.approval.action.reject

       

      A GET on the same workitem runs without any problem.

       

      Has somebody already faced this issue ?

       

       

      Many thanks in advance

        • 1. Re: vRA 7.4 : Destroying deployment request fails with http 401
          qc4vmware Master

          You'll need to use an authorization token in your request for this it sounds like.  Many api's have calls that require no authorization.  You should be using the vRO plugin for vRA to accomplish this task.  Generally speaking you can use the actions and scriptable objects provided in the plugin but if something is missing you can also make direct api calls as well.  The plugin will handle the authentication piece for you.

          • 2. Re: vRA 7.4 : Destroying deployment request fails with http 401
            WinStime Novice

            Hi,

             

            Thank you for your answer.

            I would like to do it with curl first. Regarding the authentication, I thought that my bearer token could do the trick.

             

            To explain, as I had an error in vRO, I wanted to check the command with CURL too :-) and now, I would like to understand what is going wrong with a command that is proposed in VMware vRealize Automation API Explorer...

            • 3. Re: vRA 7.4 : Destroying deployment request fails with http 401
              WinStime Novice

              I finally found the right command (the new arguments in bold and green) :

               

              curl -kv -X POST --header 'Content-Type: application/json' --header 'Accept: text/html' --header "Authorization: $AUTH" https://VRA-NODE/workitem-service/api/workitems/WORKITEM-ID/actions/com.vmware.csp.core.approval.action.approve -d @JSON-FILE

               

              • For the autorization part, I use the variable that stores my bearer token.

               

              • For the JSON part, instead of "-d "blablabla" " I chose to attach a file. As I did not find any JSON template for my need I used the template for approving a machine request and cleaned it up as shown below (In bold, what is seems to be needed) :

               

              {

                 "formData": {

                    "entries": [

                       {

                          "key": "source-businessJustification",

                          "value": {

                             "type": "string",

                             "value": "Destroy request approved via vRA REST API"

                          }

                       }

                  ]

                 },

                 "workItemId": "WORKITEM-ID",

                 "workItemActionId": "com.vmware.csp.core.approval.action.approve"  

              }