I am trying to request the usage metrics from a virtual machine I have running on Azure Devops. I know it's online because i've sent a ping. However, every time I try to run the program with the correct Get information filled in it gives me an error:
{"error":{"code":"AuthenticationFailed","message":"Authentication failed. The 'Authorization' header is missing."}}
I am following the instructions here: https://learn.microsoft.com/en-us/azure/virtual-machines/linux/metrics-vm-usage-rest
import requests
BASE_URL = "GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines/{vmname}/providers/microsoft.insights/metrics?api-version=2018-01-01&metricnames=Percentage%20CPU×pan=2018-06-05T03:00:00Z/2018-06-07T03:00:00Z"
headers = {
"Content-Type": "application/json",
"Authorization": "Bearer {myPAT}"
}
response = requests.get(BASE_URL,headers)
print(response.text)
The bug lies in my Authorization header, what am I missing?
Edit: Actually this question Is there a way to call Azure Devops via python using 'requests'? solved my issue but now I have another error "{"error":{"code":"InvalidAuthenticationToken","message":"The access token is invalid."}}". I am reading the docs. https://learn.microsoft.com/en-us/azure/active-directory-b2c/access-tokens Thank you.
Basically, you cannot use the Azure DevOps PAT. You need to Create a Service Principal and Request the Access Token by following this document : Azure REST API Reference
It's easy to use curl to achieve that, please refer to Calling Azure REST API via curl for details.
And as mentioned in the blog, if you need a token just to run some test and you don’t want to go through Service Principal creation, then you can just run below command to get the access token. You’ll get your access token with a maximum validity of 1 hour.
az account get-access-token
After that you can use the access token in your script.
Related
I only want to pull data from a list called dataacq within a group (or site?) called prod within the domain (or root site?) tenant.sharepoint.com (or tenant-my.sharepoint.com ?) and put it into a DataFrame.
I have an issue with the token gotten through app.acquire_token_silent.
Microsoft documentation is not comprehensible because it's too heavy and has little workable cookbooks/working examples (as can be seen by my numerous question marks). Also it seems they want to centralize all their APIs into graph.microsoft.com, yet there is no warning that tenant.sharepoint.com/sites/prod/_api/ is going to be discontinued.
I have gotten the following permissions from the azure portal for my app.
I don't believe I need all of them, but I am not sure. I just want to read a list. So is only Microsoft Graph > Sites.read.All necessary? Or is it Sharepoint > Allsites.Read ?
I know I both have an "app only" permission and a "signed in user" permission.
I did download the "quickstart" examples and I did read https://msal-python.readthedocs.io/en/latest/ . Although a token was successfully pulled using app.acquire_token_silent, using the returned token always throws some error whatever scope ('https://microsoft.sharepoint-df.com/.default' or 'https://graph.microsoft.com/.default') or API domain (graph.microsoft.com or tenant.sharepoint.com) I am using into a request:
{'error_description':
"Exception of type 'Microsoft.IdentityModel.Tokens.AudienceUriValidationFailedException' was thrown."}
{'error': {'code': 'AccessDenied',
'message': 'Either scp or roles claim need to be present in the token.',
'innerError': {'date': '2021-02-19T08:05:16',
'request-id': '01efc071-18e6-4006-8780-f771419ebe3e',
'client-request-id': '01efc071-18e6-4006-8780-f771419ebe3e'}}}
On the other hand, there is an API developer testing portal. When I am copying the token given in this portal into my python code, both scope/API domains work.
This is e.g. an example that works with copying & pasting the token from the portal, but not working with the token issued by the app.acquire_token_silent method:
r = requests.get( # Use token to call downstream service
fr'https://graph.microsoft.com/v1.0/sites/root:/sites/prod:/lists/{list_id}/items?expand=fields(select=Created))',
headers={'Authorization': 'Bearer ' + result['access_token'],},)
So the issue is with this app.acquire_token_silent method or the configuration file. But the returned response seems alright:
{'token_type': 'Bearer',
'expires_in': 3599,
'ext_expires_in': 3599,
'access_token': '...'}
What am I missing?
According to the code r = requests.get..... you provided in your description, it seems you use the microsoft graph api to implement it. If you use this api, you should use https://graph.microsoft.com/.default as scope to get the access token. And you can copy the access token to this page, decode the token and check if the permissions are included in it.
And according to the screenshot of "API permissions" tab of your registered app, please also do grant admin consent operation for the permission Sites.Read.All although it shows not required admin consent.
================================Update===============================
It seems the method acquire_token_silent() acquire the access token by client credential flow. So we should add the "Application" type permission but not "Delegated" permission in registered app.
Good morning,
I want to query households (my first query and generally first experience with the Sonos API) and have authenticated successfully. I got an access token and query the Control API like this:
headers={"Content-Type" : "application/json",
"Authorization" : "Bearer " + token["access_token"]}
resp = re.get('http://api.ws.sonos.com/control/api/v1/househoulds', headers=headers)
It returns me a response with error code "503: Service unavailable":
Service Unavailable
Service Unavailable - Zero size object
The server is temporarily unable to service your request. Please try again
later.
Reference XXXXX
(I cut out the reference because I am not sure, if it contains credentials). I remember that when I intentionally changed my access token to a wrong one yesterday, I would get an error code back that I am not authorized. But now when I change it to a false one I still just get this same page back (503: Service unavailable).
Does anyone have the same problem? Might it be some security mechanism because I authorized many times in a short time or is the control API just currently down? I tried yesterday and today and don't see a blog post stating a downtime.
I see two issues with the code snippet you provided:
Issue 1: Your API URL has a typo. You used "househoulds" instead of
"households".
Issue 2: Your URL needs to use https://, not http://
If you fix those two issues and are indeed using a valid access token, your request should work.
How can I retrieve usage and cost data for my IBM Cloud account using a REST API? I found that there are billing related commands and I can export some data as JSON. Is there an API or SDK I can use, ideally Python?
Here are some of the IBM Cloud billing commands I use:
ibmcloud billing resource-instances-usage --json
ibmcloud billing account-usage --json
Are there equivalent APIs for that?
UPDATED:
An API is now documented here: https://cloud.ibm.com/apidocs/metering-reporting
OLD:
I couldn't find a documented API but used the tracing to see how the above commands are executed. Using a valid access_token a program can call the metering host and obtain usage data for an account, resource group or all resource instances:
A GET on the following URL with an account ID and month as YYYY-MM returns a JSON object with all resource usage and related cost:
https://metering-reporting.ng.bluemix.net/v4/accounts/account_id/resource_instances/usage/?_limit=100&_names=true
I coded up a small Python script that dumps that data or prints it as CSV.
def processResourceInstanceUsage(account_id, billMonth):
METERING_HOST="https://metering-reporting.ng.bluemix.net"
USAGE_URL="/v4/accounts/"+account_id+"/resource_instances/usage/"+billMonth+"?_limit=100&_names=true"
url=METERING_HOST+USAGE_URL
headers = {
"Authorization": "{}".format(iam_token),
"Accept": "application/json",
"Content-Type": "application/json"
}
response=requests.get(url, headers=headers)
print ("\n\nResource instance usage for first 100 items")
return response.json()
The GitHub repo openwhisk-cloud-usage-samples uses a serverless approach to getting data via APIs. Examples are included in the repo. It's written in Javascript, but a package it uses openwhisk-jsonetl was designed so that you could declare the URLs and parameters in YAML (rather than writing code) to request and transform JSON.
I'm trying to get the weather data for London in JSON but I am getting HTTPError: HTTP Error 401: Unauthorized. How do I get the API working?
import urllib2
url = "http://api.openweathermap.org/data/2.5/forecast/daily?q=London&cnt=10&mode=json&units=metric"
response = urllib2.urlopen(url).read()
The docs open by telling you that you need to register for an API key first.
To access the API you need to sign up for an API key
Since your url doesn't contain a key, the site tells you you're not authorized. Follow the instructions to get a key, then add it to the query parameters.
http://api.openweathermap.org/data/2.5/forecast/daily?APPID=12345&q=...
Error:
Invalid API key. Please see http://openweathermap.org/faq#error401 for more info
API calls responds with 401 error:
You can get the error 401 in the following cases:
You did not specify your API key in API request.
Your API key is not activated yet. Within the next couple of hours, it will be activated and ready to use.
You are using wrong API key in API request. Please, check your right API key in personal account.
You have free subscription and try to get access to our paid services (for example, 16 days/daily forecast API, any historical weather data, Weather maps 2.0, etc). Please, check your tariff in your [personal account]([price and condition]).
here are some steps to find problem.
1) Check if API key is activated
some API services provide key information in dashboard whether its activated, expired etc. openWeatherMap don't.
to verify whether your key is working 'MAKE API CALL FROM BROWSER'
api.openweathermap.org/data/2.5/weather?q=peshawar&appid=API_key
replace API_key with your own key, if you get data successfully then your key is activated otherwise wait for few hours to get key activated.
2) Check .env for typos & syntax
.env is file which is used to hide credentials such as API_KEY in server side code.
make sure your .env file variables are using correct syntax which is
NAME=VALUE
API_KEY=djgkv43439d90bkckcs
no semicolon, quotes etc
3) Check request URL
check request url where API call will be made , make sure
It doesn't have spaces, braces etc
correct according to URL encoding
correct according to API documentation
4) Debug using dotenv:
to know if you dotenv package is parsing API key correctly use the following code
const result = dotenv.config()
if (result.error) {
throw result.error
}
console.log(result.parsed)
this code checks if .env file variables are being parsed, it will print API_KEY value if its been parsed otherwise will print error which occur while parsing.
Hopefully it helps :)
For a graduate i was helping, he had a correct api key and it was active, but the api was incorrectly 401 when no content type was given
it was a simple as adding a Content-Type: application/json, and hey presto the api started working
curl command
curl --location \
--request GET \
'https://api.openweathermap.org/data/2.5/forecast?lat=55&lon=-3&appid=xxx' \
--header 'Content-Type: application/json'
I also faced the same issue, I have just created an account on open weather map and also verified the email, tried to load the api using several different url , but they replied with 401 , api key not found.
Solution: after 1 hour they all started working, so the reason was for activation it took 1 or some more hours.
The api key not set in your url ! before all you must register in https://openweathermap.org/ then get api key in your pesrsonal account after that do it like this:
http://api.openweathermap.org/data/2.5/weather?q={city}&appid=YOUR_API_KEY_HERE&units=metric
replace you apikey code with {YOUR_API_KEY_HERE}
then run your app.
After registering, you need to verify email.
I have written python scripts to list repositories and commits.
To create a new repository, I have used the following code:
curl -F 'login=SolomonPeter26' -F 'token=mygithubapitoken' https://github.com/api/v2/json/repos/create -F 'name=REPONAME' -F 'description=This project is a test'
I can't access github API token of other users. So I couldn't write a python script for that sake.
Please suggest a better way to create such a new repository or a way to access the Github API token.( Can I get any help from oauth or oauth2)
Yeah. You can't access API tokens of other users. It's same with twitter. You need to use Oauth2, and each user should get the API keys\tokens and add them manually in the code. What you can do is provide an easy way for your users to add github API token.
I use Postman (a Chrome plug-ins). It can test success:
With the access_token, you can find personal access tokens of your account's setting.
There is a generic formula on Ritchie CLI to create a Github repository, using the user's Github API token.
Obs: The user will have to set the token manually the first time the command will be executed on the terminal (to save it locally).
Here are the code and the README file of this formula (in Python)
Here is an example of how it consumes the POST resource to create a repository with the Github API:
authorization = f'token {token}'
headers = {
"Accept": "application/vnd.github.v3+json",
"Authorization" : authorization,
}
r = requests.post(
url='https://api.github.com/user/repos',
data=json_data,
headers=headers
)
As you can customize the commands using the tool, it is possible to automate many other operations with Github API the same way.