
How to Resolve Invalid Credential Authentication Failure in APPSeCONNECT ?
The validity of a credential needs to be always maintained by an integration developer to ensure data is transferred correctly between systems. If you anyhow receive an Unauthorized exception for a REST based API or any other API (as error messages depend on the API) you will be sure that either the data within the credential pane is compromised or otherwise the keys in the application is changed or expired.
We take an instance of Magento, in case of Credential failure, you will receive
“401 Unauthorized” response when calling the API.
Cause
The issue is caused because somehow the credentials are either not currently working or is changed in the application end. If the error occurred suddenly without having any change on the integration platform, it suggests that someone in the application have reset the API keys for security purpose.
Solution
The solution to this issue is to re-enter the new password or credentials such that the data could be again start sync. But how to identify such an issue. With APPSeCONNECT Rules, you can specify a rule which will automatically notify you when a specific type of error occur.
Create a Rule to Notify on the Error
To Create a rule for notification, we need to investigate the error message correctly. In APPSeCONNECT, we provide rules which allows you to specify a criteria for which a notification could be generated when such an error occurs. Let us take a look on how to create such a rule.
- Login to https://portal.appseconnect.com.
- Open Rules from Manage menu.
- Create New Rule.
- In the Rule Wizard, Provide name and description of the rule. Click Continue.
- In the next step, consider the rule Trigger for as “Scheduled”. We have chosen scheduled to ensure that duplicate entries of same errors are trimmed. We have also marked the Repeat interval as 5 minutes.
- Once this step is done, we need to put rule criteria. There is a specific method which allows us to find all the exceptions within a scheduled time. Let us consider using the same.
The method ~{LogDataWithinScheduledTime}~ will get you all logs within a time frame as defined by the scheduler, which is 5 minutes in our case. Now we are checking for 403 Unauthorized status to find whether the same is encountered by any means within the time frame. - Click continue.
- Finally, we choose Email as Notification type and type in the message which we want to receive when the criteria is successful.
Here in this scenario all the active users for the organization will receive an email with the subject “Credential Failure”.
Conclusion
Credentials are an important part of any integration system. Hence, it is the responsibility of the citizen integrators to ensure critical business processes are not getting hampered because of credentials failure. A rule in such a scenario will ensure that the user receives an email if a credential is changed.
I hope this will help in developing a great integration solution for projects.
Leave a reply