I have a c# program that is making calls to my local host rest search api. It was working before we tried to set up authentication.
In my config.yml I have included:
tokens:
sharedKey: a0534332f0934064a7124a79a97c9227
at the bottom. I have tried to add information to the applications section below but i have to delete it in order to get my service to restart and actually run
In the Coveo Coveo.SearchProvider.Rest.conig I changed the Application Secret to:
<ApplicationSecret>a0534332f0934064a7124a79a97c9227</ApplicationSecret>
so now when I call this url i dont get back my JSON anymore:
I get an error:
"statusCode" : 403,
"message" : "Invalid token",
"type" : "InvalidTokenException"
the c# for my program is getting the data back from the rest search using a HttpRequest. Any help would be appreciated! Thanks!
Answer by Jean-François L'Heureux · Oct 23, 2015 at 11:42 AM
The Coveo.SearchProvider.Rest.config
file <ApplicationSecret>
element value must match a config.yml
application secret instead of the sharedKey token. In your case, your config.yml
file should contain the following in order to work from Sitecore:
applications:
- name: Sample Application
secret: a0534332f0934064a7124a79a97c9227
allowImpersonate: true
For your C# program, I think the problem is you included dashes in your access_token URL query string attribute value but no dashes in the sharedKey token in the config.yml
file.
Thanks for replying. I deleted sharedKey from my config yml and added
applications:
- name: Atlas
secret: a0534332f0934064a7124a79a97c9227
allowImpersonate: true
is this the correct way to do this if my coveo index is named Atlas?
is access_token the correct parameter to pass in my URL? at the moment my service is running but the URL query is still returning an invalid token error
Hi,
You need both sharedKey AND application secret for the Coveo Search API to work correctly. Values should be different for both. It will be easier.
Coveo for Sitecore uses the application secret.
The access_token query string parameter should be used to pass a "search token" (see Search Token Authentication). I don't think it is meant to pass a sharedKey token. I would recommend you to read this documentation topic on on-premise Coveo Search API search token authentication to get more information: https://developers.coveo.com/display/SearchREST/On-Premises+Search+Token+Authentication
Exclude Items that don't have presentation details in Sitecore 2 Answers
Search API service does not start properly 2 Answers
Help required for query to filter with contains operator in coveo rest 1 Answer
Recommendation Event tracking using search token 1 Answer
Linking Search Page While Keeping Facet Selection Not Working 1 Answer