Answers Menu

Question

I have a c# program that is making calls to my local host rest search api. It was working before we tried to set up authentication.

In my config.yml I have included:

 tokens:
   sharedKey: a0534332f0934064a7124a79a97c9227

at the bottom. I have tried to add information to the applications section below but i have to delete it in order to get my service to restart and actually run

In the Coveo Coveo.SearchProvider.Rest.conig I changed the Application Secret to:

 <ApplicationSecret>a0534332f0934064a7124a79a97c9227</ApplicationSecret>

so now when I call this url i dont get back my JSON anymore:

http://localhost:8080/rest/search?access_token=a0534332f0934064a7124a79a97c9227&q=@syssource%3d%22Atlas%22spain

I get an error:

 "statusCode" : 403,
   "message" : "Invalid token",
   "type" : "InvalidTokenException"

the c# for my program is getting the data back from the rest search using a HttpRequest. Any help would be appreciated! Thanks!

Answer 1

Answer by Jean-François L'Heureux · Oct 23, 2015 at 11:42 AM

The Coveo.SearchProvider.Rest.config file <ApplicationSecret> element value must match a config.yml application secret instead of the sharedKey token. In your case, your config.yml file should contain the following in order to work from Sitecore:

 applications:
   - name: Sample Application
     secret: a0534332f0934064a7124a79a97c9227
     allowImpersonate: true

For your C# program, I think the problem is you included dashes in your access_token URL query string attribute value but no dashes in the sharedKey token in the config.yml file.

1 Show 2 · Share

newcoveouser · Oct 23, 2015 at 11:49 AM 0

Share

Thanks for replying. I deleted sharedKey from my config yml and added

 applications:
   - name: Atlas
     secret: a0534332f0934064a7124a79a97c9227
     allowImpersonate: true

is this the correct way to do this if my coveo index is named Atlas?

is access_token the correct parameter to pass in my URL? at the moment my service is running but the URL query is still returning an invalid token error

http://localhost:8080/rest/search?access_token=a0534332f0934064a7124a79a97c9227&q=@syssource%3d%22Atlas%22spain

Jean-François L'Heureux ♦♦ · Oct 23, 2015 at 11:57 AM 0

Share

Hi,

You need both sharedKey AND application secret for the Coveo Search API to work correctly. Values should be different for both. It will be easier.

Coveo for Sitecore uses the application secret.

The access_token query string parameter should be used to pass a "search token" (see Search Token Authentication). I don't think it is meant to pass a sharedKey token. I would recommend you to read this documentation topic on on-premise Coveo Search API search token authentication to get more information: https://developers.coveo.com/display/SearchREST/On-Premises+Search+Token+Authentication

Community

Answers Menu

localhost8080 rest search api -- how to configure secret key?

1 Reply

Your answer

What Do You Want to Do With Coveo?

Develop

Administrate

Get Support

Get Trained

Become Certified

Follow this Question

Related Questions