"The client application is not approved"

  • 1
  • Question
  • Updated 1 week ago
  • (Edited)
A simple "me" call to the API indicates the client application is not approved.  What am I missing (as if there were any real documentation in the first place)?

Here is the curl command...

curl -v -i -H 'Authorization: Basic <my_private_key_here>' -H "Accept: application/json" -H "Content-Type: application/json" -X GET  https://api.rightsignature.com/public/v1/me

...and here is the response...

{"error":"unauthorized_client","error_description":"The client application is not approved"}

I can only assume it actually does recognize my authorization key, because I if I send in something else, I get a "token invalid" type of response.  This leads me to believe it recognizes me, but doesn't like me.

What does it take to actually get the API system to recognize me as a valid application?
Photo of DeltaBravoKS

DeltaBravoKS

  • 20 Posts
  • 1 Reply Like

Posted 2 weeks ago

  • 1
Photo of Saravanan Kannan

Saravanan Kannan, Software Engineer

  • 121 Posts
  • 15 Reply Likes
Hi,

There could be two reasons for this:

1. Your client app status will be in pending status when you have first created it and then someone from our customer/support team would approve it. Has this step been completed?

2. Could you update the authorization, 'Authorization: Basic <my_private_key_here>' this to 'Authorization: Basic base_64_encoded(<my_private_key_here>)' ?

Encode your private token when you are passing that in the header.
https://www.base64encode.org/

Hope this helps.

Thanks
Saravanan
Photo of DeltaBravoKS

DeltaBravoKS

  • 24 Posts
  • 1 Reply Like
Thank you for the reply!

1).  On the ShareFile web page which shows my key and other information, it says "Approved" with a green circle checkmark in the upper right hand corner.  Does that mean the step to which you refer was completed.  If not, please tell me EXACTLY how to determine if my client app is in the correct state.
2).  My key is already Base64 encoded.

Is there documentation that clearly lines out the steps to check (such as the approval by which you mention)?

Is there an official channel whereby a long time paying customer can get technical support other than this post-and-hope method?

I see lots of mention on this board about a "new"  API.  I am using documentation that is available on https://api.rightsignature.com/documentation/authentication  Is this even the correct documentation for what is running at the URL I am using in my post above?
Photo of Saravanan Kannan

Saravanan Kannan, Software Engineer

  • 121 Posts
  • 15 Reply Likes
Hi,

ShareFile client app won't work for RightSignature. You have to create a separate client app for RightSignature inside RightSignature web app and get it approved.

Rightsignature login url: https://secure.rightsignature.com/

Thanks
Saravanan
Photo of DeltaBravoKS

DeltaBravoKS

  • 24 Posts
  • 1 Reply Like
It is a RightSignature key.  I misstated when I mentioned ShareFile.

My previous questions still stand.
Photo of Saravanan Kannan

Saravanan Kannan, Software Engineer

  • 121 Posts
  • 15 Reply Likes
Would you mind sharing your client app name? I will check the status of the same.

Thanks
Saravanan
Photo of DeltaBravoKS

DeltaBravoKS

  • 24 Posts
  • 1 Reply Like
Sorry, I don't understand the context of "client app name".  That field doesn't appear on the screen I'm looking at that contains the client id, client secret, private api token, etc.  To what specific field on what specific screen are you referring that would contain this information?
Photo of Saravanan Kannan

Saravanan Kannan, Software Engineer

  • 121 Posts
  • 15 Reply Likes
When you open the API tab on the left navigation, you should see this name/description to expand to see all the details. Either that description or the owner email of the RightSignature account. Either one of this will help in identifying your client app and I can check for any specific logs.

Thanks
Saravanan
Photo of DeltaBravoKS

DeltaBravoKS

  • 24 Posts
  • 1 Reply Like
I have a screen with lots of details (including the client secret, client ID, etc) but not knowing what screen of which you speak, I don't know what details I'm missing.

Is there a secure channel by which I can send you that owner email address?
Photo of Saravanan Kannan

Saravanan Kannan, Software Engineer

  • 121 Posts
  • 15 Reply Likes
I was talking about this.


Here "TEST CA" is the name of the client application. This is what I need to debug or check any logs.

But If you want to talk to our customer support and confirm that your client application is in approved status, please contact them at 1(800) 441 3454.

Hope this helps.

Thanks
Saravanan

Photo of DeltaBravoKS

DeltaBravoKS

  • 24 Posts
  • 1 Reply Like
Ah, yes, that is the screen to which I referred 2 days ago before where it says "Approved" and has the green dot with the checkmark.  So you're saying this screen is misleading and the application may not actually be approved.  Okay.

The "application name" of which you speak which is nowhere identified as such, is "Medova".

Does this assist in trying to resolve any of my questions above?
Photo of DeltaBravoKS

DeltaBravoKS

  • 24 Posts
  • 1 Reply Like
I'm not sure if that was supposed to be a joke, but that telephone number you've listed, 1(800) 441 3454, yields a marketing survey and an offer for roadside assistance.  
Photo of Saravanan Kannan

Saravanan Kannan, Software Engineer

  • 121 Posts
  • 15 Reply Likes
Hi,

I am extremely sorry, there was a typo in the phone number provided. You could find the phone number here: https://rightsignature.com/contact-us 1 800 441 3453

Yes your client application is approved. But there is nothing in the logs I could find for that client application.

I tried this with my test client application 

curl -H  "Authorization: Basic base_64_encoded_private_Api_token" https://api.rightsignature.com/public/v1/me

and it works for me.

Thanks
Saravanan


Photo of DeltaBravoKS

DeltaBravoKS

  • 24 Posts
  • 1 Reply Like
Thank you.  I will give that number a try.

to confirm, my token begins with the characters "pv_" and followed by 32 hexadecimal digits.  I've tried base64 encoding the entire string of 35 characters as well as just the 32 hexadecimal digits.  Both yield the same error "The client application is not approved"

I also shortened up my curl command (got rid of my extra headers and the "GET" keyword) with both 32 and 35 character values, and still get the same error.

Can you confirm how long an API key should be, and whether it should include the "pv_" at the beginning or just consist of the hexadecimal digits?
(Edited)
Photo of Saravanan Kannan

Saravanan Kannan, Software Engineer

  • 121 Posts
  • 15 Reply Likes
Yes, it should include the "pv_" and in total it should be 35 characters long. I am guessing something might be wrong in the way token is encoded. May be there is an extra space or some other new line characters might cause this error. Could you please check on that?

Thanks
Saravanan
Photo of DeltaBravoKS

DeltaBravoKS

  • 24 Posts
  • 1 Reply Like
Saravanan,

Yes, it appears to be encoded correctly.  I used two different software platforms to perform the Base64 encoding, and it comes out identical both times.  I can reverse it back from Base64 and it matches the original string perfectly.

It is interesting that you don't see any logs that indicate my access.  Of course, if it is like most logs, nothing happens until AFTER authentication.

Looking back at my previous posts, here are my outstanding questions to this point:

1).  What does it take to actually get the API system to recognize me as a valid application?

2).  Is there documentation that clearly lines out the steps to check if an application is recognized?

3).  I am using documentation that is available on https://api.rightsignature.com/documentation/authentication  Is this even the correct documentation for what is running at the URL I am using in my post above?

4).  A new question.  Does the fact that I have an API key mean that the API key is known to your server as a valid key?  Does someone have to inform the server that my key is valid and accepted?
(Edited)
Photo of DeltaBravoKS

DeltaBravoKS

  • 24 Posts
  • 1 Reply Like
Good news!
I ran the base64 encode using a web browser, and I get a one character difference from what I was getting on RHEL7.  Interestingly, the result I get on RHEL7 decodes in the web browser to the exact same string as the key itself.

I am now able to access the API.

Questions 1, 2, and 4 are no longer applicable.  Can you speak to question #3?
Photo of Saravanan Kannan

Saravanan Kannan, Software Engineer

  • 121 Posts
  • 15 Reply Likes
Glad that you figured it out and got it working.

I am not sure I understand your question #3.

Yes, https://api.rightsignature.com/documentation/resources this is where information about RightSignature public apis are available.

In case if you want to fetch your documents, you would use https://api.rightsignature.com/documentation/resources/v1/documents/index.en.html

Equivalent curl command would be 

curl -H  "Authorization: Basic base_64_encoded_private_Api_token" https://api.rightsignature.com/public/v1/documents

Hope this helps.

Thanks
Saravanan
Photo of DeltaBravoKS

DeltaBravoKS

  • 24 Posts
  • 1 Reply Like
Saravanan,

Thank you for sticking with me on this.