Artificial Intelligence and Machine Learning Discussions
Engage in AI and ML discussions. Collaborate on innovative solutions, explore SAP's AI innovations, and discuss use cases, challenges, and future possibilities.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Postman to AI Core Access Denied

Go to solution
robert_schmidt01
Advisor
Advisor

‎02-08-2024 7:53 PM

0 Kudos

I have set up the ai-sap-sdk several times and each time, my application fails to communicate with the API.
I have my service key, which is shown below.

Now, I am simply trying to use Postman, and I am still failing with Access Denied errors.

Is anyone aware of any tips that  I need to know to make this work properly? If I can create the core and open launchpad, and assign the core the service key information from BTP Cockpit, then I should be able to use the sdk? Is there some kind of enable switch or authorization that I may need to complete the setup so I can access the sdk?

Postman Post: {{apiurl}}/v2/admin/resourceGroups
Body:

{
    "resourceGroupId": "rds-ai-core-training-rg"
}
 
Response:
RBAC: access denied

 

Thank you for your time. It is very much appreciated.

Regards,
Robert Schmidt


{
"serviceurls": {
"AI_API_URL": "https://api.ai.prod.eu-central-1.aws.ml.hana.ondemand.com"
},
"appname": "ecdce321-7ace-44ad-9d4c-8826682d79db!b148595|aicore!b540",
"clientid": "sb----40",
"clientsecret": "cb---KA=",
"identityzone": "hackxperience-analytics-insight",
"identityzoneid": "6b39d-----f9a",
"url": "https://hackxperience-xxx.hana.ondemand.com"
}

1 ACCEPTED SOLUTION

Go to solution
robert_schmidt01
Advisor
Advisor
In response to AndreasForster

‎02-09-2024 5:26 PM

0 Kudos

Wow. Thank you so very much. It works great.
However, I had to add a line of code (ai_api_url = config['serviceurls']['AI_API_URL']), which I will show below for others trying to do the same.

Thank you for your time. It is very much appreciated.

import json
import requests

service_key_location = r"C:\Users\I840539\testjson\AICoreServiceKey.json"
file_read = open(service_key_location, "r")
config = json.loads(file_read.read())
uua_url = config['url']
clientid = config["clientid"]
clientsecret = config["clientsecret"]

# Accessing ai_api_url from the JSON configuration
ai_api_url = config['serviceurls']['AI_API_URL']

params = {"grant_type": "client_credentials" }
resp = requests.post(f"{uua_url}/oauth/token",
                     auth=(clientid, clientsecret),
                     params=params)
token = resp.json()["access_token"]

url = ai_api_url + '/v2/admin/resourceGroups'
payload = json.dumps({
    "resourceGroupId": "createdthroughapi"
})
headers = {'Content-Type' : 'application/json',
           'Authorization': f'Bearer {token}'}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)

View solution in original post

4 REPLIES 4

Go to solution
AndreasForster
Product and Topic Expert
Product and Topic Expert

‎02-09-2024 7:55 AM

Hi @robert_schmidt01 , You might be missing the authentication?
Here is a rough piece of code that works for me with a Bearer token

import requests
import json
service_key_location = "AICoreServiceKey.json"
file_read = open(service_key_location, "r") 
config = json.loads(file_read.read())
uua_url = config['url']
clientid = config["clientid"]
clientsecret = config["clientsecret"]

params = {"grant_type": "client_credentials" }
resp = requests.post(f"{uua_url}/oauth/token",
                     auth=(clientid, clientsecret),
                     params=params)
token = resp.json()["access_token"]

url = ai_api_url + '/v2/admin/resourceGroups'
payload = json.dumps({
    "resourceGroupId": "createdthroughapi"
})
headers = {'Content-Type' : 'application/json',
           'Authorization': f'Bearer {token}'}
response = requests.request("POST", url, headers=headers, data=payload)
response.text

 

Go to solution
robert_schmidt01
Advisor
Advisor
In response to AndreasForster

‎02-09-2024 2:32 PM

0 Kudos

Hi Andreas,

Thank you for the code. I will try it soon and reply if it works for me. I have included (attempted) in python, postman, and curl. Many of the times the API says that the token has invalid characters, or just denies access. So, I am excited to see if this code will work for me.

Go to solution
robert_schmidt01
Advisor
Advisor
In response to AndreasForster

‎02-09-2024 5:26 PM

0 Kudos

Wow. Thank you so very much. It works great.
However, I had to add a line of code (ai_api_url = config['serviceurls']['AI_API_URL']), which I will show below for others trying to do the same.

Thank you for your time. It is very much appreciated.

import json
import requests

service_key_location = r"C:\Users\I840539\testjson\AICoreServiceKey.json"
file_read = open(service_key_location, "r")
config = json.loads(file_read.read())
uua_url = config['url']
clientid = config["clientid"]
clientsecret = config["clientsecret"]

# Accessing ai_api_url from the JSON configuration
ai_api_url = config['serviceurls']['AI_API_URL']

params = {"grant_type": "client_credentials" }
resp = requests.post(f"{uua_url}/oauth/token",
                     auth=(clientid, clientsecret),
                     params=params)
token = resp.json()["access_token"]

url = ai_api_url + '/v2/admin/resourceGroups'
payload = json.dumps({
    "resourceGroupId": "createdthroughapi"
})
headers = {'Content-Type' : 'application/json',
           'Authorization': f'Bearer {token}'}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)

Go to solution
robert_schmidt01
Advisor
Advisor

‎02-09-2024 5:27 PM

0 Kudos

Thanks to AndreasForster! :0)