Unauthorized <401> while accessing Dremio REST API

Greetings
I can successfully obtain login token and then any GET/POST v3 api call get’s unauthorised. Options work fine.

Dremio is deployed to Azure from the community helm chart.

OPTIONS
tXXX@XXXt:~$ curl -X OPTIONS http://x.x.x.x:9047/api/v3/catalog -H ‘Authorization: j75pfslpsqugffisrugukb9h2c’ -H ‘Content-Type: application/json’ -H ‘Cache-Control: no-cache’ -v

  • Trying x.x.x.x…
  • Connected to x.x.x.x (x.x.x.x) port 9047 (#0)

OPTIONS /api/v3/catalog HTTP/1.1
Host: x.x.x.x:9047
User-Agent: curl/7.47.0
Accept: /
Authorization: j75pfslpsqugffisrugukb9h2c
Content-Type: application/json
Cache-Control: no-cache

< HTTP/1.1 200 OK
< Date: Mon, 16 Mar 2020 20:41:58 GMT
< x-content-type-options: nosniff
< x-frame-options: SAMEORIGIN
< x-xss-protection: 1; mode=block
< Content-Type: application/vnd.sun.wadl+xml
< Allow: HEAD,POST,GET,OPTIONS
< Last-Modified: Mon, 16 Mar 2020 20:41:58 UTC
< Content-Length: 4409
< Server: Jetty(9.4.26.v20200117)
<
XML returns below

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

GET

tgXXX@tgXXXt:~$ curl -X GET http://x.x.x.x:9047/api/v3/catalog -H ‘Authorization: j75pfslpsqugffisrugukb9h2c’ -H ‘Content-Type: application/json’ -H ‘Cache-Control: no-cache’ -v
Note: Unnecessary use of -X or --request, GET is already inferred.

  • Trying x.x.x.x…
  • Connected to x.x.x.x (x.x.x.x) port 9047 (#0)

GET /api/v3/catalog HTTP/1.1
Host: x.x.x.x:9047
User-Agent: curl/7.47.0
Accept: /
Authorization: j75pfslpsqugffisrugukb9h2c
Content-Type: application/json
Cache-Control: no-cache

< HTTP/1.1 401 Unauthorized
< Date: Mon, 16 Mar 2020 20:46:40 GMT
< x-content-type-options: nosniff
< x-frame-options: SAMEORIGIN
< x-xss-protection: 1; mode=block
< Content-Length: 0
< Server: Jetty(9.4.26.v20200117)
<

  • Connection #0 to host x.x.x.x left intact

hello, the token is wrong alwas start with dremio_

_dremio{tokenstring} so your token will be _dremioj75pfslpsqugffisrugukb9h2c

refrence: Dremio

1 Like

Hi Dacopan, That did it…I thought I was doing it but maybe there was a typo or something…another day of head banging saved…Cheers :)!!!