8

After following the install guide and unzipping the webservice.zip, copying the JDBC driver and config XMLs, when I try and access in a browser I see:

{"error":"invalid_grant"}

A bit of digging suggests this is something to do with OAuth. Any ideas?

Neil
  • 551
  • 3
  • 10

2 Answers2

7

By default the OAuth security is enabled for the web services requests. You need to disable the security in cd_ambient_conf.xml file by commenting out the Security xml node section.

<!--
    <Security>
<RequestValidator>com.tridion.webservices.security.validator.OAuth2RequestValidator</RequestValidator>
    <SharedSecret>sample_passphrase</SharedSecret>
    </Security>
-->
Ram G
  • 231
  • 1
  • 2
  • 1
    Alternatively, you could leave the security in place and actually pass a token in your requests. That seems wiser to me. – Peter Kjaer Jan 24 '13 at 09:00
  • Thanks Peter - right now we just wanted to get it working. I can see from the docs a whole section about implementing authentication for the Content Delivery Web service or a Web site where this setting and the Accounts ones are utilised. – Neil Jan 24 '13 at 09:08
4

That suggests that the request was made with an invalid token (or perhaps no token at all?).

Peter Kjaer
  • 211
  • 1
  • 3
  • Indeed - but why would this be occurring in a fresh install? I notice there's an "Account" node in the webservice conf - does this have to be set to an existing Tridion user? – Neil Jan 23 '13 at 15:46
  • Well did you pass a token in the URL? If not, you know the answer :) If you did, it was apparently no longer valid. – Peter Kjaer Jan 24 '13 at 08:57