0

I'm trying to use a certain company's (not yet public) API. In their documentation they lay out the format of the Token request. Here's a copy of the documentation for a Token request:

POST
https://***.****.com/auth/realms/****/protocol/openid-connec
t/token
Headers:
    Content-Type: application/x-www-form-urlencoded
    Authorization: Basic {base64-encoded-key-and-secret}
Body: grant_type:client_credentials

The authorization key was given to me by them and is of the form 'Basic a3RhdmlfdG...' I'm trying to write a Post request in python and I'm having issues and I'm not sure if it's my fault or their developers fault. Here's my code:

url = 'https://***.****.com/auth/realms/****/protocol/openid-connect/token'
headers = {'Content-Type':'application/x-www-urlencoded', 'Authorization':'Basic a3RhdmlfdG...'}
body = {'grant_type':'client_credentials'}
response = requests.post(url = url, data = json.dumps(body), headers = headers)
print response

At the line where response = ...I'm getting an SSL: CERTIFICATE_VERIFY_FAILED error. I've also tried changing the values in the headers to random values and I get the same error. I can think of three possibilities, either

  1. I'm making the Post request incorrectly

  2. There is a problem with the API

  3. I'm missing a certificate which I have to send with the Post request

    Is it one of these issues or is it something else?

Community
  • 1
  • 1
David
  • 1,398
  • 1
  • 14
  • 20

1 Answers1

2

They are probably using a self signed cert. You can bypass the verify check by adding 'verify=False'. I would remove that before going to production. It is important that SSL certs are valid. 

response = requests.post(url = url, data = json.dumps(body), headers = headers, veryify=False)
SharpSol
  • 46
  • 4
  • "Bad Request", the API doesn't like something you are sending. http://stackoverflow.com/questions/19671317/400-bad-request-http-error-code-meaning – SharpSol May 04 '17 at 01:49