Cancel
Showing results for 
Search instead for 
Did you mean: 

Failed to perform POST on TokenExchange! Reason: 403 null.

Creator
Creator

Dear Forum,

I am trying to perform a front end API call.

I use an AJAX call with this content and structure:

 $.ajax({
        url: '/api/assetmanagement/v3/assets/',
        type: 'GET',
        data: '',
        success: function(data) {
            alert(data);
        },
        error: function(e) {
        },
        xhrFields: {
            withCredentials: true
        },
        headers: {
            'x-xsrf-token': getCookieValue('XSRF-TOKEN'),
            'Accept': 'application/json',
            'Content-Type': 'application/json'
        }
    });

 

I succesfully read the XSRF-TOKEN from the cookie and set it as a header.

I am not setting the ORIGIN header as it is blocked in CORS context by the browser.

 

The request headers are here:

Accept-Encoding
gzip, deflate, br
Accept-Language
en-US,en;q=0.5
Cache-Control
max-age=0
Connection
keep-alive
Content-Type
application/json
Cookie
ste_vi=vi%3Af4197e881243763986…s_cc=true; s_sq=%5B%5BB%5D%5D
DNT
1
Host
tenantName-appname-tenantName.eu1.mindsphere.io
Referer
TE
Trailers
User-Agent
Mozilla/5.0 (Windows NT 10.0; …) Gecko/20100101 Firefox/64.0
X-Requested-With
XMLHttpRequest
x-xsrf-token
f830ad69-a330-418b-bada-541bf0828e56

 

 

 

The result of my API call is:

 

[{"logref":"6a629644992146928e4ed6865ab43725","message":"MindSphere Gateway error: Failed to perform POST on TokenExchange! Reason: 403 null. The client secret of the application is not valid. Please contact with the support team to fix the issue.","stackTrace":""}]

 

Has someone already stumbled upon this issue?

Please help

11 REPLIES 11

Re: Failed to perform POST on TokenExchange! Reason: 403 null.

Creator
Creator

Hi,

Thanks for the support:

 

Link1:

class MyPage extends Component {

    constructor(props) {

        super(props);

        this.state = {

            config: {credentials: 'include', headers: {

                "Content-Type": "application/hal+json",

                "Accept": "application/hal+json",

                "x-xsrf-token": getCookie('XSRF-TOKEN'),

                "origin": `${window.location.protocol}//${window.location.host}`

            }}

        };

    }

 

 

These are exactly the headers that I am setting in my AJAX call.

1 remark – since CORS policy kicked in – we are all NOT ABLE TO SET THE ORIGIN HEADER – so this is the only header that I am not setting because my browser (all of them blocks it).

 

Link2:

This was the source where I found how to set the X-XSRF-TOKEN header – so I am familiar with it 😊

 

Link 3:

Accept: application/hal+json

Is one of the headers that I have set for the AJAX call.

 

 

My code is below:

   function getCookieValue(a) {

        var b = document.cookie.match('(^|Smiley Wink\\s*' + a + '\\s*=\\s*([^;]+)');

        return b ? b.pop() : '';

    }

 

    $.ajax({

        url: '/api/assetmanagement/v3/assets',

        type: 'GET',

        data: '',

        success: function(data) {

            alert(data);

        },

        error: function(e) {

        },

        xhrFields: {

            withCredentials: true

        },

        headers: {

            'x-xsrf-token': getCookieValue('XSRF-TOKEN'),

            'Accept': 'application/hal+json',

            'Content-Type': 'application/hal+json'

        }

    });

 

 

 

 

I have to say that this subject is slowly getting frustrating 😊

 

Support Desk reached out to me and they asked me to do EXACTLY the same steps as the previous level of support.

  • Try to remove all the headers
  • Try to add them one by one
  • Can you please try to call the GET without AJAX

Now the developers say that they are not able to reproduce the issue, but the previous level of support could ….

Re: Failed to perform POST on TokenExchange! Reason: 403 null.

Siemens Genius Siemens Genius
Siemens Genius

Did you check that your application has the roles and scopes necessary for performing the operations you are trying to perform?

Re: Failed to perform POST on TokenExchange! Reason: 403 null.

Creator
Creator

In a very desperate move i unlocked everything within CSP (added * to every single allowed origin) and my user has admin roles assigned to the application.....

Re: Failed to perform POST on TokenExchange! Reason: 403 null.

Creator
Creator

Here is a screenshot that displays all the roles and scopes assigned to the app.

 

 

Capture.PNG

 

Re: Failed to perform POST on TokenExchange! Reason: 403 null.

Legend
Legend
Dumb questions from my side trying to find a solution for your issue, in principle what you're showing should be ok:

- How are you authenticating your user in mindsphere? siemens id, webkey, ...?
- Can you actually reach via the browser your web app hosted in MindSphere? Even if the MindSphere API calls do not work, you should be able to reach the rest of the web page
- Have you tried any other API call, like e.g. queries to tenant management or time series?
- Does the mindsphere OS bar work in your web app? It also performs some MindSphere API calls from the frontend

Re: Failed to perform POST on TokenExchange! Reason: 403 null.

Creator
Creator

Hi,

There are no stupid questions Smiley Happy There are only stupid people that don't ask questions which leads to problems Smiley Happy

 

1) Currently i only use the WebKey to login to Mindsphere UI. From there i just access my application as within my application i am not using any authentication

2) All the rest of the application is accessible and working like a charm. In my layout currently i only have 1 controller under "Home" and a couple of pages under it. Of course all the endpoints like /**, /home/**, /js/** etc are added.

3) I can succesfully call all other API from the backend. In my current solution - since the front end APIs do not work for me, i wrote a middleware which useses the backend APIs and exposes the data to the front end via WebSockets for real time data exchange.

4) I temporarly added the Mindsphere OS bar, i got no errors in the javascript console while loading it. However since my current CSS was covering that bar with my own menu - for now i am not using the Mindsphere OS bar.

 

Piotr

Re: Failed to perform POST on TokenExchange! Reason: 403 null.

Creator
Creator

Hi All,

I am very happy to report that the problem is solved.

I CAN NOT however give you the solution because i don't know what is it Smiley Happy

Today, when i opened the application (without changing a SINGLE line of code) it just works.

The API call goes through and i am able to get the JSON objects through fron end APIs.

 

Since i am not aware what healed it - i will wait for the official answer from the Mindsphere support.

Once i have this - i will post it here for future references.

 

I would like to thank you all for your support !

... and i guess it is time to start believing in Christmass miracles since without a single change all is working Smiley Happy

Re: Failed to perform POST on TokenExchange! Reason: 403 null.

Legend
Legend
Great to hear it's solved. I'm actually now quite interested in knowing what the issue actually was :-)