ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Error 400 returned on REST API authentication request

book

Article ID: 227053

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Trying to access the Symantec Endpoint Protection Manager (SEPM) API using a defined Administrator account returns a 400 error:

Error connecting to client with address https://<SEPM server>:8446/sepm/api and port 8446, reason: 400 client Error: for url: https://10.1.1.213:8446/sepm/api/v1/identity/authenticate: {'errorCode':'400', 'appErrorCode'L ",'errorMessage': 'URLDecoder: Illegal hex characters in escape (%) pattern}.

semapisrv_log.*.log:
2021-09-28 11:44:59,727 [https-openssl-apr-0.0.0.0-8446-exec-1] ERROR c.s.s.s.c.e.h.GlobalControllerExceptionHandler - EXCEPTION: URLDecoder: Illegal hex characters in escape (%) pattern - Error at index 0 in: "rd"

Or, the API may return {"errorCode": "400", "appErrorCode": "", "errorMessage": "URLDecoder: Incomplete trailing escape (%) pattern"}.

semapisrv_log.*.log:
2021-09-29 00:59:50,892 [https-openssl-apr-0.0.0.0-8446-exec-8] ERROR c.s.s.s.c.e.h.GlobalControllerExceptionHandler - EXCEPTION: URLDecoder: Incomplete trailing escape (%) pattern 

Cause

When the administrator password contains a % (percent sign) it will be interpreted as an escape character.

For example, "Passw0%rd" is truncated to "Passw0" and the %rd throws an error due invalid hex characters.

Similarly, "Passwo%5d" would become "Passwo" and the %5d would be treated as "]", and the error may not be thrown.

Finally, if the password ends in "%", like "Passw0rd%", an error is thrown.

Resolution

Change the administrator password used with the API so that it does not contain a "%", to avoid the issue.