Error 403 {'module_name":common-services","error_message": The credentials were incorrect or the account specified has been locked.","error_code:403} when executing API calls via cURL
Article ID: 435218
Updated On:
Products
Issue/Introduction
Execution of an API call fails with a 403 error indicating invalid credentials or a locked account, despite the credentials being confirmed as correct (e.g., successful login via the Web UI).
Command executed:
curl -k -u "admin:@password" GET "https://localhost/api/v1/firewall/profiles?resource_type=FirewallSessionTimerProfile"
Output received:
{
"module_name": "common-services",
"error_message": "The credentials were incorrect or the account specified has been locked.",
"error_code": 403
}
Environment
VMware NSX
Cause
The error occurs because the password contains a special character (such as @) and is being passed directly inline within the curl command (-u "admin:@password"). When special characters are included in the command line, the shell or curl can misinterpret the password string. This causes the credentials passed to the server to be incorrect, leading to an authentication failure, even though the actual password is valid.
Resolution
To resolve this issue and prevent parsing errors with special characters, remove the password from the curl command syntax and allow the command line interface to prompt for it interactively.
Steps to resolve:
Modify your
curlcommand to only include the username in the-uparameter:Bashcurl -k -u "admin" -H "Content-Type: application/json" -X POST https://localhost/api/v1/service-configs -d @helloworld2.jsonExecute the command.
The command line interface will pause and securely prompt you to enter the password:
PlaintextEnter host password for user 'admin':Type your password (including any special characters) and press Enter. The API call will now authenticate and execute successfully.
Feedback
