Invalid credentials error when authenticating python pyral code with ApiKey
Article ID: 57609
Updated On: 11-06-2023
Products
Issue/Introduction
Issue
This article is specific to CA Agile Central API Toolkit for Python, known as pyral.
When using ApiKey authentication in pyral 1.1.1 code examples, specifically rallyfire.py that comes with pyral installation, Invalid credentials error is returned:
/Library/Python/2.7/site-packages/requests-2.7.0-py2.7.egg/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
Traceback (most recent call last):
File "rallyfire.py", line 66, in <module>
main(sys.argv[1:])
File "rallyfire.py", line 26, in main
rally = CA Agile Central(server, user, password, workspace=workspace, project=project)
File "/Users/my-python/pyral-1.1.1/pyral/restapi.py", line 228, in __init__
self.contextHelper.check(self.server)
File "/Users/my-python/pyral-1.1.1/pyral/context.py", line 181, in check
raise RallyRESTAPIError("Invalid credentials")
pyral.context.RallyRESTAPIError: Invalid credentials
The user is active, and ApiKey is valid. If config file uses USERNAME, PASSWORD, instead of APIKEY, it works as expected. Here is an example of a config file that causes the error when basic authentication is commented out:
SERVER = rally1.rallydev.com #USER = <User>@<example.com>
#PASSWORD = <Password> APIKEY = <API Key - include the underscore before the key>
WORKSPACE = <Workspace Name> PROJECT = <Project Name>
Cause
Cause
rallyfire.py example is unfortunately outdated - it predates support for ApiKey.
Resolution
Resolution
The article assumes that the latest version of pyral 1.1.1 is used.
The following modification in the code will allow rallyfire.py to authenticate successfully with a valid ApiKey.
if apikey:
rally = CA Agile Central(server, apikey=<API Key - include the underscore before the key>, workspace=<Workspace>, project=<Project>)
else:
rally = CA Agile Central(server, user=<Username>, password=<Password>, workspace=<Workspace>, project=<Project>)
Modified version of the file is attached.
A more complex example that prints all workspaces and projects available to the logged in user, periscope.py is available in the examples sub-directory in pyral directory. This file uses the same if/else statement.
NOTE1: pyral supports both basic authentication (username/password) and ApiKey. However, if pyral is used in SSO environment, basic authentication will not work unless
- the user's subscription allows white-listing and the user is on the SSO exceptions list, or
- the subscription allows hybrid authentication (SSO or CA AC/Rally)
Pyral does not have support for SSO authentication. In SSO environment WS API requests can to be authenticated with ApiKey. A user does not have to be on the SSO exceptions list in order to use ApiKey.
NOTE 2: This article is specific to pyral.
If you are connecting to CA Agile Central WS API directly from your python code and bypassing the toolkit, you may still authenticate with ApiKey. Generate the API Key in CA Agile Central Application Manager and authenticate your requests by setting zsessionid header of the request to ApiKey, similar to how it is done with curl or a browser Rest client.
Attachments
Feedback
