Important Update: Archer Community Scheduled Maintenance on November 23–24 - New Community Launching Soon! Learn More..

This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Archer SaaS Rest Logon Endpoint responds invalid login despite correct credentials

armamje
Contributor

‎2024-07-29 01:57 PM

The logon REST endpoint, /api/core/security/login, is throwing the following response 

"ValidationMessages": [
{
"Reason": "Validation",
"Severity": 3,
"MessageKey": "ValidationMessageTemplates:LoginNotValid",
"Description": "LoginValidation:InvalidLogin",
"Location": -1,
"ErroredValue": null,
"Validator": "ArcherApi.Controllers.SecurityController, ArcherApi, Version=6.15.101.10016, Culture=neutral, PublicKeyToken=null",
"XmlData": null,
"ResourcedMessage": null
}]

 

but it responds with the response below when given an incorrect password or username:

"ValidationMessages": [
{
"Reason": "Validation",
"Severity": 3,
"MessageKey": "ValidationMessageTemplates:LoginNotValid",
"Description": "ValidationMessageTemplates:InvalidCredential",
"Location": -1,
"ErroredValue": null,
"Validator": "ArcherApi.Controllers.SecurityController, ArcherApi, Version=6.15.101.10016, Culture=neutral, PublicKeyToken=null",
"XmlData": null,
"ResourcedMessage": null
}]

 

 

The ValidationMessages.Description for both responses were different; the latter is an invalid credential, but the former doesn't seem to explain why it failed. Previously, I was able to retrieve a successful response alongside a session token from the /api/core/security/login endpoint. Coincidentally, we had Manual Login disabled via Instance Manager and started having this problem. Does the Manual Login have any involvement with this issue? We are using SSO, and we would prefer to not enable Manual Login, so what would be the other alternatives we could take to retrieve a session token ID?

0 Kudos
2 REPLIES 2

armamje
Contributor

‎2024-07-29 03:36 PM

We've figured out that Manual Login was the culprit. We had to enable it again to get the correct response from the endpoint. 

How then would we get the session token ID via API if we are to only have SSO and not include Manual Login? We had the Manual Login disabled thru Archer Instance Manager

0 Kudos

DavidPetty
Archer Employee
Archer Employee
In response to armamje

‎2024-07-29 04:12 PM

Use the web services API instead, CreateUserSessionFromInstance (archerirm.cloud) and you can leave manual login disabled.

 Advisory Consultant

0 Kudos