cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Stay updated on what is happening on the PTC Community by subscribing to PTC Community Announcements. X

Create a thing using REST API but receive unauthorized error

Go to solution
XD_9803862
3-Visitor
3-Visitor
‎Feb 08, 2021 02:00 AM
‎Feb 08, 2021 02:00 AM

Create a thing using REST API but receive unauthorized error

Hi guys,

 

Our company deployed a Thingworx platform, and provided with some dev accounts,

but when I tested using REST API to create a new thing, I received unauthorized error.

I could create a thing using browser GUI.

 

Here is request

http://171.244.133.226:8080/Thingworx/Resources/EntityServices/Services/CreateThing?appKey=0e065a1a-4a01-411c-9dcc-9cd457a666a2&name=thingvht1&thingTemplateName=GenericThing

 

Any help is highly appreciated ?

Labels:
0 Kudos
Notify Moderator
1 ACCEPTED SOLUTION

Accepted Solutions
mnarang
17-Peridot
17-Peridot
(To:XD_9803862)
‎Feb 08, 2021 03:28 AM
‎Feb 08, 2021 03:28 AM

Just a few things to check

1) you are sending app key in the URL itself, if you want to follow this practice check your platform subsystem under subsystem in Thingworx. Subsystem->PlatformSubsystem->click on configuration tab there you can see "allow app key as URL parameter" . You need to enable this.

2) As a best practice you should send this app key in header of your REST call instead of in URL. If you send this in your header and pass the required inputs in body of rest call you don't need to enable the 1st option.

3) make sure the user associated with the app key must have permission to create things in the platform, otherwise you will always get unauthorized 

View solution in original post

Notify Moderator
1 REPLY 1
mnarang
17-Peridot
17-Peridot
(To:XD_9803862)
‎Feb 08, 2021 03:28 AM
‎Feb 08, 2021 03:28 AM

Just a few things to check

1) you are sending app key in the URL itself, if you want to follow this practice check your platform subsystem under subsystem in Thingworx. Subsystem->PlatformSubsystem->click on configuration tab there you can see "allow app key as URL parameter" . You need to enable this.

2) As a best practice you should send this app key in header of your REST call instead of in URL. If you send this in your header and pass the required inputs in body of rest call you don't need to enable the 1st option.

3) make sure the user associated with the app key must have permission to create things in the platform, otherwise you will always get unauthorized 

Notify Moderator
Top Tags