cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - You can Bookmark boards, posts or articles that you'd like to access again easily! X

Create a thing using REST API but receive unauthorized error

XD_9803862
3-Visitor

Create a thing using REST API but receive unauthorized error

Hi guys,

 

Our company deployed a Thingworx platform, and provided with some dev accounts,

but when I tested using REST API to create a new thing, I received unauthorized error.

I could create a thing using browser GUI.

 

Here is request

http://171.244.133.226:8080/Thingworx/Resources/EntityServices/Services/CreateThing?appKey=0e065a1a-4a01-411c-9dcc-9cd457a666a2&name=thingvht1&thingTemplateName=GenericThing

 

Any help is highly appreciated ?

1 ACCEPTED SOLUTION

Accepted Solutions

Just a few things to check

1) you are sending app key in the URL itself, if you want to follow this practice check your platform subsystem under subsystem in Thingworx. Subsystem->PlatformSubsystem->click on configuration tab there you can see "allow app key as URL parameter" . You need to enable this.

2) As a best practice you should send this app key in header of your REST call instead of in URL. If you send this in your header and pass the required inputs in body of rest call you don't need to enable the 1st option.

3) make sure the user associated with the app key must have permission to create things in the platform, otherwise you will always get unauthorized 

View solution in original post

1 REPLY 1

Just a few things to check

1) you are sending app key in the URL itself, if you want to follow this practice check your platform subsystem under subsystem in Thingworx. Subsystem->PlatformSubsystem->click on configuration tab there you can see "allow app key as URL parameter" . You need to enable this.

2) As a best practice you should send this app key in header of your REST call instead of in URL. If you send this in your header and pass the required inputs in body of rest call you don't need to enable the 1st option.

3) make sure the user associated with the app key must have permission to create things in the platform, otherwise you will always get unauthorized 

Top Tags