REST2 Api issue on RT5.0.1

Hi, I’m running 5.0.1, and want to get started on using the API. I wanted to install the RT::Extension::REST2 plugin, but got the message it’s already cored in RT5. Cool!

As the root user I create a token, and I want to test a simple request. But whatever I do, I get 401’s. Can’t find anything in any logs. Do I need to enable the api or something??

curl -H ‘Authorization: token 1-14-15******bb’ https://requesttracker.domain.local/REST/2.0/queues/all -v

  • Connected to requesttracker.domain.local ( port 443 (#0)
  • ALPN, offering h2
  • ALPN, offering http/1.1
  • successfully set certificate verify locations:
  • CAfile: /etc/ssl/certs/ca-certificates.crt
    CApath: /etc/ssl/certs
  • TLSv1.3 (OUT), TLS handshake, Client hello (1):
  • TLSv1.3 (IN), TLS handshake, Server hello (2):
  • TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
  • TLSv1.3 (IN), TLS handshake, Certificate (11):
  • TLSv1.3 (IN), TLS handshake, CERT verify (15):
  • TLSv1.3 (IN), TLS handshake, Finished (20):
  • TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
  • TLSv1.3 (OUT), TLS handshake, Finished (20):
  • SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
  • ALPN, server accepted to use http/1.1
  • Server certificate:
  • subject: O=Company; OU=ICT; CN=requesttracker.domain.local
  • start date: Mar 22 13:13:05 2021 GMT
  • expire date: Mar 22 13:13:05 2023 GMT
  • subjectAltName: host “requesttracker.domain.local” matched cert’s “requesttracker.domain.local”
  • issuer: DC=local; ****** Issuing Certificate Authority
  • SSL certificate verify ok.

GET /REST/2.0/queues/all HTTP/1.1
Host: requesttracker.domain.local
User-Agent: curl/7.68.0
Accept: /
Authorization: token 1-14-15******bb

  • TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
  • TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
  • old SSL session ID is stale, removing
  • Mark bundle as not supporting multiuse
    < HTTP/1.1 401 Unauthorized
    < Date: Sun, 02 May 2021 16:36:23 GMT
    < Server: Apache
    < Content-Length: 26
    < Content-Type: application/json; charset=utf-8

Ha, why is it that every time you post something, you find the solution within 5 minutes?

I missed the SetEnvIf Authorization line in apache :wink:

All works now!