API Key Creation Error

Imported Google Group message. Original thread at: Redirecting to Google Groups Import Date: 2016-01-19 21:11:55 +0000.
Sender:Jayadatta Vallabhaneni.
Date:Thursday, 7 May 2015 22:03:15 UTC+1.

Hi Martin,

I have deployed the latest dashboard and getting the below error while approving the key request in dashboard. These requests were created from the portal by the user. API has Auth Token as the authentication mode. Could you please let me know if there is anything missing?

Error in UI:

Could to generate the API key

Error from the log:

time=“2015-05-07T21:01:47Z” level=error msg=“API Request failed!”
404 page not found

time=“2015-05-07T21:01:47Z” level=error msg=“20 ”
time=“2015-05-07T21:01:47Z” level=warning msg=“Failed create”
time=“2015-05-07T21:01:47Z” level=error msg=“Key creation failed!”
time=“2015-05-07T21:01:47Z” level=error msg=“Failed to generate the key: Failed to generate key”
[15 ms] 500 ‘/api/portal/requests/approve/554bce0b5ceee9000d000001’

Thanks,
~Jay

Imported Google Group message.
Sender:Martin Buhr.
Date:Thursday, 7 May 2015 23:26:51 UTC+1.

Hi Jay,

Ok, so I traced those error messages in the source, and they stem from the Tyk REST API wrapper, and basically the API request from the dashbaord (portal) to the Tyk Gateway is failing and returning a 404 (which explains why there’s no output from the gateway when you run the approval), if the tyk_gateway isn’t outputting any errors (it says it’s a 404, which means it’s replying but a component of the API request may be missing.

Can you try just manually creating a key? The way to make sure this works is to:

  1. Create a key (make sure it doesn’t expire) using the regular Key Details screen
  2. Try to view the key in the portal (it should appear in the list / be able to be searched for if keys are hashed)

If you get an error then there’s a problem, Tyk Dashbaord can’t see or speak to the Tyk Gateway.

I would check this first, since the portal and dashboard only interacts with the gateway when it needs to deal with keys. It could simply be the fact that one container can;t see the other (it’s also tough to test, because they don;t actively communicate until a key function is required).

Thanks,
Martin

  • show quoted text -

Imported Google Group message.
Sender:Jayadatta Vallabhaneni.
Date:Thursday, 7 May 2015 22:09:24 UTC+1.

Hi Jay,

Does the policy associated with the API have access rules? As in, does it explicitly give access to the API and version under the ‘access rules’ section of the policy.

There’s a configuration in the gateway that by default disallows ‘master keys’, these are keys with no access rules defined, this would equally appeal to policies.

The gateway generates keys, what is the log output of the gateway?

Cheers,
Martin

Imported Google Group message.
Sender:Martin Buhr.
Date:Thursday, 7 May 2015 22:57:45 UTC+1.

Hi Martin,

Yes, the API has policy attached to it. Below are the step’s to reproduce this.

  1. Create the API with Auth Token as Authentication parameter.
  2. Create Policy (Add the API under Access Rights). Make it Active.
  3. Create Catalogue( Select the API and Policy). Make it Active.
  4. Log into portal and request for an API key.
  5. Click on the Approve button. (This is where the error is popping up on the UI and in the logs).

I don’t see any activity in the Gateway log when the Approve button is clicked.

Below is the log for each of these steps.

policy and catalog creation:
[7 ms] 200 ‘/api/versions/registered’
time=“2015-05-07T21:40:49Z” level=info msg=“Sending notification{PolicyChanged }”
[4 ms] 200 ‘/api/portal/policies’
[1898 μs] 200 ‘/api/portal/policies’
[1996 μs] 200 ‘/api/portal/policies/554bdbe15ceee9000d000004’
[2 ms] 200 ‘/api/versions/registered’
time=“2015-05-07T21:42:45Z” level=info msg=“Sending notification{PolicyChanged }”
[3 ms] 200 ‘/api/portal/policies/554bdbe15ceee9000d000004’
[2 ms] 200 ‘/api/portal/catalogue’
[2 ms] 200 ‘/api/apis’
[1921 μs] 200 ‘/api/portal/policies’
[1468 μs] 200 ‘/api/portal/catalogue’
[2 ms] 200 ‘/api/portal/catalogue’
[2 ms] 200 ‘/api/apis’
[2 ms] 200 ‘/api/portal/policies’
[2 ms] 200 ‘/api/portal/catalogue’

Key Request:

time=“2015-05-07T21:45:00Z” level=info msg=“Setting ORGID”
time=“2015-05-07T21:45:00Z” level=warning msg=“map[]”
[4 ms] 200 ‘/554ba3b97a492e0027000001/portal/member/apis/edc7562cb808460c4583965148bebec6/request’
time=“2015-05-07T21:45:02Z” level=info msg=“Setting ORGID”
time=“2015-05-07T21:45:02Z” level=warning msg=“map[]”
[3 ms] 200 ‘/554ba3b97a492e0027000001/portal/member/apis/edc7562cb808460c4583965148bebec6/request’

Error when clicked on Approve button:

[1951 μs] 200 ‘/api/portal/developers/554bc4537a492e0012000009’
time=“2015-05-07T21:46:00Z” level=error msg=“API Request failed!”
404 page not found
time=“2015-05-07T21:46:00Z” level=error msg="20 "
time=“2015-05-07T21:46:00Z” level=warning msg=“Failed create”
time=“2015-05-07T21:46:00Z” level=error msg=“Key creation failed!”
time=“2015-05-07T21:46:00Z” level=error msg=“Failed to generate the key: Failed to generate key”
[271 ms] 500 ‘/api/portal/requests/approve/554bdcde5ceee9000d000005’

Thanks,
~Jay

  • show quoted text -

Imported Google Group message.
Sender:Jayadatta Vallabhaneni.
Date:Thursday, 7 May 2015 23:26:51 UTC+1.

Hi Jay,

Ok, so I traced those error messages in the source, and they stem from the Tyk REST API wrapper, and basically the API request from the dashbaord (portal) to the Tyk Gateway is failing and returning a 404 (which explains why there’s no output from the gateway when you run the approval), if the tyk_gateway isn’t outputting any errors (it says it’s a 404, which means it’s replying but a component of the API request may be missing.

Can you try just manually creating a key? The way to make sure this works is to:

  1. Create a key (make sure it doesn’t expire) using the regular Key Details screen
  2. Try to view the key in the portal (it should appear in the list / be able to be searched for if keys are hashed)

If you get an error then there’s a problem, Tyk Dashbaord can’t see or speak to the Tyk Gateway.

I would check this first, since the portal and dashboard only interacts with the gateway when it needs to deal with keys. It could simply be the fact that one container can;t see the other (it’s also tough to test, because they don;t actively communicate until a key function is required).

Thanks,
Martin

  • show quoted text -

Imported Google Group message.
Sender:Martin Buhr.
Date:Friday, 8 May 2015 11:39:57 UTC+1.

Thanks Martin. That was a good hint.

I re-looked at the analytics config and there was an extra “/” at the end of TYK host name key value. Removing it and restarting the container solved the issue.

~Jay

  • show quoted text -