Issue with login to new RO account using v2 auth

andy.sciascia

I'm having an issue logging into my new RTO service account using v2 authentication and my Refinitiv representative asked me to post a question here.

If this is the wrong forum for this question, could you direct me to where I should inquire ?

I'm trying to connect using a Eta C consumer application.

Ad s a sanity test, I've also tried loggin in with the RTSDK WL consumer example application.

With the WL consumer example I use these options

./WatchlistConsumer -clientId <my client id> -clientSecret <my secret> -h eu-west-1-aws-3-sm.optimized-pricing-api.refinitiv.net -p 14002 -s ELEKTRON_DD -c encrypted -x

and I get this message

<!-- End Message (Channel IPC descriptor = 7) -->
<!-- Incoming Message (Channel IPC descriptor = 7) -->
<!-- Time: 17:32:57:147 -->
<!-- rwfMajorVer="14" rwfMinorVer="1" -->
<statusMsg domainType="RSSL_DMT_LOGIN" streamId="1" containerType="RSSL_DT_NO_DATA" flags="0x28 (RSSL_STMF_HAS_MSG_KEY|RSSL_STMF_HAS_STATE)" dataState="RSSL_DATA_SUSPECT" streamState="RSSL_STREAM_CLOSED" code="RSSL_SC_DACS_USER_ACCESS_TO_APP_DENIED" text="Authentication failed (1026, Request for token validation failed:Authentication server returned response code:400)." dataSize="0">
<key flags="0x6 (RSSL_MKF_HAS_NAME|RSSL_MKF_HAS_NAME_TYPE)" name="dev" nameType="1"/>
<dataBody>
</dataBody>

</statusMsg>

<!-- End Message (Channel IPC descriptor = 7) -->

Domain: RSSL_DMT_LOGIN

Stream: 1 Msg Class: RDM_LG_MT_STATUS

State: Closed/Suspect/Application is denied access to system - text: "Authentication failed (1026, Request for token validation failed:Authentication server returned response code:400)."

UserName: dev

wasin.w

Hello @andy.sciascia

The "Authentication failed (1026, Request for token validation failed:Authentication server returned response code:400)." error message indicates there is the authentication issue with the RDP service (RTO uses the RDP Authentication service).

I can run the WatchlistConsumer example connects to RTO with the following command:

-clientId <client_id> -clientSecret <client_secret> -sessionMgnt -c encrypted -ec socket -s ELEKTRON_DD -mp THB= -h <RTO endpoint> -p 14002 -restEnableLog -restLogFileName restlog.txt

Note: I am connecting to ap-northeast-1-aws-1-sm.optimized-pricing-api.refinitiv.net endpoint.

Result:

Can you retry with the parameters like me above?

If the problem persists, please enable the rest log file and share the rest log when then problem occurs.

• Do not forget to remove your credentials from the file before posting!)

The log file will be available on the application folder as follows:

Example log:

REST log redirected to file. 


--- REST REQUEST ---


<!-- Time: 15:11:11:185 -->
URL: https://api.refinitiv.com/auth/oauth2/v2/token
HTTP method: POST
HTTP header data:
 Content-Type : application/x-www-form-urlencoded
 User-Agent : RTSDK
HTTP body data: grant_type=client_credentials&scope=trapi.streaming.pricing.read&client_id={clientid}
Request timeout: 90

--- REST RESPONSE ---

<!-- Time: 15:11:11:959 -->
HTTP header data:
 Date :  Thu, 07 Dec 2023 08:11:07 GMT
 Content-Type :  application/json
 Content-Length :  90
 Connection :  keep-alive
 X-Amzn-Trace-Id :  Root=1-65717e1a-0a18df025a8cfa33198c3526
 X-Served-By :  region=ap-southeast-1; cid=79337fc004204a0a96fb0451d04855e6
 X-Tr-Requestid :  c942bcf3-2c41-46f5-9319-48c4655452e0
HTTP body data: { "expires_in":7199, "token_type":"Bearer", "access_token":"XXXXX"}
Protocol version: HTTP/1.1
HTTP status code: 200

Alternatively, you may verify your RTO version 2 account credentials from the following cURL command:

curl  -X POST \
  'https://api.refinitiv.com:443/auth/oauth2/v2/token' \
  --header 'Accept: */*' \
  --header 'Authorization: Bearer ' \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data-urlencode 'client_secret={client secret}' \
  --data-urlencode 'client_id={client id}' \
  --data-urlencode 'grant_type=client_credentials' \
  --data-urlencode 'scope=trapi'

andy.sciascia

Hi. The login is working today.

State: Open/Ok/None - text: "Login accepted by host ads-fanout-sm-az2-euw1-prd."

It worked with my app unchanged - so I think that something got enabled overnight.

With the Watchlist app I had to specify -sessionMgnt for it to work.

I'm having an issue accessing data now but my Refinitiv account contact is looking into that. It may be timing as well. The license has just changed from pending to assigned but I may have to wait a bit longer to access data.

andy.sciascia

I'm happy for this issue to be closed. There was no code issue - just a setup that wasn't complete and an extra option I needed for the test tool.