I've followed the documentation for generating a token, but am not able to get the password to validate.

I have verified that the user configured in Manage api users matches an active user account, and that the password matches the params posted to the api. I am able to step through the code, and see the apiuser record is retrieved via the email address.

However, on line 29 of the LoginValidator, the encrypted values do not match, resulting in a 400 response with the error "User not exists or password is wrong":

Grand.Web.Areas.Api.Validators.Common.LoginValidator line #29:
userapi.Password = "WVv3K2+inlyXrlVaJ6ML39iBqXfjNN/k"
encryptionService.EncryptText(password, userapi.PrivateKey) = "43OCLnIRcilrHsOHpOn4nw=="

I'm using Grand Node Version 4.4

appsettings:
"Api": {
    "Enabled": true,
    "SecretKey": "################",
    "ValidateIssuer": false,
    "ValidIssuer": "",
    "ValidateAudience": false,
    "ValidAudience": "",
    "ValidateLifetime": true,
    "ValidateIssuerSigningKey": true,
    "ExpiryInMinutes": 1440,
    //generate system model
    "SystemModel":  true
  }


response:
{
    "errors": {
        "": [
            "User not exists or password is wrong"
        ]
    },
    "title": "One or more validation errors occurred.",
    "status": 400,
    "traceId": "0HLLIML0JQ9OH:00000008"
}

Hi Nathan,

Sorry but I don't understand the context of that action. Is it possible to know the use case of this example? Password is impossible to encrypt, so if you forget it or if you want to interact somehow with it it's impossible. Web API user creation is working fine, because I tested it while ago. Did you check the docs page of Web API? Maybe docs will be useful for you.

My colleague informed me that the password I was sending in the request body first needed to be base-64 encoded using the utility found here: http://www.utilities-online.info/base64/#.XJvaoJhKiUl

After encoding my password, the request is now working as expected.

That's great. Information about that fact is available in the docs here: http://docs.grandnode.com/web-api. In the section How to generate Web API Token in GrandNode?. But I'm happy that works as expected.

I have the same issue.

URL: http://localhost:16593/Api/Token/Create
body:{
  "email": "admin@admin.com",
  "password": "YWRtaW4="
}

Response:
{
    "errors": {
        "": [
            "User not exists or password is wrong"
        ]
    },
    "type": "https://tools.ietf.org/html/rfc7231#section-6.5.1",
    "title": "One or more validation errors occurred.",
    "status": 400,
    "traceId": "00-dec8ec76f6e12140aac082d994a47e50-eb4207ec2077ae45-00"
}

I have created the above user in my manage user API

avi wrote:

In case of this error, there is no other option than that you entered different user, did not create the user in API Users in the admin panel, the user is inactive or you entered the wrong password. There is no other option as this error message is only related to it. The API works fine, we use it every day.

Hi Team,

Thanks for the prompt message.
Issue I had was that I have added base64 password while creating API User on UI and also in Postman API password.

Thanks,
Avi

Hi everybody,

For web api user in admin GrandNode, you must put encoded password or no encoded password please ? I get 405 Error Exception: Request failed for https://www.chezvous.re returned code 400. Truncated server response: {"errors":{"":["User not exists or password is wrong","Customer not exist"],"Email":["Email is required"],"Password":["Password is required"]},"typ... (use muteHttpExceptions option to examine full response)

Thanks