TM1 Forum

Discussing all things TM1, Planning Analytics, PAx and PAW
https://www.tm1forum.com/

TM1 REST API and Mode 5 Security / CAM

https://www.tm1forum.com/viewtopic.php?t=16073

Page 1 of 1

TM1 REST API and Mode 5 Security / CAM

Posted: Tue Dec 07, 2021 9:46 am
by marko_p
Hi everyone,
did someone tried to authenticate using integrated mode 5, with CAM?
Any help with some more detailed steps than on IBM pages would be really helpful.
I tried combinations with encoding my username, password and namespace, but all returned 401 unauthorized. Also if someone was trying with CAM passport, any help is welcome. I am using Postman and I tried to follow CAMuri and send CAM Passport that I see in cookies after logging in, but that didn't help either :(
Thanks.

Re: TM1 REST API and Mode 5 Security / CAM

Posted: Tue Dec 07, 2021 3:44 pm
by ascheevel
Are you including "CAMNamespace" in your authorization header as a prefix to your username:password:namespace?

per IBM, your authorization header should look as follows:
CAMNamespace base64(<username>:<password>:<namespace>)
or if you've already converted your <username>:<password>:<namespace> to base64, just drop the base64() from the header:
CAMNamespace <base64 encoded username:password:namespace>

You can use a passport in your authorization header as well, but you'd need to get the passport first by authenticating against the ClientCamURI gateway. When sending the passport, the authorization headers should look like this: CAMPassport <cam_passport>

Just throwing out there that TM1py already supports what you're trying to do, but realize there may be reasons why you're not planning to use a TM1py solution.

link for anyone stumbling here and wanting to see IBM documentation on authenticating sessions:
https://www.ibm.com/docs/en/planning-an ... g-sessions

Re: TM1 REST API and Mode 5 Security / CAM

Posted: Fri Dec 10, 2021 9:55 am
by marko_p
Hi,
thanks a lot on your quick response.

I am using Postman, so my header key is CAMNamespace and value is base64 encoded username:password:namespace, so I guess it is not a problem.

For passport, I put ClientCamURI in my browser and then login window pops up, after logging in I found CAMPassport in Cookies, but when I try to use them in Postman for authentication and I still get 401 Unauthorized.

I also tried TM1py, but no results.

Maybe I am missing something in setup. Do you know where can I check what exact credentials should be passed as username:password:namespace? Or if you could share what are exact steps for CAMPassport way if I am doing it wrong?

Thanks a lot.

Re: TM1 REST API and Mode 5 Security / CAM

Posted: Fri Dec 10, 2021 2:33 pm
by ascheevel
marko_p wrote: Fri Dec 10, 2021 9:55 am I am using Postman, so my header key is CAMNamespace and value is base64 encoded username:password:namespace, so I guess it is not a problem.
Your header key should be "Authorization" and the value should be "CAMNamespace <base64 encoded username:password:namespace>"

Re: TM1 REST API and Mode 5 Security / CAM

Posted: Sat Jan 22, 2022 7:40 am
by macsir
Just a check, did you have colon in your password section?
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited