Thanks to David I have the API access working.

Note in the documentation: http://support.citrix.com/proddocs/topic/cpbm-21-map/cpbm-generatingsigntre-task.html
the final URL is incorrect - the Parameter string should not be lowercase it needs to be in the original case especially the ApiKey.

Now the API is accessible, I am hitting errors when trying to create a user and an account via the API as the root user.

1. Creating a User (as per doc) receive "handleInternalServiceException-User-root org.springframework.beans.NotReadablePropertyException: Invalid property 'user' of bean class" see attached user-error.log for relevant log information â

Request:
POST /accounts/65d946ae-a757-4244-a61c-736aec45f63d/users
Data: users?username=c1user1&profile=10&apiKey=3JVTagOc6k5RDhw8fMATBLOCcnnrtLBy-BHiMLt9Y94OjYvG3fnS1CsQDxtXia7FfjARhs-qJQt18tU9EYnTsg&uuid=05ba689f-5ebe-4c07-9a2e-ef528074cdb9&firstname=User1&locale=en_US&lastname=Corp1&timezone=GMT&email=a@b.com&_=1383414790549&signature=qblP08z2tWD2OwQ0LiRUkSxXu%2BE%3D

Response:
The server couldn't fulfill the request.
Error code: 500

2. Creating an Account (as per doc) receive "handleInternalServiceException-User-root java.lang.NullPointerException" see attached account-error.log for relevant log information â

Request:
POST http://192.168.56.11:8080/portal/api/accounts
DATA: city=London&zipcode=W2&apiKey=3JVTagOc6k5RDhw8fMATBLOCcnnrtLBy-BHiMLt9Y94OjYvG3fnS1CsQDxtXia7FfjARhs-qJQt18tU9EYnTsg&usernamesuffix=&countrycode=GB&state=London&locale=en_US&street1=High+Street&currencycode=47&isdcode=44&owneremail=tariq.iqbal%40shapeblue.com&accountname=Corp+Three+Inc&ownerlastname=Three&ownerusername=corp3&accounttypeid=4&phonenumber=12345678901&ownerfirstname=Corp&sourcechannelid=1&street2=&_=1383423995460&signature=3AyApw3FydmA8xGUD0vO%2FolTSuU%3D

Response:
The server couldn't fulfill the request.
Error code: 500

Any help identifying the cause or fixing the above errors is appreciated.

Thanks

Hi Tariq,

We will check the logs and get back to you to with what could be causing the issue.
Both user and account creation seems to have failed with validation error and yet 500 as error was not expected.
I will run the same queries to see what is the root cause.

If possible create account from UI and then try the read only calls like list and/or get to confirm that you do receive responses for read only calls and writes are the ones which are failing.

Meanwhile i would check the logs to see what is causing this error.

Thanks
Ashish

Hi Ashish,

I do receive responses for read only calls, it is the writes which are failing.

I have also come across another error when trying to create a payment. I tried creating a payment of $100.00 via the API and get an response code of 500 and the log shows ERROR âServlet.service() for servlet [rest] in context with path [/portal/api] threw exceptionâ¦â (see attached log file for full details). Although I get this error the payment is being recorded in CPBM as an External Payment!

1. Creating a Payment
Request:
POST /accounts/65d946ae-a757-4244-a61c-736aec45f63d/payments
Data: amount=100.00&apiKey=3JVTagOc6k5RDhw8fMATBLOCcnnrtLBy-BHiMLt9Y94OjYvG3fnS1CsQDxtXia7FfjARhs-qJQt18tU9EYnTsg&_=1383453377218&signature=60sTfM6O0Zi2Sdj5ZVk3pf%2BHRt0%3D

Response:
The server couldn't fulfill the request.
Error code: 500

As this is the third error/bug when using a Create API operation, only two write APIs remain â Create Subscription and Create Provision. I have not tested these yet as it requires quite a bit of data in the request (which I need help understanding all of the required parameters as documentation is poor in this area). It will be worth you checking these API operations for errors.

Btw are you able to provide more information/doc explaining the various parameters for the Create Subscription/Provision API calls? eg. ER Data Model of the DB tables involved and/or where to look for the data to populate the fields in the request?

Thanks

Hi Tariq,

1) BSS API works through the ports which are configured for CPBM. If CPBM UI can be opened through that port, that means CPBM APIs can also be accessed by those ports. 8096 by default I guess is CCP/CloudStack port & if so, we do not support CPBM API calls through corresponding port.

2) Every API request should have a API key, time stamp & signature.
Sample request for listing the accounts through root user looks like :
http://<cpbm-ip:port>/portal/api/accounts.json?_=1383647226017&apiKey=<api-key>&signature=c5Mupv1rdgNCbWbOt8oEx4eAoV4%3D

3) http://<CPBM server IP>:8080/portal/api/accounts can be accessed only through root api key & secret key. If you want to list using the master user apikey & secret key, the call is : http://<CPBM server IP>:8080/portal/api/account

4) Please refer : http://support.citrix.com/proddocs/topic/cpbm-21-map/cpbm-generatingsigntre-task.html
to generate the signature.

Edited by: adityad1 on Nov 5, 2013 5:59 AM

Hi Tariq,

1) BSS API works through the ports which are configured for CPBM. If CPBM UI can be opened through that port, that means CPBM APIs can also be accessed by those ports. 8096 by default I guess is CCP/CloudStack port & if so, we do not support CPBM API calls through corresponding port.

2) Every API request should have a API key, time stamp & signature.
Sample request for listing the accounts through root user looks like :
http://<cpbm-ip:port>/portal/api/accounts.json?_=1383647226017&apiKey=<api-key>&signature=c5Mupv1rdgNCbWbOt8oEx4eAoV4%3D

3) http://<CPBM server IP>:8080/portal/api/accounts can be accessed only through root api key & secret key. If you want to list using the master user apikey & secret key, the call is : http://<CPBM server IP>:8080/portal/api/account

4) Please refer : http://support.citrix.com/proddocs/topic/cpbm-21-map/cpbm-generatingsigntre-task.html
to generate the signature.

Hi Tariq,

We do have a defect (DE6763) where in CPBM does not handle + sign at the server side. This means, all the spaces such as street1=High+Street to be converted to street1=High%20Street. Kindly replace them & check. It should work fine.

Sample request should look like : http://darling-sit.cpbm.citrite.net/portal/api/accounts.json?accountname=demo_bssauto_account_011383650155864&sourcechannelid=3&accounttypeid=3&currencycode=USD&locale=en_US&usernamesuffix=demo_bssauto_account_011383650155864&ownerfirstname=ownerFirstName&ownerlastname=ownerLastName&owneremail=aditya.deshpande%40citrix.com&ownerusername=demo_bssauto_account_011383650155864&countrycode=IN&state=KAR&city=Bangalore&street1=MGRoad&street2=UlsoorRoad&zipcode=560001&isdcode=91&phonenumber=9880030346&_=1383650158237&apiKey=eOLdhv5lvuv6-c1AlG2E2JxmjCwdZr15cHKMaZycvtDpQDNfj6tMHtyrauuL7yNmZQkl8R5msLaYyslPwfQ-3A&signature=Me5%2F8LE5TqpXK3W7tMPxLdoS61c%3D

Hi Tariq,

Kindly confirm if the make payment call is being called through master user api key & secret key. The call for make payment is : /account/payments

Root or other service provider user is not allowed to make payment on behalf of the tenant owner.
This operation is allowed only by the tenant owner himself.

Looks like there is issue with the doc, I will check the same.

Kindly let me know if you still find the issue.

HI Aditya,

I was making the payment call as root, if this user is not allowed then there is a bug, because although I get an error in the log, the payment is actually saved in CPBM.

I have tried the tenant master user and called /account/payments. although this call returns a successful response no actual payment is recorded in CPBM. The log shows:

[2013-11-03 10:54:35.578] INFO catalina-exec-16 com.citrix.cpbm.api.security.APIAuthenticationProcessingFilter Entering into doFilterInternal()
[2013-11-03 10:54:35.579] TRACE catalina-exec-16 com.citrix.cpbm.api.security.APIAuthenticationProcessingFilter SERVLETPATH:
[2013-11-03 10:54:35.579] TRACE catalina-exec-16 com.citrix.cpbm.api.security.APIAuthenticationProcessingFilter PATH INFO/account/payments
[2013-11-03 10:54:35.579] INFO catalina-exec-16 com.citrix.cpbm.api.filters.SignatureValidationHelper Entering into validateRequest()
[2013-11-03 10:54:35.754] TRACE catalina-exec-16 com.citrix.cpbm.api.filters.SignatureValidationHelper Computed Signature:U72Ilximpo6K0irFnvhzCcjFjhs=
[2013-11-03 10:54:35.754] TRACE catalina-exec-16 com.citrix.cpbm.api.filters.SignatureValidationHelper signature:U72Ilximpo6K0irFnvhzCcjFjhs=
[2013-11-03 10:54:35.755] INFO catalina-exec-16 com.citrix.cpbm.api.filters.SignatureValidationHelper exiting from validateRequest()
[2013-11-03 10:54:35.755] TRACE catalina-exec-16 com.citrix.cpbm.api.security.APIAuthenticationProcessingFilter Is authorize:true
[2013-11-03 10:54:35.767] TRACE catalina-exec-16 com.vmops.service.impl.UserServiceImpl ###reloading user 3
[2013-11-03 10:54:35.772] TRACE catalina-exec-16 com.vmops.service.impl.UserServiceImpl ###refreshing user 3
[2013-11-03 10:54:35.789] DEBUG catalina-exec-16 com.citrix.cpbm.api.http.utils.APIMethodProcessorAspect ### API createPayment() starts for API class com.citrix.cpbm.api.AccountsController
[2013-11-03 10:54:35.790] TRACE catalina-exec-16 com.vmops.service.impl.UserServiceImpl ###reloading user 3
[2013-11-03 10:54:35.795] TRACE catalina-exec-16 com.vmops.service.impl.UserServiceImpl ###refreshing user 3
[2013-11-03 10:54:35.809] DEBUG catalina-exec-16 com.citrix.cpbm.api.http.utils.APIMethodProcessorAspect ### API createPayment() ends for API class com.citrix.cpbm.api.AccountsController
[2013-11-03 10:54:35.810] INFO catalina-exec-16 com.citrix.cpbm.api.security.APIAuthenticationProcessingFilter exiting from doFilterInternal()

Thanks

Hi,

I replaced the + with %20 in my POST request and it has made no difference to both creating a user and an account - I still get the same errors.

http://192.168.56.11:8080/portal/api/accounts?city=London&zipcode=W2&apiKey=3JVTagOc6k5RDhw8fMATBLOCcnnrtLBy-BHiMLt9Y94OjYvG3fnS1CsQDxtXia7FfjARhs-qJQt18tU9EYnTsg&usernamesuffix=&countrycode=GB&state=London&locale=en_US&street1=High%20Street&currencycode=47&isdcode=44&owneremail=tariq.iqbal%40shapeblue.com&accountname=Corp%20Three%20Inc&ownerlastname=Three&ownerusername=corp3&accounttypeid=4&phonenumber=12345678901&ownerfirstname=Corp&sourcechannelid=1&street2=&_=1383479000179&signature=eizMZ6NYJZKUlL8YJ5bLq31WgfA%3D

Hi Tariq,

We need to analyze this further. Could you please raise a JIRA tickets for these issue & share the DB dump & the corresponding API calls? We will look at the individual cases & respond at the earliest.

Thanks & Regards,
Aditya

Hi Aditya,

David filed the following bugs for me, if that is what you are referring to?

Creating a user - CPBM–959
Creating an account - CPBM–960
Creating a payment - CPBM-961

If not, can you please let me know how can I raise a JIRA ticket?

Thanks

Hi Tariq,

We are looking into these defects.

Could you please share your setup details (Server log in information, CPBM credentials & DB details).
It would be great if you can share your DB dump & cloud.properties.

We need these details to investigate further as these APis seem to work in Test setups. However, docs need to be updated.

Thanks & Regards,
Aditya

Hi Aditya,

How do I send my DB dump and cloud.properties to you?

Thanks

@Tariq, Please route it through David ( Creating a user - CPBM–959

Creating an account - CPBM–960
Creating a payment - CPBM-961 )

thanks and regards,

Madan

@Tariq,

We've identified the root cause. 

As a workaround, could you append .json or .xml to your URL requests?

Example:

http://192.168.56.11:8080/portal/api/accounts.json?city=London&zipcode=W2&apiKey=3JVTagOc6k5RDhw8fMATBLOCcnnrtLBy-BHiMLt9Y94OjYvG3fnS1CsQDxtXia7FfjARhs-qJQt18tU9EYnTsg&usernamesuffix=&countrycode=GB&state=London&locale=en_US&street1=High Street¤cycode=47&isdcode=44&owneremail=tariq.iqbal@shapeblue.com&accountname=Corp Three Inc&ownerlastname=Three&ownerusername=corp3&accounttypeid=4&phonenumber=12345678901&ownerfirstname=Corp&sourcechannelid=1&street2=&_=1383479000179&signature=eizMZ6NYJZKUlL8YJ5bLq31WgfA=

Let us know whether this unblocks you.

Thanks,

Madan

http://<CPBM server IP>:8080/portal/api/accounts?_=1383140723&apikey=1mtfeidtu-h5wdkzfttfc68bv1do3mwft2rehathd2_tfpilzykpw1hjgckk6rp2lxhcu-xhbbvxnt--dpn36g&signature=Pfhd0jtswGSfb5rgND%2Fi8mUOcF0%3D

But I get the following message in my browser:
{"message":"Signature url timed out. Try with new Request ","code":400","args":null}

Hi, I just went through the same problem. As you figured out before encountering other problems, the "_" timestamp should be in milliseconds, not seconds.

1385139528445  <== right

1383140723        <== wrong

4) Are there any code samples (preferably in Python) that create the required signature?

That would have been nice wouldn't it. I've attached a little groovy sample.

Corrected script to avoid false "No such user found" -- make sure you lowercase the parameter string, that args are in alphabetical order, that there is no "?" separating the api path and the "_" query arg.

Hi Guys,

Seems like some of you have managed to get past the "No such user found" error msg.

Can I ask how and with some code samples as I've tried numerous combinations and still can't get a simple list Account query to work.

I've got code sample in PHP if anyone can assist.  Thanks.

Thanks Jamshid, I already got it working, but hit the other issue above.

Steve, 

I'm on the road at the moment, but should be able to take a proper look later. But as a first, are the apiKey and sKey values of the CPBM root user from the CPBM database? Do not confuse these with ones you see in the CPBM UI in the root account.