Home > Forum > Plugins > Unable to connect with Webcon API trial application

Unable to connect with Webcon API trial application
1

Hi, I tried to work with Webcon API on the trial but only what I retrieve is empty list of tasks.
I successfully authenticate by app client context and receive token which I used to read tasks.
I cannot register by user context and I cannot read other data from Webcon.
Is it a standard behavior for trial or is there something I missed?

In reply to: Jacek Wojnar

Hi,
did you grant permissions for this app in Designer Studio to application/process?

check this: https://developer.webcon.com/docs/registration-and-authentiaction

Below you can find details about how I proceeded when trying to retrieve any item from Purchase Request or Task list with App context.

I added app user everywhere in the designer and admin portal to active users and created correct credentials.

My main questions would be:
1. How to get list of Purchase Requests or any item?
2. How to get list of tasks?
Application type: App context


Scopes which I tried:

HighTrust.Elements.Read.1073a4a4-5eba-4679-ae48-XXXX
To a Purchase Request List item: /api/data/v5.0/db/1/elements/23 (also 1,2,3,60)
To a Purchase Request List: /api/data/v5.0/db/1/elements

Response:
Name Value Type
▶ response {StatusCode: 404, ReasonPhrase: 'Not Found', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers: { Date: Thu, 12 Sep 2024 10:25:32 GMT Connection: keep-alive Set-Cookie: PodAffinity=1726136733.6.20456.538383|7bc7260c452e9af033ae929d7c12e4c9; Expires=Thu, 19-Sep-24 10:25:32 GMT; Path=/; Secure; HttpOnly Content-Type: application/json Content-Length: 19 }} System.Net.Http.HttpResponseMessage

App.Elements.Read.All
To a Purchase Request List item: /api/data/v5.0/db/1/elements/23 (also 1, 60)
To a Purchase Request List: /api/data/v5.0/db/1/elements

Response:
Name Value Type
▶ response {StatusCode: 404, ReasonPhrase: 'Not Found', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers: { Date: Thu, 12 Sep 2024 10:54:18 GMT Connection: keep-alive Set-Cookie: PodAffinity=1726138459.074.20452.593633|7bc7260c452e9af033ae929d7c12e4c9; Expires=Thu, 19-Sep-24 10:54:18 GMT; Path=/; Secure; HttpOnly Content-Type: application/json Content-Length: 19 }} System.Net.Http.HttpResponseMessage

To Tasks:
To a task list: api/data/v5.0/tasks
Name Value Type
▶ response {StatusCode: 403, ReasonPhrase: 'Forbidden', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers: { Date: Thu, 12 Sep 2024 11:06:49 GMT Connection: keep-alive Strict-Transport-Security: max-age=31536000; includeSubDomains Content-Type: application/json; charset=utf-8 Content-Length: 105 }} System.Net.Http.HttpResponseMessage


App.Tasks.Read.All
To a task list: api/data/v5.0/tasks
Response:
{"page":0,"size":0,"count":0,"links":null,"tasks":[]}
Name Value Type
▶ response {StatusCode: 200, ReasonPhrase: 'OK', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers: { Date: Thu, 12 Sep 2024 11:07:46 GMT Connection: keep-alive Cache-Control: no-store,no-cache Pragma: no-cache Referrer-Policy: strict-origin-when-cross-origin Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff Content-Security-Policy: frame-ancestors https://*.sharepoint.com https://teams.microsoft.com https://outlook.office.com https://trial.webconapps.com/XXXXX 'self'; default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' maps.googleapis.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src data: 'self' maps.gstatic.com *.googleapis.com *.ggpht; font-src 'self' fonts.gstatic.com; frame-src 'self' *.powerbi.com; connect-src 'self' https://maps.googleapis.com; Content-Type: application/json; charset=utf-8 Content-Length: 53 }} System.Net.Http.HttpResponseMessage


Admin.ReadWrite.All
To a Purchase Request List item: /api/data/v5.0/db/1/elements/23 (ID of item from a list)
To a Purchase Request List: /api/data/v5.0/db/1/elements

Response:
Name Value Type
▶ response {StatusCode: 404, ReasonPhrase: 'Not Found', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers: { Date: Thu, 12 Sep 2024 10:31:03 GMT Connection: keep-alive Set-Cookie: PodAffinity=1726137064.799.20450.260449|7bc7260c452e9af033ae929d7c12e4c9; Expires=Thu, 19-Sep-24 10:31:03 GMT; Path=/; Secure; HttpOnly Content-Type: application/json Content-Length: 19 }} System.Net.Http.HttpResponseMessage

App.Reports.Read.All
To a Purchase Request List item: /api/data/v5.0/db/1/elements/23 (ID of item from a list)
To a Purchase Request List: /api/data/v5.0/db/1/elements

Response:
Name Value Type
▶ response {StatusCode: 404, ReasonPhrase: 'Not Found', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers: { Date: Thu, 12 Sep 2024 10:36:09 GMT Connection: keep-alive Set-Cookie: PodAffinity=1726137370.024.20451.875299|7bc7260c452e9af033ae929d7c12e4c9; Expires=Thu, 19-Sep-24 10:36:09 GMT; Path=/; Secure; HttpOnly Content-Type: application/json Content-Length: 19 }} System.Net.Http.HttpResponseMessage

MVP
In reply to: Natalia Wegner

Below you can find details about how I proceeded when trying to retrieve any item from Purchase Request or Task list with App context.

I added app user everywhere in the designer and admin portal to active users and created correct credentials.

My main questions would be:
1. How to get list of Purchase Requests or any item?
2. How to get list of tasks?
Application type: App context


Scopes which I tried:

HighTrust.Elements.Read.1073a4a4-5eba-4679-ae48-XXXX
To a Purchase Request List item: /api/data/v5.0/db/1/elements/23 (also 1,2,3,60)
To a Purchase Request List: /api/data/v5.0/db/1/elements

Response:
Name Value Type
▶ response {StatusCode: 404, ReasonPhrase: 'Not Found', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers: { Date: Thu, 12 Sep 2024 10:25:32 GMT Connection: keep-alive Set-Cookie: PodAffinity=1726136733.6.20456.538383|7bc7260c452e9af033ae929d7c12e4c9; Expires=Thu, 19-Sep-24 10:25:32 GMT; Path=/; Secure; HttpOnly Content-Type: application/json Content-Length: 19 }} System.Net.Http.HttpResponseMessage

App.Elements.Read.All
To a Purchase Request List item: /api/data/v5.0/db/1/elements/23 (also 1, 60)
To a Purchase Request List: /api/data/v5.0/db/1/elements

Response:
Name Value Type
▶ response {StatusCode: 404, ReasonPhrase: 'Not Found', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers: { Date: Thu, 12 Sep 2024 10:54:18 GMT Connection: keep-alive Set-Cookie: PodAffinity=1726138459.074.20452.593633|7bc7260c452e9af033ae929d7c12e4c9; Expires=Thu, 19-Sep-24 10:54:18 GMT; Path=/; Secure; HttpOnly Content-Type: application/json Content-Length: 19 }} System.Net.Http.HttpResponseMessage

To Tasks:
To a task list: api/data/v5.0/tasks
Name Value Type
▶ response {StatusCode: 403, ReasonPhrase: 'Forbidden', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers: { Date: Thu, 12 Sep 2024 11:06:49 GMT Connection: keep-alive Strict-Transport-Security: max-age=31536000; includeSubDomains Content-Type: application/json; charset=utf-8 Content-Length: 105 }} System.Net.Http.HttpResponseMessage


App.Tasks.Read.All
To a task list: api/data/v5.0/tasks
Response:
{"page":0,"size":0,"count":0,"links":null,"tasks":[]}
Name Value Type
▶ response {StatusCode: 200, ReasonPhrase: 'OK', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers: { Date: Thu, 12 Sep 2024 11:07:46 GMT Connection: keep-alive Cache-Control: no-store,no-cache Pragma: no-cache Referrer-Policy: strict-origin-when-cross-origin Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff Content-Security-Policy: frame-ancestors https://*.sharepoint.com https://teams.microsoft.com https://outlook.office.com https://trial.webconapps.com/XXXXX 'self'; default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' maps.googleapis.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src data: 'self' maps.gstatic.com *.googleapis.com *.ggpht; font-src 'self' fonts.gstatic.com; frame-src 'self' *.powerbi.com; connect-src 'self' https://maps.googleapis.com; Content-Type: application/json; charset=utf-8 Content-Length: 53 }} System.Net.Http.HttpResponseMessage


Admin.ReadWrite.All
To a Purchase Request List item: /api/data/v5.0/db/1/elements/23 (ID of item from a list)
To a Purchase Request List: /api/data/v5.0/db/1/elements

Response:
Name Value Type
▶ response {StatusCode: 404, ReasonPhrase: 'Not Found', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers: { Date: Thu, 12 Sep 2024 10:31:03 GMT Connection: keep-alive Set-Cookie: PodAffinity=1726137064.799.20450.260449|7bc7260c452e9af033ae929d7c12e4c9; Expires=Thu, 19-Sep-24 10:31:03 GMT; Path=/; Secure; HttpOnly Content-Type: application/json Content-Length: 19 }} System.Net.Http.HttpResponseMessage

App.Reports.Read.All
To a Purchase Request List item: /api/data/v5.0/db/1/elements/23 (ID of item from a list)
To a Purchase Request List: /api/data/v5.0/db/1/elements

Response:
Name Value Type
▶ response {StatusCode: 404, ReasonPhrase: 'Not Found', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers: { Date: Thu, 12 Sep 2024 10:36:09 GMT Connection: keep-alive Set-Cookie: PodAffinity=1726137370.024.20451.875299|7bc7260c452e9af033ae929d7c12e4c9; Expires=Thu, 19-Sep-24 10:36:09 GMT; Path=/; Secure; HttpOnly Content-Type: application/json Content-Length: 19 }} System.Net.Http.HttpResponseMessage

Hi Natalia,

there seems to be something wrong.
At least this one should have been working
App.Elements.Read.All
/api/data/v5.0/db/1/elements/23 (also 1,2,3,60)

if
- the registered application has been one of the "Access all workflow instances" privileges in the designer studio
- Maybe the user also needs a license for getting elements. Creating /modifying would require assigning a license to the user for sure

Getting a list of elements won't work. You will need to call a PublicApiReport endpoint.

I have never tried to retrieve tasks.
Based on the fact that it uses a get method and there are no query parameter to define the user, I would guess that you need to use OAuth2 - AuthorizationCode to execute the call in the name of the user.
I have never user this yet.

Best regards,
Daniel