Skip to main content

I am trying to follow the documentation for getting an API token. Specifically follow the Resource Owner Password Credentials Grant Type but when I run my code I’ll get a 200 response with an empty output

Here’s my code:

import requests

https://<yoursubdomain.docebosaas.com>/oauth2/token

files = {
'client_id': (None, <client_id>),
'client_secret': (None, <client secret>),
'grant_type': (None, 'password'),
'scope': (None, 'api'),
'username': (None, <user>),
'password': (None, <password>),
}

test_post = requests.post(url=credentials_url_endpoint, file=files)

Any feedback on where I am going wrong or what I should try next?

Just curious, any reason not to just use the example curl code provided at the link you put?


Have you pulled data from other APIs (maybe that don’t require authentication) with Python before?

If not, I might suggest practicing with an open API like Wikipedia’s, so you get the hang of the specific implementation technology (e.g. Python) you’ve chosen.  Then, once you have a handle on pulling data generally, I find Postman helpful for figuring out how to form the specific request to Docebo.

I don’t use Python in my implementation, so I’m not helpful at all there, but this was the approach I took when getting started.


Depending on if you are trying to automate scripts or not, I use the workaround of getting a token from the Docebo API Explorer(effective for one day at most and less secure). Once you authenticate in a web browser there, you will see a token generated in the Token field on the upper left hand side. This of course bypasses pulling the code using Python from the endpoint. It was my way of getting the information I needed fast, without having a full understanding or the oauth process. Additionally, we use SSO, so I would need to figure that process out first. You could then do a simple request with the following code if you’re trying to download data from your docebo system:

import requests

headers = {
    'Authorization': 'Bearer token#'
    }

auth_url =("https://<yoursubdomain.docebosaas.com>/learn/v1/courses"

r = requests.get(auth_url, headers=headers)

print(r.status_code) #verify access

This is more of a quick and dirty way to use python rather than the proper way. The Docebo API browser is super helpful for determining what information to pull and from where, however, data from different endpoints tends to overlap a bit depending on what you are looking for.


Just curious, any reason not to just use the example curl code provided at the link you put?

I’m new to Python (and programming) and I have sorted out how to access an API and extract the info I need. My next step is to connect directly and do the same thing (in the sandbox).

I have seen the Curl info in the documentation. Where would be the best place to learn how to implement it on my system?


ChatGPT has been my best friend in regards to working with Python and the API. I had a really foundational knowledge of Python prior, but with that and bit of back and forth i’ve been able to do almost everything I’ve set out to with the API. 

 

Here’s a sample but it can be altered to fit your needs quite easily

import requests

# Define your Docebo API endpoint and credentials - I usually handle these in a .ENV variable
docebo_url = "https://<yoursubdomain.docebosaas.com>/oauth2/token"
client_id = "<your_client_id>"
client_secret = "<your_client_secret>"
username = "<your_username>"
password = "<your_password>"

# Define the data for the token request
data = {
"client_id": client_id,
"client_secret": client_secret,
"grant_type": "password",
"scope": "api",
"username": username,
"password": password,
}

# Send the token request
response = requests.post(docebo_url, data=data)

# Check if the request was successful
if response.status_code == 200:
token_data = response.json()
access_token = token_datao"access_token"]
print("Access Token:", access_token)

# Use the access token to make an API call
api_endpoint = "https://<yoursubdomain.docebosaas.com>/learn/v1/courses"
headers = {"Authorization": f"Bearer {access_token}"}
api_response = requests.get(api_endpoint, headers=headers)

if api_response.status_code == 200:
api_data = api_response.json()
print("API Response:", api_data)
else:
print("Failed to retrieve API data:", api_response.status_code)
else:
print("Failed to obtain access token:", response.status_code)

 


@BrentDeayton  thank you so much. I had tried some solutions yesterday but so many things were broken. LOL

Do I need to setup credentials in the API / SSO area, or is this using the token from the API browser setup?

I am not sure where the client_id and client_secret are established. This is where I had a problem with the API documentation. It says to send it, but I did not understand where it was setup.
I was trying Postman previously and someone helped with setting up the API credentials. I will take another look at the API documentation to see if it helps.

I will give this a shot today and check out ChatGPT. 


Thanks again @BrentDeayton, I’m in the sandbox. 

For others who may follow and do not know, here is what I did on the system side.

In API and SSO > API Credentials I did Add Oauth2 App.

I filled in App Name and description. I then set my own client ID, the client secret was there. I set the Redirect URL to my system URL.

I then selected Show advanced  settings and I selected all of the grant types except JWT Bearer. I confirmed that, and then activated the authentication app by clicking the check mark.


@BrentDeayton I will have to learn more about the environment variable you mentioned.

Initially I setup docebo_url, client_id, client_secret, username and password for sandbox. Once that was working I duplicated it, pasted it a few lines down and did the same for production.

For testing I can comment out Sandbox or Production to switch.

I get a 200 status code on both systems, but on production I also receive “Failed to retrieve API data: 403.

I confirmed that my password works, and that the client_id, and client_secret are setup for production.

 


It turns out I had duplicated everything except for the api_endpoint url. I had it pointed at the sandbox and everything else configured for production. Once I fixed this all was well.


Great to hear! Let me know if there’s anything I can help out with :) 


Reply