Authorization for REST call to C3 platform


I am trying to make a REST call to C3 platform from a device (Raspberry Pi). I am using c3auth token taken from cookies from my browser and added it to headers. It throws urllib2.HTTPError: HTTP Error 500: Server Error error.
headers = {"Accept":"application/json", "Content-Type":"application/json", "Authorization":authKey}
authKey = 30xXXXXXX.....
I also tried by adding my Okta credentials but the error remained the same.
Should I add anything more for authorization ?


the Authorization header is the Base64 of this string username:password


You can use set the headers to

  "Authorization": "Basic Base64String",
  "Content-Type": "application/json",
  "Accept": "application/json"

Replace Base64String with the Base64 of username:password

You can get Base64 string in the static console by Base64.encodeString('username:password')


HTTP 500 error is a server error that has nothing to do with authentication (HTTP 401). So in this case you did authenticate correctly, but some error happened in the server.


HTTP 500 errors may hide security-related problems, e.g.:

c3SwitchAll('tenant', 'tag')
POST 500 (ServerError)
Uncaught C3.typesys.Error {name: "C3Error", message: "You do not have access to console functionality in tentant/tag. [NotAuthorized]", ....}


In python, I tend to use the requests library and its async version grequests:

import requests
from requests.auth import HTTPBasicAuth
c3server = ...
tenant = config.get("tenant")
tag = config.get("tag")
c3user = ...
c3password = ...
func = if doasync else
response = func(url='{0}/api/1/{1}/{2}/{3}?action={4}'.format(c3server, tenant, tag, type, action)
                         , json=kwargs
                         , auth=HTTPBasicAuth(c3user, c3password)
                         , headers={"Accept": "application/json",
                                    "Content-type": "application/json",
if !hasattr(response,"status_code") or response.status_code != 200:
    raise Exception("Invalid request", response.reason)
    return response

and it works