Unable to Retrieve Credential via A2A API – 401 Unauthorized Error #20
Description
Hi,
Hi,
I’m trying to use the A2A API to retrieve a password associated with an asset account, but I’m encountering a 401 Unauthorized error. Below is the code I’m running:
from pysafeguard import *
password = PySafeguardConnection.a2a_get_credential(
host='<safeguard-SPP-FQDN>',
apiKey='<secret>',
cert='./certs/cert.pem',
key='./certs/key.pem',
verify=False
)Setup Details:
cert.pemandkey.pemare a self-signed RSA 2048 certificate/key pair generated using OpenSSL.- The certificate has been uploaded to the Trusted CA Certificates section of the SPP Web UI.
- I’ve created an A2A Application and assigned a user with certificate authentication.
- The certificate fingerprint was correctly assigned to this user.
- The target asset account is correctly associated with the A2A application.
- The API key used is valid and associated with the correct A2A application.
Issue:
python3.12/site-packages/urllib3/connectionpool.py:1097: InsecureRequestWarning: Unverified HTTPS request is being made to host '<redacted hostname>'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#tls-warnings
warnings.warn(
Traceback (most recent call last):
File "a2a_get_secrets.py", line 6, in <module>
password = PySafeguardConnection.a2a_get_credential(host='<redacted hostname>',
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "lib/python3.12/site-packages/pysafeguard.py", line 104, in a2a_get_credential
raise WebRequestError(credential)
pysafeguard.WebRequestError: 401 Unauthorized: GET https://<redacrted hostname>/service/a2a/v4/Credentials?type=password
{"Code":60094,"Message":"Authorization is denied for this request.","InnerError":null}
What am I doing wrong?