Re: Send PROC HTTP Request through Stored Process

s210 · Posted 04-24-2022 08:47 AM

Hello,

I'm trying to send a POST API request using PROC HTTP through a Stored Process (UI),

Since the user is already logged in, I want to use the same credentials instead of writing the username and password in \

/* Send http request from Stored Process */
PROC HTTP 
 METHOD="POST"
 URL="http://application-name/SASComplianceSolutionsMid/.../...."
 CT="application/json"
 IN=input
 OUT=output
 WEBUSERNAME="username"
 WEBPASSWORD="password"								
 /* AUTH_NEGOTIATE */
; 
RUN;

However this code responds with HTTP Status 403 - Forbidden, not sure about the reason,

I also tried to use the AUTH_NEGOTIATE option instead of the basic authentication option, but it didn't work as expected and it returns HTTP Status 401 - Unauthorized Access. I expected that it will use the same credentials for the logged-in user.

HTTP Negotiate is an authentication extension that is used commonly to provide single signon capability to web requests. This is normally used in PROC HTTP when a password is not provided, since it will use the current user’s identity for authentication. Link

Am I missing something? Or is it applicable to send the API request in such a way without determining a specific credential in the code?

Thanks.

Sajid01 · Posted 04-24-2022 10:53 AM

What does the stored process log say.?

SAS stored process is inherently a SAS program. You can add a statement to output the log to a specific location like the following

proc printto print='The full path and name of log file' new;
run;

Please post the log.

gwootton · Posted 04-25-2022 08:41 AM

The Stored Process Server typically runs as a shared account (sassrv). You would probably need to run the code in a Workspace Server which runs as the requesting user on the server to use AUTH_NEGOTIATE, assuming you are connecting using single signon (SSO).

Are your users using SSO to connect to SAS before running this code? Does the code run successfully in a Workspace Server (i.e. SAS Studio, Enterprise Guide)? If so, could you change the stored process server properties to tell it to run as a workspace server instead?

--
Greg Wootton | Principal Systems Technical Support Engineer

AllanBowe · Posted 04-27-2022 06:34 AM

Rather than use proc http, why don't you connect to the service from the frontend using JavaScript? Users can then provide the necessary credentials (or use SSO).

You can serve the javascript from your Stored Process, but I wouldn't recommend writing the "put" statements yourself. You could try the streaming app approach my team have built - here's an overview: https://sasapps.io/sas-streamed-apps

/Allan
MacroCore library for app developers
Data Workflows, Data Contracts, Data Lineage, Drag & drop excel EUCs to SAS 9 & Viya - Data Controller
DevOps and AppDev on SAS 9 / Viya / Base SAS - SASjs