I have been working on calling an API to fetch access token.
Here is my Http code
options set=SSL_USE_SNI="0" set=SSL_SNI_HOSTNAME="sandbox.bcda.cms.gov" ;
proc http
url="https://sandbox.bcda.cms.gov/auth/token" AUTH_BASIC
WEBUSERNAME="&client_id."
WEBPASSWORD="&client_secret."
out=apitoken
method="POST";
headers "Accept"="application/json";
run;
Here is the error i have been getting.
ERROR: OpenSSL error 336134278 (0x14090086) occurred in SSL_connect/accept at line 5388, the error message is "error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed". ERROR: Secure communications error status 807ff008 description "OpenSSL error 336134278 (0x14090086) occurred in SSL_connect/accept at line 5388, the error message is "error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed"." ERROR: Encryption run-time execution error ERROR: Call to tcpSockContinueSSL failed.
Any suggestions what could be the possible issue.
Hi @khandelwalanmol,
I'm adding three code blocks to this, one for each grant_type: authorization code, client credentials, and password. You can read more about client registration and creating access tokens in my blog post Authentication to SAS Viya: a couple of approaches. All three grant types are covered in the post.
In your original code, I think you were attempting to use the password grant type. While the example I list below will work, please note that this is not secure and is being discouraged for use by the industry. Note that you must declare an authorization grant type when registering a client, so each of these code blocks would require a separate client id.
filename out TEMP;
proc http url="https://sasserver.sas.com/SASLogon/oauth/token#authorization_code"
method="POST"
in='client_id=sasclient&client_secret=sasclientecret&grant_type=authorization_code&code=Mkm63aVEun'
out=out;
headers "Accept"="application/json";
run;
%put The return code is: &SYS_PROCHTTP_STATUS_CODE.;
data _null_;
infile out;
input;
put _infile_;
run;
Values to update: url, client_id, client_secret, code
filename resp temp;
/* must include content-type/CT= option */
proc http
url="https://serviceaddress/oauth/access_token"
in='grant_type=client_credentials&client_id=XXXXXXXX&client_secret=YYYYYYYY'
ct="application/x-www-form-urlencoded"
out=resp
method='POST'
;
run;
Values to update: url, client_id, client_secret
filename out TEMP;
proc http url="https://sasserver.sas.com/SASLogon/oauth/token#password"
method="POST"
auth_basic
Webusername="client_id"
webpassword="client_secret"
in='grant_type=password&username=viya_user&password=viya_password'
out=out;
headers "Accept"="application/json";
run;
%put return code is: &SYS_PROCHTTP_STATUS_CODE.;
data _null_;
infile out;
input;
put _infile_;
run;
Values to update: url, Webusername, Webpassword
Hope this helps,
Joe
Join us for SAS Community Trivia
SAS Bowl XLVI, Causal Analysis
Wednesday, December 18, 2024, at 10 a.m. ET | #SASBowl
Hi @khandelwalanmol,
Sorry for the delay. I just saw this question. Let me take a look in my environment and see if I can get it to work.
Join us for SAS Community Trivia
SAS Bowl XLVI, Causal Analysis
Wednesday, December 18, 2024, at 10 a.m. ET | #SASBowl
Hi @khandelwalanmol,
I'm adding three code blocks to this, one for each grant_type: authorization code, client credentials, and password. You can read more about client registration and creating access tokens in my blog post Authentication to SAS Viya: a couple of approaches. All three grant types are covered in the post.
In your original code, I think you were attempting to use the password grant type. While the example I list below will work, please note that this is not secure and is being discouraged for use by the industry. Note that you must declare an authorization grant type when registering a client, so each of these code blocks would require a separate client id.
filename out TEMP;
proc http url="https://sasserver.sas.com/SASLogon/oauth/token#authorization_code"
method="POST"
in='client_id=sasclient&client_secret=sasclientecret&grant_type=authorization_code&code=Mkm63aVEun'
out=out;
headers "Accept"="application/json";
run;
%put The return code is: &SYS_PROCHTTP_STATUS_CODE.;
data _null_;
infile out;
input;
put _infile_;
run;
Values to update: url, client_id, client_secret, code
filename resp temp;
/* must include content-type/CT= option */
proc http
url="https://serviceaddress/oauth/access_token"
in='grant_type=client_credentials&client_id=XXXXXXXX&client_secret=YYYYYYYY'
ct="application/x-www-form-urlencoded"
out=resp
method='POST'
;
run;
Values to update: url, client_id, client_secret
filename out TEMP;
proc http url="https://sasserver.sas.com/SASLogon/oauth/token#password"
method="POST"
auth_basic
Webusername="client_id"
webpassword="client_secret"
in='grant_type=password&username=viya_user&password=viya_password'
out=out;
headers "Accept"="application/json";
run;
%put return code is: &SYS_PROCHTTP_STATUS_CODE.;
data _null_;
infile out;
input;
put _infile_;
run;
Values to update: url, Webusername, Webpassword
Hope this helps,
Joe
Join us for SAS Community Trivia
SAS Bowl XLVI, Causal Analysis
Wednesday, December 18, 2024, at 10 a.m. ET | #SASBowl
I didn't realise the OP was referring to Viya
But if so, there are some ready made macros in SASjs for client registration, authentication & refresh:
* https://core.sasjs.io/mv__registerclient_8sas.html
Hi @khandelwalanmol,
I wanted to check if you were able to attempt the suggestions made in the replies to your post. If you have further issues, please let us know; otherwise, you can mark the thread as resolved.
Thanks,
Joe
Join us for SAS Community Trivia
SAS Bowl XLVI, Causal Analysis
Wednesday, December 18, 2024, at 10 a.m. ET | #SASBowl
Registration is now open for SAS Innovate 2025 , our biggest and most exciting global event of the year! Join us in Orlando, FL, May 6-9.
Sign up by Dec. 31 to get the 2024 rate of just $495.
Register now!
Learn how use the CAT functions in SAS to join values from multiple variables into a single value.
Find more tutorials on the SAS Users YouTube channel.
Ready to level-up your skills? Choose your own adventure.