Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Superset /api/v1/security/csrf_token return msg': 'Missing Authorization Header' #32257

Open
3 tasks
temuujinmo4 opened this issue Feb 14, 2025 · 4 comments
Open
3 tasks

Superset /api/v1/security/csrf_token return msg': 'Missing Authorization Header' #32257

temuujinmo4 opened this issue Feb 14, 2025 · 4 comments
Labels
api Related to the REST API authentication Related to authentication

Comments

@temuujinmo4
Copy link

Bug description

response = requests.get("https://report.databank.mn/api/v1/security/csrf_token', headers={
            'Content-type': 'application/json',
            # 'Authorization': 'Bearer {}'.format(access_token)
        })

return msg': 'Missing Authorization Header'

Screenshots/recordings

No response

Superset version

master / latest-dev

Python version

3.9

Node version

16

Browser

Chrome

Additional context

No response

Checklist

  • I have searched Superset docs and Slack and didn't find a solution to my problem.
  • I have searched the GitHub issue tracker and didn't find a similar bug report.
  • I have checked Superset's logs for errors and if I found a relevant Python stacktrace, I included it here as text in the "additional context" section.
@dosubot dosubot bot added api Related to the REST API authentication Related to authentication labels Feb 14, 2025
@dosubot DosuBot
Copy link

dosubot bot commented Feb 14, 2025

To resolve the "Missing Authorization Header" issue when accessing the /api/v1/security/csrf_token endpoint in Superset, you need to include the appropriate Authorization header in your request. The Authorization header typically requires a Bearer token, which you can obtain through the authentication process.

Here's an example of how you might modify your request to include the Authorization header:

response = requests.get(
    "https://report.databank.mn/api/v1/security/csrf_token",
    headers={
        'Content-type': 'application/json',
        'Authorization': 'Bearer {}'.format(access_token)  # Ensure access_token is correctly set
    }
)

Make sure that access_token is a valid token obtained from your authentication provider. If you haven't obtained an access token yet, you'll need to authenticate first to get one.

To continue talking to Dosu, mention @dosu.

Help Dosu learn! Give it feedback: Great Response | Irrelevant Answer | Incorrect Sources | Too Verbose | Hallucination | Bug Report | Other

@hainenber
Copy link
Contributor

Dosu is correct, you actually commented out the Authorization header part.

@temuujinmo4
Copy link
Author

'Authorization': 'Bearer {}'.format(access_token)

still error

@hainenber
Copy link
Contributor

Right, the security token is broken currently due to PyJWT. I'll link the previous PR to fix this issue too.

@hainenber hainenber mentioned this issue Feb 18, 2025
Open
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
api Related to the REST API authentication Related to authentication
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@temuujinmo4 @hainenber