REST API authentication?


I’m currently trying to make a REST API with a knime workflow deployed in AWS.

However, each time I call the REST, there is a weird dialogue asking for authentication.

Since it is just a workflow which works with the SQL server, I feel there is no need for user’s authentication.

Is there a way or two to get around this?

1 Like


Sounds like you’re trying the REST call via the browser? You need to pass the authentication details along with the REST call. You can do that by either first logging into the WebPortal in the same browser, or by explicitly adding the basic auth (or a JWT) along with the request.

e.g. curl -u ‘knime-rest-user:knockknock’ -i https://localhost:8080/com.knime.enterprise.server/rest

where username is kniem-rest-user
and password is knockknock



I tried to add basic auth through postman, and then it would return a message saying :

http://localhost:8080’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.”

Is there a way to change this CORS setting in knime AWS server?



I have a suspicion that this problem manifests with the ‘browser-based’ Postman version, but not the Desktop Postman application. Is it possible to try with the desktop version?



The postman version I am currently using as of now is the desktop based version where you have to actually install.



I should add, that it is possible to modify CORS policies, e.g. to add specific allowed origins. But it’s probably not needed if you can use the desktop app.



Wow really? Is it for the postman, or for the AWS server-side?
Its my first time doing this REST API thing, so please understand that I might sound like a total beginner.



Hey there,

I’m a little confused that you’re seeing this message from the desktop Postman application. Usually this message will be returned if you were making a request to the server via, for instance, javascript running locally and executing in your browser. This error comes from a browser like Chrome attempting to prevent malicious code from hijacking requests.

Could you explain in a little more detail exactly how you are calling the KNIME Server?




I’m trying to call through an ajax call. Does this involve the browser (chrome, IE etc)



Ironically enough, this problem was not there with the browser postman. Instead, it happened on the native postman.



Also, is there a way to configure Access-Control-Allow-Origin in the KNIME server?



It’s definitely possible to modify the Access-Control-Allow-Origin header. The link that Jon provided above will allow you to configure this within the TomEE server that the KNIME Server is running on.

With regards to the ajax call, it’s still a little unclear how you’re making these requests. Are you writing javascript or python or some other kind of script? I’m guessing if that is the case then your browser must be involved somehow as there needs to be a javascript engine running somewhere and Postman doesn’t come bundled with one. A screenshot of your Postman setup or some other more detailed description would really help me to understand your problem a little more.