Authentication required http-code 401

I am trying to get api authentication working and having no luck.
My system is a raspberry pi running buster. Openhab is version 3.1.0 release build, upgraded from an earlier version using apt-get method.

My api settings are:

I enter the following in my browser url. “http://user:password@zippy:8080/rest/things”.
It returns with.

 {"error":{"message":"Authentication required","http-code":401}}

I have enter my username in the console like this:
openhab:users add username password user

I use cut and paste to eliminate typos when entering data. Tried creating different username and passwords, rebooted etc. I don’t know what more I can do. It seems so straight forward, but I am stumped.


What would you like to achieve ?
Recent browser do not longer support adding user:password as part of an URL.
In case you just want to make sure that you do not need to type in user/password combinations use the browsers password manager to store the user and password.

I am testing that I can access /rest/things on openhab. This is troubleshooting problems with habAPP. I have tried Firefox, Chrome and Safari. From you response, I tried curl in this format:

curl -u USERNAME http://server.example

I am prompted for a password and then get
{“error”:{“message”:“Access denied”,“http-code”:403}}


Please provide full example code of your trial just replace the domain name with xxxx.
From the curl code you provided I can’t see that it is the same as the URL you used in the browser.

I think your are authenticated now but still have no access to the resource.
See e.g. ( the link describes both error codes 401, 403 )

Thanks Wolfgang. I am testing on the openhab server itself.

curl -u test http://localhost:8080/rest/things
Enter host password for user 'test':
{"error":{"message":"Access denied","http-code":403}}root@zippy:/home/chris#

I just changed the password for username test in the karaf console, so I can see what I did on the screen. Openhab is responding by prompting for a password as can be seen.

What I am doing is pretty simple and straight forward. But I am no stranger to seeing people (myself) do dumb things that another’s eyes can see.


So I have it working now. If the user is an administrator, it works. Sees odd that a “user” would get a 403 error.

I should clarify, with curl it works.

Right for security reasons higher privileges are required to access the REST API.
Alternatively you can create a token ( under admin profile ) and do not need to enter a password.

Thanks for the response. I am trying to get habAPP running and attaching to things and items via “http” protocol are a requirement. I am trying several things that are new to me, and can get a little frustrating at times. :slight_smile:

1 Like

This topic was automatically closed 41 days after the last reply. New replies are no longer allowed.