/Api/access_token shows 404 "File not found"

Hi all,

when I want to work with Api v8 I got a strange error: /Api/access_token gives me “File not found.” (which is a custom message, because if I use /Api/abcdef it gives me Server Error 404 Page Not Found - which is the standard message)

When I use Api/index.php/access_token though, everything works normally.

Because of some previous problems with the cache I got an updated upgradeAccess.php and thus a different but working .htaccess:
I tested it by redirecting the Api/access_token bit to google.com and it works.

.htaccess
[spoiler]

BEGIN SUGARCRM RESTRICTIONS

RedirectMatch 403 ..log$
RedirectMatch 403 /+not_imported_.
.txt
RedirectMatch 403 /+(soap|cache|xtemplate|data|examples|include|log4php|metadata|modules|vendor|custom)/+.*.(php|tpl)
RedirectMatch 403 /+emailmandelivery.php
RedirectMatch 403 /+.git
RedirectMatch 403 /+.cache/
RedirectMatch 403 /+tests
RedirectMatch 403 /+RoboFile.php
RedirectMatch 403 /+composer.json
RedirectMatch 403 /+composer.lock
RedirectMatch 403 /+cache/+diagnostic
RedirectMatch 403 /+files.md5$

Options +SymLinksIfOwnerMatch Options -Indexes RewriteEngine On RewriteBase / RewriteRule ^cache/jsLanguage/(.._..).js$ index.php?entryPoint=jslang&modulename=app_strings&lang=$1 [L,QSA] RewriteRule ^cache/jsLanguage/(\w*)/(.._..).js$ index.php?entryPoint=jslang&modulename=$1&lang=$2 [L,QSA] RewriteRule ^cache/jsLanguage/(.._..).js$ index.php?entryPoint=jslang&module=app_strings&lang=$1 [L,QSA] RewriteRule ^cache/jsLanguage/(\w*)/(.._..).js$ index.php?entryPoint=jslang&module=$1&lang=$2 [L,QSA]
# --------- DEPRECATED --------
RewriteRule ^api/(.*)$ - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteRule ^api/(.*?)$ lib/API/public/index.php/$1 [L]
# -----------------------------

RewriteRule ^Api/(.*)$ - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteRule ^Api/access_token$ Api/index.php/access_token [L]
RewriteRule ^Api/V8/(.*?)$ Api/index.php/V8/$1 [L]
RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_URI} (.+)/$ RewriteRule ^ %1 [R=301,L] # END SUGARCRM RESTRICTIONS [/spoiler]

What else can I do in order to fix this?

Best
Sven

PS: Version 7.11.8, Debian 9, Plesk (nginx + apache)
PPS: I created the keys needed for v8 and I changed the Encryption key too.

After some more digging and googling it seems to be the same error as he has after the initial fix (upgradeAccess.php + .htaccess)
https://suitecrm.com/suitecrm/forum/installation-upgrade-help/27764-v8-api-s-giving-me-the-forbidden-error-403

Errorlog gives me:
[proxy_fcgi:error] … AH01071: Got error ‘Primary script unknown’

Hi,

I’m having the same issue here '/suitecrmApi/access_token 404 “File not found”

Centos 7 (7.7.1908), php 7.3.11, SuiteCRM 7.10.21 LTS

Was this issue fixed?

Thanks

Try running a Admin / Repairs / Rebuild htaccess

Please tell me if it solves anything. Thanks

It is not resolved yet.

I currently restrain from applying the filechanges (in 9 files) from the other thread, because I can not overlook what else might be affected.
I will just use the direct path to the api in the meantime and wait for an official patch.

Ok, but if we’re waiting for an official patch we need to make sure there’s an issue on GitHub for this, is there?

If there isn’t, can I ask you to please open one with all the details? Thanks

You said in this thread

So I expected the fix to find its way into the master branch. Am I correct?

If so, I wait for this to be published and if the problem persists, I will open up an issue on GitHub.

pgr, are you involved in development? When is the next patch going to be published?

Oh, so this is the same issue as that other thread? The .htaccess fix solves this here?

Yes that should already be part of 7.11.9, but it’s best to wait for 7.11.10.

It is coming out pretty soon - we’re past the “code freeze”, nothing new is going into it, but there is always an element of uncertainty here because it can only be released when it passes all the tests. We’re currently improving the test system itself, and some testing processes, so some things are still a bit in an evolving state, which doesn’t help with setting dates.

So: it’s certainly possible that it is coming out on Monday, but I can’t guarantee it.

You ask if I am involved in development - not directly, or only occasionally. I am a developer, so sometimes when the occasion is right I submit some patches myself: https://github.com/salesagility/SuiteCRM/pulls?utf8=✓&q=is%3Apr+author%3Apgorod but that is not my main assignment.

But I follow everything that goes on in GitHub and I am in constant contact with the Product Team. You could say I cooperate in the link between the Product Team and the Community.

Oh, so this is the same issue as that other thread? The .htaccess fix solves this here?

I don’t know if it does resolve this issue. Instead of changing 9 files back and forth (and possibly make a mistake or missing other related changes) I decided to wait. I think I nailed the issue down to .htaccess, which means I can use the API without rewrite in the meantime.

You could say I cooperate in the link between the Product Team and the Community.

Thank you for your great job there. I am evaluating to shift to SuiteCRM with two customers who use cloud CRM right now. Apart from the well rounded and feature rich core SuiteCRM and great extensions it is your support heavily tipping the scale.

1 Like

Update:

I upgraded to 7.11.10 (which changes the .htaccess) but still the issue persists. I opened an issue on GitHub

It does not work for me either.

System:
Debian 10
Apache 2.4.38
PHP 7.3.11
SuiteCRM 7.11.10

I’ve managed to get /Api/access_token to work by enabling mod_rewrite module and changing directive ‘AllowOverride None’ to ‘AllowOverride All’ in Directory for CRM installation (this steps are missing in SCRM’s docs, but maybe it is not direct relevance for the CMR).

However, any others /Api calls (e.g., /Api/V8/meta/swagger.json) don’t work.

Posted some logs and findings on Github (comment 1, 2)

Now it works, managed to get it work.

Problem 1: mod_rewrite module should be enabled; AllowOverride directive for SRCM in Directory directive change to All.

Problem 2: The path Api/V8/meta/swagger.json is incorrect in docs, it should be Api/docs/swagger/swagger.json.

Made pull requests to update docs.

More info see in my post here

2 Likes

Thanks for those Docs updates :tada: ! Let’s get this to the point where everybody can use the API with ease.

It’s an old thread but I might as well point to the solution.

I’m not sure if it has been merged as of now: