10-19-2018 05:02 AM
Since we upgraded the API to the latest (1.0.312.0) we have the problem that every day or so we get a 401 Unauthorized response for every request.
If we restart IIS it's good again, for about a day.
The strange thins is, we still see the old verison number (1.0.279.0) in the main api page. I've ran the AWAUpdater.exe in the old folder (updateactwebapi_v1.0.279.0) but the problem still exists.
What can we do about this very annoying behaviour? This way the API is just unusable for us.
11-02-2018 07:51 AM
If 1.0.279.0 still exists on the main API page, than the installer did not execute correctly. The installer you ran should have been updateactwebapi_v1.0.312.0.exe.
download from here: https://www.act.com/download/download-act!-premium-v20
When update the API there is an import asymmetric cryptography key that is used to generate JWT tokens. If you depend on previously generated refresh tokens, you will need to preserve the existing asymmetric key. It will invalid all previously generated tokens. The key is located in the API web.config file in the appSettings.
<add key="BearerKey" value="kXWVs..." />
Other issues that may cause a 401.
1. Database is not registered in the Admin.XML file (Only on ActForWeb) not on Act Premium.
2. IIS configuration.
a. API application pool needs the Identity to be NetworkServices.
b. Enable 32-Bit Application - Act! SDK requires to run in 32 bit mode.
3. Act has not granted the user permission to the API. "Web API Access" Permissions. Make sure Act is displaying the role for the user.
Check on Standard uses, on administrator user, the role is hidden below a unscrollable list control (bug). If the "Web API Access" shows on standard users it will be there for Administrators as well.