Thanks Jason for both V1 and V2 examples.

Very, very helpful.

I'm curious about this one:

"https://api.anaplan.com/2/0/workspaces"

I tried it recently and confirm it with R&D: this endpoint doesn't exist in 2.0

Did you manage to make it work or is it a mistake ? 

I actually had a conversation with my rep today. the endpoint Workspace does return a result, however what I was told is that the result may not reliable. 

Also the endpoint of models that works in version 1/3 does not work at all in version 2. 

it was nice to be able to see all those values without have to open up the model.  Not sure why it is not current available. 

Hello Jason,

I'm just starting with certificates, and am a bit struggling there.

I already collected my certificate from my CA and imported it in Anaplan Administration.

So I have the following files:

- userAnaplan.cnf: the config file that helped me generate my private Key file and my CSR

- userAnaplan.csr: the CSR generated from the CNF file

- userAnaplan.key: the private key file generated from the CNF file

- userAnaplan.p7b: the certificate issued by my CA based on the CSR

- userAnaplan.pem: the certificate extracted from the P7B file

And now I want to do a first login to Anaplan API, using the auth.anaplan.com/token/authenticate URI.

I already managed to get a token using a username and password, but struggle with the certificate.

I downloaded your Postman sample, but could you detail a little more please how do you generate the data for the different fields:

- {{ca cert value}}

- encodedData

- encodedSignedData

Which command lines or tools do you use to generate the base64 versions of the data using the files above?

Thanks a lot,

FX

 I also have a Java solution as well. 

Hello,

Based on your code samples, I tried to create a Postman pre-request script that allows me to generate the authentication header.

However, Anaplan keeps sending me back a 401 (FAILURE_BAD_CREDENTIAL).

Here is my request:

POST /token/authenticate HTTP/1.1
Host: auth.anaplan.com
Authorization: CACertificate {{anaplan_certificate}}
Content-Type: application/json

{
    "encodedData": {{anaplan_encodedString}},
    "encodedSignedData": {{anaplan_signedString}}
}

And here is my pre-request script:

function randomString(length, chars) {
    var result = '';
    for (var i = length; i > 0; --i) result += chars[Math.floor(Math.random() * chars.length)];
    return result;
}

var randomString = randomString(150, '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ');
var signedString = CryptoJS.HmacSHA512(randomString, pm.environment.get("anaplan_secretkey"));

pm.environment.set("anaplan_encodedString", btoa(randomString));
pm.environment.set("anaplan_signedString", btoa(signedString));

The Postman environment variable "anaplan_certificate" contains the content of my certificate file, without "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" and where I removed all CR and LF characters. It's basically just a very long string looking like "MIIFHzCCBAegAwIBA.............EWmQjqsbcj2zY09pew==".

The Postman environment variable "anaplan_secretkey" contains the content of my certificate file, without "-----BEGIN PRIVATE KEY-----" and "-----END PRIVATE KEY-----" and where I removed all CR and LF characters. It's basically just a very long string looking like "MIIEvQIBADANBgk.............RtgkrHJ+SKp/EFH2PhBx1xjE=".

The certificate is correctly imported on my Anaplan administration console too.

Any idea on what I am doing wrong?

Thanks for your help,

FX

Hello @Jason_C  and @anirudh 

By any chance do you have any clue on what I should do so the Postman script to login with certificate that I posted just before would work?

I suspect CryptoJS.HmacSHA512 to give me a wrong value, but I'm really not sure.

Thanks a lot,

FX

Hello FX,

Can you confirm that the value you have for "anaplan_certificate"

Authorization: CACertificate {{anaplan_certificate}}

is something like :

"MIIFHzCCBAegAwIBA.............EWmQjqsbcj2zY09pew=="

?

If so, then you need to correct that by getting the string value of the base64 version of that string.

Usually you should have a string value starting with "LS0..."