OData API - 401 Unauthorized
kbt142118
PRODUCTIssue
You are unable to access Odata API with an AAD account and a 401 Unauthorized error message appears.
Symptoms
In this case we had two security labels AAD & K2SQL. The K2SQL label was set to default in the HostServer.SecurityLabel table in the K2 Database and Basic authentication was enabled on the OData API.Resolution
To resolve this please do the following:
1. Disable Basic Authentication for the Odata in the IIS:
2. In the Odata APIs web config K2WebServicesAPISmartObjectService.ODataweb.config , add the DefaultSecurityLabel key to it pointing to AAD:
<add key="DefaultSecurityLabel" value="AAD" />
3. Setup AAD consent as described here:
http://help.k2.com/onlinehelp/k2five/userguide/5.1/default.htm#K2-Management-Site/Integration/APIs.htm%3FTocPath%3DAdminister%7CK2%2520Management%7CIntegration%7CAPI%2520Configuration%7C_____0