[SOLVED] Jive REST API returning {"code":401,"message":"Bad credentials"} using Basic Auth

Jive REST API returning {"code":401,"message":"Bad credentials"} using Basic Auth

This may not be specific to the Jive API, but to basic auth in general.

This is NOT a federated account.

I'm attempting a simple request to the Jive REST API v3 with cURL:

curl --include --verbose --user {USERNAME}:{PASSWORD} 'https://sandbox.jiveon.com/api/core/v3/search/contents?filter=search(test)'

I also tried:

curl -v -u USERNAME "https://sandbox.jiveon.com/api/core/v3/contents?count=100&startIndex=200"

I can login to the UI with my credentials (and regardless, I have "Full Access" rights anyway). Why is a 401 being thrown? Is my authentication malformed?

Here's the example I'm following:

https://developer.jivesoftware.com/rest

And here's the relevant results:

Trying 23.221.10.251...
Connected to sandbox.jiveon.com (23.221.10.251) port 443 (#0)
TLSv1.0, TLS handshake, Client hello (1):
TLSv1.0, TLS handshake, Server hello (2):
TLSv1.0, TLS handshake, CERT (11):
TLSv1.0, TLS handshake, Server finished (14):
TLSv1.0, TLS handshake, Client key exchange (16):
TLSv1.0, TLS change cipher, Client hello (1):
TLSv1.0, TLS handshake, Finished (20):
TLSv1.0, TLS change cipher, Client hello (1):
TLSv1.0, TLS handshake, Finished (20):
SSL connection using TLSv1.0 / AES128-SHA
Server certificate:
     subject: OU=Domain Control Validated; OU=COMODO SSL Wildcard; CN=*.jiveon.com
 start date: 2014-06-23 00:00:00 GMT
 expire date: 2015-07-31 23:59:59 GMT
 subjectAltName: sandbox.jiveon.com matched
 issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO SSL CA 2
 SSL certificate verify ok.
Server auth using Basic with user 'USERNAME OMITTED HERE'
GET /api/core/v3/contents?count=100&startIndex=200 HTTP/1.1
Authorization: Basic xxxxxxxxxxxxxxxxxx= (I verified this decoded properly in base64)
User-Agent: curl/7.41.0
Host: sandbox.jiveon.com
Accept: */*

HTTP/1.1 401 Unauthorized

Solution

For anyone that stumbles across this, the user/password credentials were fine - I was just sending the request to the wrong instance https://sandbox.jiveon.com. This is for a client who's migrating from Jive, and we were provided user accounts on the UAT instance, but it appears that you cannot receive responses from the sandbox instance with this type of account.

Sending the request to https://{OUR JIVE ORG URL}/api/core/v3 worked fine.