IBM Watson error: Access is denied due to invalid credentials - ibm-watson

I am trying to integrate Watson discovery into my Watson assistant chatbot by following an IBM course on EDX. I followed the course instructions but when I add Watson discovery to my chatbot my web hooks returned this:
{"result":{"err":"Access is denied due to invalid credentials."}
When I expected something like this:
{"result":{["courses":"Data Science", "courses":"Ibm"]}
My serverless.yml file looks something like this:
custom:
package: lab4
discovery:
username: apikey
password: aaaaaaaaa
environmentId: aaaaaaa
collectionId: aaaaaaa
url: https://gateway-lon.watsonplatform.net/discovery/api
intent: course_recommendation # DO NOT CHANGE
Could anyone please guide me to where I went wrong and please tell me if you need to see any other code.
Thank you.

As the error message indicates the API Key that you are using is incorrect for the endpoint that you are using. This normally indicates that either your key is incorrect or that you are using an incorrect url.
I am guessing that you have only recently created a Discovery service instance, in which case I would expect the endpoint to look something like:
https://api.us-south.discovery.watson.cloud.ibm.com
or
https://api.eu-gb.discovery.watson.cloud.ibm.com
depending on where you deployed your instance.
You can determine what your endpoint should be, from the someplace you got your APIKey. If you can't see your endpoint there, then I suspect that you will also have the wrong APIKey.

Related

Get vpcID and dedicated loadbalancerID in Mulesoft Anypoint platform cloudhub

I want to run this command for retrieveing ciphers of the cloudhub dedicated loadbalancer in Mulesoft.
https://anypoint.mulesoft.com/cloudhub/api/organizations/{myORgID}/vpcs/{myVPCID}/loadbalancers/{myLoadbalancerID}.
I have added the bearer authorization header.
I have the organisation ID but I cannot find the myPVCID and cannot find the myLoadbalancerID.
I allready tried it with anypoint-cli:
cloudhub vpc describe production-netherlands-vpc
cloudhub load-balancer describe production-netherlands
But this only gives me a name and details about the configuration, but it does not give me the loadbalancerID and vpcID which is something in this format 24ad4887e4b0623a74a35feb.(just an example numbers are changed because of security)
Spent hours to find out but with no success.
When I try it and use the names of the vpc and loadbalancer instead of the IDs then the query in curl of postman returns something like this.
{
"status": 404,
"message": "null for uri: null"
}
I can run this command without a problem, but this is not what I need:
https://anypoint.mulesoft.com/cloudhub/api/organizations/{myOrgID}/loadbalancers/ciphersuites
So how to resolve the vpcID and the loadbalancerID ?
yes I have found it. These vpcId and the loadbalancerID are available in the URL of the Anypoint cloudhub web console.
Maybe somebody else find this info usefull, because these ID's are hard to find.
Strange Mulesoft is not publishing them with the Anypoint-CLI cloudhub vpc describe command.

Connecting to SnowSQL Client using Snowflake Credentials

I have successfully installed SnowSQL Client version 1.2.5 and while trying to get log into my snowflake account, using account id, username and password, I am somehow unable to connect and get following error:
snowsql unable to log in
This appears to be networking issue. Have you tried to set that debug logging as directed?
To assist in situations like this, Snowflake has a tool which could help you determine if your client host is able to access all required network endpoints for your Snowflake account, it's called SnowCD, the documents are here and the installation is fairly straightforward:
https://docs.snowflake.com/en/user-guide/snowcd.html
I'd recommend trying SnowCD as your first step, the next step would be to review any required proxy settings your organization might have. I'd also double-check your "account name" argument, the URL looks OK to me but there is a nice writeup on the account name construction at this link:
https://docs.snowflake.com/en/user-guide/connecting.html#your-snowflake-account-name
I hope this helps...Rich
THANKS Rich for doing some R&D and sharing proposals. I got successfully logged into snowsql by providing my account id till ".aws". Hope it will help others struggling so far, like myself:
https://docs.snowflake.com/en/user-guide/getting-started-tutorial-log-in.html
demo log in

IBM Watson Visual Recognition: Received invalid status in 403 in getAllCollections response for guid (...) at endpoint (...)

I am using IBM Watson Visual Recognition for a custom model. I have uploaded my dataset as .zip files, which is fine so far. However, I cannot train the model. When I go on my Watson services, it says:
Error fetching custom collections: Error in Watson Visual Recognition service: Recieved invalid status 403 in getAllCollections response for guid crn:v1:bluemix:public:watson-vision-combined:us-south:a/649b0335a5a44f6d80d1fd6909e466f9:8a71daa3-b0be-42ac-bb72-1473de835c19:: at endpoint https://gateway.watsonplatform.net/visual-recognition/api/
When I try to train the model, it says:
"Error in Watson Visual Recognition service: Request Entity Too Large"
To the best of my knowledge, I have checked Google and StackOverflow for solutions, but didn't find any. I am using the Lite version. I only have one project, and one Visual Recognition instance. Please note that it worked for a different Visual Recognition model before, but later I could not use or access that model. So I deleted the older, trained model and tried to create a new one with the above mentioned error.
Does anyone know a solution?
Thanks for your interest in Visual Recognition.
HTTP 403 is a standard HTTP status code communicated to clients by an HTTP server to indicate that access to the requested (valid) URL by the client is Forbidden for some reason. It indicates some problem with your account access.
The "Request Entity Too Large" is a bit misleading, it happens sometimes when the error should be a 403 on POST requests, like training.
As a lite plan user, you may have used up your free credits for the month, for example.
You should double check that you are providing the correct credentials, and check the usage dashboard of your IBM Cloud account, which is described here: https://cloud.ibm.com/docs/billing-usage?topic=billing-usage-viewingusage
If this does not resolve your problem, you can open a support request here https://www.ibm.com/cloud/support

Access denied due to invalid subscription key (Face API)

I am having trouble using Microsoft Face API. Below is my sample request:
curl -v -X POST "https://westus.api.cognitive.microsoft.com/face/v1.0/detect?returnFaceId=true&returnFaceLandmarks=false&returnFaceAttributes=age,gender" -H "Content-Type: application/json" -H "Ocp-Apim-Subscription-Key: 1xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxd" --data-ascii "{\"url\":\"http://www.mrbeantvseries.co.uk/bean3.jpg\"}"
I use the subscription id from my cognitive services account and I got below response:
{
"error": {
"code": "Unspecified",
"message": "Access denied due to invalid subscription key. Make sure you are subscribed to an API you are trying to call and provide the right key."
}
}
Not sure if I've missed out anything there. Can someone help me on this? Very much appreciated.
I ran into the same problem. I read the API documentation and it states the following.
You must use the same region in your REST API call as you used to obtain your subscription keys.
First, you must find the location of your subscription.
In order to find the location of your subscription region, you must go to Cognitive Services -> Properties under the Label Location, you will find your subscription region.
See below.
Second you must find the correct endpoint to make the call to.
For example, if I want to make a call to the Computer Vision API,
My location is East US, I will use either key 1 or 2, then I will use the following endpoint
East US - https://eastus.api.cognitive.microsoft.com/face/v1.0/detect
You will now be able to have access to the API.
It appears that you've entered your Azure subscription ID instead?
In the Azure portal, you can find the API key under 'Keys', shown below:
It will be a 32-digit hexadecimal number, no hyphens.
I had faced the same issue, it seems like there is some problem with the keys generated newly. To fix this you can actually add your endpoint as well, when you create the object for IFaceServiceClient. You can see the code below.
private readonly IFaceServiceClient faceServiceClient = new FaceServiceClient("your key", "Your endpoint");
CesarB is correct. You must create a Resource of Cognitive Service in Azure first and then get the subscription key from it.
the region is not always 'westus', it really depends on what region you select when you created the resource. You can also check it on the endpoint of overview of the Resource
I ran into a similar problem. I figure it might be helpful to some people, so I am posting it here. (btw Azure support points me to this post here)
I was trying to run through the sample file for ImageSearch of Azure. I was refering to these pages:
https://learn.microsoft.com/en-us/azure/cognitive-services/bing-image-search/quickstarts/csharp
https://learn.microsoft.com/en-us/azure/cognitive-services/bing-image-search/quickstarts/client-libraries?tabs=visualstudio&pivots=programming-language-csharp
https://github.com/Azure-Samples/cognitive-services-dotnet-sdk-samples/blob/master/BingSearchv7/BingImageSearch/quickstart/bing-image-search-quickstart-csharp.cs
I was receiving a mixture of 404 Not Found error & 401 unauthorized error when send requests to the Bing Search resource, using
Microsoft.Azure.CognitiveServices.Search.ImageSearch. I figure it must be something wrong with either my credentials or my endpoints.
After struggling with it for hours, reading through posts and talking to Azure support member, I finally find the problems:
The base Uri Endpoint I was assigned on the Azure Keys & Endpoints webpage is incomplete. (https://api.bing.microsoft.com/)
The base Uri Endpoint on the sample tutorial pages was outdated because of the 2020.10.30 transition between Cognitive Services to Bing Search Services. (https://api.cognitive.microsoft.com/bing/v7.0/images/search)
As of 2021.09.22, the correct global base Uri Endpoint for Bing Image Search is:
https://api.bing.microsoft.com/v7.0/images/search
Hope this would be helpful to anyone and save mankind some time.
Endpoint
https://westeurope.api.cognitive.microsoft.com/face/v1.0
Endpoint and the subscription key must be consistent.
look at Microsoft Overview for this info!

Solr authentication (using Django Haystack)

My solr service works without HTTP authentication, but my webhost provides it and I'd like to take advantage of it.
I've been given a username and password to access my solr service by dotcloud in the form of a url:
'http://dotcloud:XXXXXXXXXXXXXXXXXXXX#gigsmash-teamfoobar.dotcloud.com/solr/'
When I point my browser to this address, it works just fine.
In my settings.py file I have the following line:
HAYSTACK_SOLR_URL = 'http://dotcloud:XXXXXXXXXXXXXXXXXXX#gigsmash-teamfoobar.dotcloud.com/solr/'
but when I run ./manage.py build_solr_schema, I get the following error:
ValueError: invalid literal for int() with base 10: 'XXXXXXXXXXXXXXXXXX#gigsmash-teamfoobar.dotcloud.com'
I don't have any problem building a schema if I remove the URL, but then I am unable to build an index ("Error 401: UNAUTHORIZED") which, of course, makes sense.
I can't find anything in the haystack docs that talks about authentication. This seems like something that would be solved by an extra couple of lines in settings.py like:
HAYSTACK_SOLR_USER = 'dotcloud'
HAYSTACK_SOLR_PSSWD = 'XXXXXXXXXXXXXXXXXXX'
but, no dice. A complete list of the Haystack settings reveals nothing along those lines: http://docs.haystacksearch.org/dev/settings.html .
Any ideas??
Thanks.
I ran into the same issue on dotcloud. The error actually isn't in Haystack -- it's in pysolr. Pysolr assumes that if there's a colon in the url, everything after it must be a port number.
One short term fix would be to use the following config on your dotcloud solr service to disable authentication:
config:
solr_authentication: false
I would only do this in a dev environment and if you have data up there that isn't sensitive (since anybody could get to that url). The ultimate solution is to patch pysolr.

Resources