Authentication Error in Google Apps Script

Tagged:

Currently contains 2 posts

Avatar

November 03, 2021 21:08

sbradford

Edit: The forum appears to be truncating some of the code I pasted below. Let me know if I need to send it somewhere directly. Thanks.

I am developing an application using Google Apps Script, but keep running into the same authentication error. My process is to 1) retrieve a valid API session via the /access-token endpoint, and then 2) execute a search using that session ID via the /candidates endpoint. I’ve redacted sensitive information below for obvious reasons, but here is my Gscript code to acquire the session ID:

//Retrieve a valid API session

var response = JSON.parse(UrlFetchApp.fetch(“https://www2.pcrecruiter.net/rest/api/access-token/?Username=******&Password=*******&DatabaseId=************&ApiKey=***********&AppId=*”).getContentText());
//From the response data, pull out the SessionId value
var sessionID = response.SessionId;
Logger.log("API session ID = " + sessionID)

This works exactly as intended, and returns a legitimate session ID each time. Now, I’ll try to do the a name search:

var response = JSON.parse(UrlFetchApp.fetch(“https://www2.pcrecruiter.net/rest/api/candidates/?SessionID=” + sessionID + “&Query=FirstName%20co%20John%20AND%20LastName%20co%20Edwards%20AND%20State%20eq%20CA&ResultsPerPage=100”).getContentText());

Logger.log(response); However, this always returns the following error: { “errors”: " at Microsoft.VisualBasic.ErrObject.Raise(Int32 Number, Object Source, Object Description, Object HelpFile, Object HelpContext)\r\n at CGI4VB.Check_Session_Timestamp(eSESSIONID_USAGE_TYPE sessionid_usage, eSESSION_VALIDATION_OPTIONS sessionValidation) in D:\\LIVE\\Source\\CGI4VB\\CGI4VB.vb:line 6194\r\n at CGI4VB.Closure$604-0._Lambda$0() in D:\\LIVE\\Source\\CGI4VB\\CGI4VB.vb:line 4310\r\n at CGI4VB.LoadIni(String SessionIdentifier, Boolean plainTextDBId, eSESSION_VALIDATION_OPTIONS sessionValidation, eSESSIONID_USAGE_TYPE sessionid_usage, String username, Boolean idIsBase32, Boolean allowloadreginternal) in D:\\LIVE\\Source\\CGI4VB\\CGI4VB.vb:line 4385\r\n at DataHandlerExtension.DAL.DataHandlerHelper.AuthorizeRequest(String SessionId, String LanguageCode, eSESSIONID_USAGE_TYPE sessionUsage, Boolean nosession, Boolean novalidate, Boolean base32) in D:\\LIVE\\Source\\WebServices\\REST\\DataHandlerExtension\\DAL\\DataHandlerHelper.cs:line 570\r\n at PcrRestApi.App_Start.CustomMessageHandler.\u003cSendAsync\u003ed13.MoveNext() in D:\\LIVE\\Source\\WebServices\\REST\\PcrRestApi\\AppStart\\RequestHandler.cs:line 248"

}

I’m sure there is some basic understanding I am missing, but could really use some help in pinpointing what I’m doing wrong. Thanks!

Avatar

November 08, 2021 16:36

sbradford

Solution:
For anyone who may be experiencing issues where you are able to successfully retrieve a Session Id but then all subsequent calls using that Session Id fail, take note of the IP addresses your application is using to send the request. If you retrieve your Session Id using one IP and try to send a request using a different IP, the request will fail, due to a security measure PCR has built in.

If you’re using Google Apps Script (or a similar service) that randomly rotates through IP’s for requests, you’ll need to whitelist all possible IP’s in your PCR “System > Security > Whitelist these IP addresses” screen.

Hope this helps someone else out in the future!

Reply to thread