Dear colleagues, I try to add item to a collection by rest api but I get
the following error:
Note: Unnecessary use of -X or --request, POST is already inferred.
* Trying 10.220.16.19...
* TCP_NODELAY set
* Connected to 10.220.16.19 (10.220.16.19) port 8080 (#0)
> POST
/server/api/core/items?owningCollection=7ef17dc4-9504-449b-9417-88a10af447e9
HTTP/1.1
> Host: 10.220.16.19:8080
> User-Agent: curl/7.61.1
> Content-Type: application/json
> Accept: application/json
> Authorization: Bearer
eyJhbGciOiJIUzI1NiJ9.eyJlaWQiOiJmOWMzMTA1YS1mOTEzLTQxYWItYjUzMy1jNDM2MTIyOGU2MTgiLCJzZyI6W10sImF1dGhlbnRpY2F0aW9uTWV0aG9kIjoicGFzc3dvcmQiLCJleHAiOjE3NDEwNzk2Nzh9.qHJp_DlzTGUNFQQhnw7TdmRO74lkQ0oOiE-7dLGv5Oo
> X-CSRF-TOKEN: 22ca855a-46a2-4f2f-9795-1e2a8ac30bcf
> Content-Length: 260
>
* upload completely sent off: 260 out of 260 bytes
< HTTP/1.1 403
< Vary: Origin
< Vary: Access-Control-Request-Method
< Vary: Access-Control-Request-Headers
* Added cookie DSPACE-XSRF-COOKIE="dfa26213-89c7-4856-a8dc-5d406959f562"
for domain 10.220.16.19, path /server, expire 0
< Set-Cookie: DSPACE-XSRF-COOKIE=dfa26213-89c7-4856-a8dc-5d406959f562;
Path=/server; HttpOnly; SameSite=Lax
< DSPACE-XSRF-TOKEN: dfa26213-89c7-4856-a8dc-5d406959f562
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: 0
< X-Frame-Options: DENY
< Content-Type: application/json;charset=UTF-8
< Transfer-Encoding: chunked
< Date: Tue, 04 Mar 2025 08:50:52 GMT
<
* Connection #0 to host 10.220.16.19 left intact
{"timestamp":"2025-03-04T08:50:52.775+00:00","status":403,"error":"Forbidden","message":"Access
is denied. Invalid CSRF token.","path":"/server/api/core/
------------------------------------------------------------------------------------------------
Authorization and receipt of Bearer is successful.
My request:
curl -v -X POST
"http://10.220.16.19:8080/server/api/core/items?owningCollection=7ef17dc4-9504-449b-9417-88a10af447e9";
\
-b "$COOKIE_FILE" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer
eyJhbGciOiJIUzI1NiJ9.eyJlaWQiOiJmOWMzMTA1YS1mOTEzLTQxYWItYjUzMy1jNDM2MTIyOGU2MTgiLCJzZyI6W10sImF1dGhlbnRpY2F0aW9uTWV0aG9kIjoicGFzc3dvcmQiLCJleHAiOjE3NDEwNzk2Nzh9.qHJp_DlzTGUNFQQhnw7TdmRO74lkQ0oOiE-7dLGv5Oo"
\
-H "X-CSRF-TOKEN: 22ca855a-46a2-4f2f-9795-1e2a8ac30bcf" \
-d @- <<EOF
{
"metadata": {
"dc.title": [
{
"value": "Test Item Title",
"language": "en"
}
],
"dc.contributor.author": [
{
"value": "John Doe",
"language": "en"
}
]
},
"inArchive": true,
"discoverable": true
}
EOF
-----------------------------------------------------------------------------
another request:
curl -v -X POST --data "user=xx%40xx.com&password=xxx"
"https://xxx/server/api/authn/login"; -H "X-XSRF-TOKEN: {csrf-token}"
--cookie "DSPACE-XSRF-COOKIE={csrf-token}"
curl -v -X POST
'https://url/server/api/core/items?owningCollection=acf7c773-f2bb-47e4-8c55-e6e8fd086dec'
-H 'X-XSRF-TOKEN: {csrf-token}' --cookie 'DSPACE-XSRF-COOKIE={csrf-token}'
-H 'Authorization: Bearer
eyJhbGciOiJIUzI1NiJ9.eyJlaWQiOiI1ODg4MzU2NC00ZmFmLTQxY2QtYmY1Ny1iNTJiOWY2M2FhYjIiLCJzZyI6W10sImF1dGhlbnRpY2F0aW9uTWV0aG9kIjoicGFzc3dvcmQiLCJleHAiOjE3NDEwNzU4NTJ9.DMbDPALjb5c8sC20D3rB5fXTC7wr33bCX3DwKB0wDps'
-H 'Content-Type:text/uri-list' --data 'item.json'
{
"name": "Practices of research data curation in institutional
repositories: A qualitative view from repository staff",
"metadata": {
"dc.contributor.author": [
{
"value": "Stvilia, Besiki",
"language": "en",
"authority": null,
"confidence": -1
}
],
"dc.title": [
{
"value": "Practices of research data curation in institutional
repositories: A qualitative view from repository staff",
"language": "en",
"authority": null,
"confidence": -1
}
],
"dc.type": [
{
"value": "Journal Article",
"language": "en",
"authority": null,
"confidence": -1
}
]
},
"inArchive": true,
"discoverable": true,
"withdrawn": false,
"type": "item"
}
curl -i -X POST
'https://url/server/api/core/items?owningCollection=acf7c773-f2bb-47e4-8c55-e6e8fd086dec'
-H 'X-XSRF-TOKEN: {csrf-token}' --cookie 'DSPACE-XSRF-COOKIE={csrf-token}'
-H 'Authorization: Bearer
eyJhbGciOiJIUzI1NiJ9.eyJlaWQiOiI1ODg4MzU2NC00ZmFmLTQxY2QtYmY1Ny1iNTJiOWY2M2FhYjIiLCJzZyI6W10sImF1dGhlbnRpY2F0aW9uTWV0aG9kIjoicGFzc3dvcmQiLCJleHAiOjE3NDEwNzU4NTJ9.DMbDPALjb5c8sC20D3rB5fXTC7wr33bCX3DwKB0wDps'
-H 'Content-Type:text/uri-list' --data 'item.json'
HTTP/1.1 400
Date: Tue, 04 Mar 2025 07:49:38 GMT
Server: Apache/2.4.37 (Oracle Linux Server) OpenSSL/1.1.1k
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Language: en,ru
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://url --
Access-Control-Allow-Methods: GET, POST, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: Content-Type, Authorization, x-referrer,
x-correlation-id, x-xsrf-token
Access-Control-Allow-Credentials: true
Connection: close
Transfer-Encoding: chunked
{"timestamp":"2025-03-04T07:49:38.658+00:00","status":400,"error":"Bad
Request","message":"An exception has
occurred","path":"/server/api/core/items"}
------------------------------------------------------------------
used
documentation: https://github.com/DSpace/RestContract/blob/main/items.md
and
curl -i -X POST
https://demo.dspace.org/server/api/core/items?owningCollection=1c11f3f1-ba1f-4f36-908a-3f1ea9a557eb
\
-H "Content-Type:text/uri-list" \
--data
"https://demo.dspace.org/server/api/integration/externalsources/orcid/entryValues/0000-0002-4271-0436";
Help me please. How to add item to collection by rest api?
Best regards,
Alex
DSpace 7.6, REST API 7.6
--
All messages to this mailing list should adhere to the Code of Conduct:
https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx
---
You received this message because you are subscribed to the Google Groups
"DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to dspace-tech+unsubscr...@googlegroups.com.
To view this discussion visit
https://groups.google.com/d/msgid/dspace-tech/602a879d-566c-472c-93a2-e136e805ab0bn%40googlegroups.com.
