Join the free virtual developer conference on knowledge graphs and AI. This year's themes are: applications, AI engineering, data intelligence, graphs, and architecture.
I've done this using APOC with several other APIs, and typically it's something like this
WITH "http://myapiserverurl:9399/api/sessionMngr/?v=latest" as url,"mybase64encodedcredentials" as token
CALL apoc.load.jsonParams(url,{Authorization:" Basic "+token,Accept:"application/json"}) yield value
RETURN value
and away I go.
However I kept getting a 401 (unauthorized) error.
Reading their documentation it says I must perform a POST to get the session token, so I tried that:
WITH "http://myapiserverurl:9399/api/sessionMngr/?v=latest" as url,"mybase64encodedcredentials" as token
CALL apoc.load.jsonParams(url,{Authorization:" Basic "+token,method:"POST"},null) yield value
RETURN value
This results in an error: Neo.ClientError.Procedure.ProcedureCallFailed: Failed to invoke procedure apoc.load.jsonParams: Caused by: java.lang.RuntimeException: Can't read url or key http://myapiserverurl:9399/api/sessionMngr/?v=latest as json: cannot write to a URLConnection if doOutput=false - call setDoOutput(true)
The POST method of apoc.load.json Params requires a "Query" instead of the null entry. But I'm not actually wanting to query anything, I just want to POST to this URL with the authorization header, so I can get my session token back to use to query the system.
Further investigation reveals that in addition to the "POST" method, the session token I need to further query is not in the JSON response, but within the HTTP header data. I don't think the APOC functions have a method to retrieve HTTP header data do they?
It's looking like I'm going to be stuck performing this with 2 methods.. powershell to query for the session token, then inject (find/replace) the session ID and validation token into the cypher code and use the apoc.load.json to collect data after that.
I didn't solve this using apoc. I have since moved most of my Cypher/neo4j jobs over to Pentaho/kettle.
So I'm using the apoc/json function a little less these days, and moved those to a "REST Client" task within a transform function, which then I get the response header, extract the parameters (like an auth token for example), then I pass it on as parameters (property values map, which you can parse using UNWIND within the Cypher statement) to a followup step that is a Cypher statement.
This solved another issue for me, that is that I don't have to pass any "credentials" within CYPHER, since I'm protecting credentials and tokens and they are encrypted and extracted in a step outside the actual CYPHER statements.
