Create a Document using Postman HTTP API request

AzureGuru 40 Reputation points
2024-05-30T20:13:42.62+00:00

I need to create a new document to my Azure Cosmos database container. The database name is mydb and container name is mycontainer. However, I get below response:

{"code":"Unauthorized","message":"The input authorization token can't serve the request. The wrong key is being used or the expected payload is not built as per the protocol. For more info: https://aka.ms/cosmosdb-tsg-unauthorized. Server used the following payload to sign: 'post\ndocs\ndbs/mydb/colls/mycontainer\nthu, 30 may 2024 19:58:15 gmt\n\n'\r\nActivityId: 66576818-49fa-4f99-8025-c967f67911dd, Windows/10.0.20348 cosmos-netstandard-sdk/3.18.0"}

My Postman request:

POST https://recently-viewed-dev.documents.azure.com/dbs/mydb/colls/mycontainer/docs

Headers:

x-ms-date: Thu, 30 May 2024 19:58:15 GMT

x-ms-version: 2018-12-31

Authorization: type%3Dmaster%26ver%3D1.0%26sig%3D%2Bw%........%2BTbL5xfZPxY5WLKfQ%2B%2B6LSI%3D

The Javascript code to generate the token is below. I noticed above payload to sign doesn't have docs in the end, but my Javascript does use full endpoint URL including docs in the end. Why am I getting Unauthorized response?

const fs = require("fs").promises;
require("dotenv").config();
const key = process.env.COSMOS_KEY || "<cosmos key>";
const endpoint = process.env.COSMOS_ENDPOINT || "<cosmos endpoint>";
var crypto = require("crypto");
  
function getAuthorizationTokenUsingMasterKey(verb, resourceType, resourceId, date, masterKey) {  
    var key = Buffer.from(masterKey, "base64");  
  
    var text = (verb || "").toLowerCase() + "\n" +   
               (resourceType || "").toLowerCase() + "\n" +   
               (resourceId || "") + "\n" +   
               date.toLowerCase() + "\n" +   
               "" + "\n";  
  
    var body = Buffer.from(text, "utf8");  
    var signature = crypto.createHmac("sha256", key).update(body).digest("base64");  
  
    var MasterToken = "master";  
    var TokenVersion = "1.0";  
    return encodeURIComponent("type=" + MasterToken + "&ver=" + TokenVersion + "&sig=" + signature);  
}
const verb = 'POST';
const resourceType = 'docs';
const resourceId = 'dbs/mydb/colls/mycontainer/docs';
const date = new Date().toUTCString();
const token = getAuthorizationTokenUsingMasterKey(verb, resourceType, resourceId, date, key);
console.log('Authorization token:', token);
console.log('Current date:', date);
Azure Cosmos DB
Azure Cosmos DB
An Azure NoSQL database service for app development.
1,501 questions
0 comments No comments
{count} votes

Accepted answer
  1. GeethaThatipatri-MSFT 28,537 Reputation points Microsoft Employee
    2024-05-30T21:15:51.1666667+00:00

    @AzureGuru Thanks for posting your question on Microsoft Q&A forum.

    Can you check with the sample provided here https://github.com/sajeetharan/CosmosDBPostmanGuide

    Regards

    Geetha

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
  1. AzureGuru 40 Reputation points
    2024-05-31T17:28:17.0233333+00:00

    I followed your Github sample step-by-step. Thanks for detailed documentation. It works great. I have successfully created my document in my Azure Cosmos database.

    In Azure Cosmos DB REST API, I must provide "id" attribute in my JSON data input, otherwise, I'll get "Bad Request" response code. In Javascript SDK, the "id" attribute isn't required in data input, and the Cosmos DB will generate system id automatically. Why DB REST API behaves differently than Javascript SDK?

    Thank you!

    0 comments No comments