Resin request error: Unauthorized and data loss

Hello. For some reason I am getting Resin.request.error: Unauthorized when I try to update the device tags. Firstly, I spotted it on node.js sdk and after that I am experiencing it on the python one. So the major problem after this is that I tried to update the tags with your API directly and I end up having ruined all tags for 100 devices. The API I used:$filter=tag_key eq ‘’ When testing locally, I change the tag succesfully but when I started it in a python script which began updating them I ended up making all tags with one value… This is the request I am making:

data = json.dumps({“device”: str(device_id), “value”: str(tag_value)})
response = requests.patch(
headers={“content-type”:“application/json”,“Authorization”:“Bearer {}”.format(auth_token)},
data = data

Can we somehow revert to yesterday backup? (if there is such)

Taking a look at this now. I don’t believe we have a way to restore tag values that have been overridden by the API, but I am checking with the team. We can take a look at the script to see where the issue might have occurred, can you share what update_existing_tag_url does?

1 Like

update_existing_tag_url = “$filter=tag_key eq ‘{}’” This is a variable for the API url I used.

The issue with the script may be that the spaces in the request are not URI encoded (%20), so everything after tag_key is lost.

We’re still investigating our options for recovery, but for future use we strongly recommend testing any scripted API calls on non-production devices, as these types of errors can inadvertently cause major configuration changes.

Agree. I used it on a non-production before that with the same url. Isn’t it parsing the space to %20 by default?

Yes, after looking at it a bit more that’s probably not the issue. If you run a similar script using a GET request rather than a PATCH, are you able to correctly narrow down to specific devices?

Yes. I am getting tags information on this url:

BTW do you know why am I getting Unauthorized when I update tags through the sdks?

Do you know if you’re using a session token or an API key for authentication? It might be helpful to see an example of how you’re using the SDK, so we can better troubleshoot.

I am using a session token for the API and credentials for the SDKs. I tried with the API key as well. Logged in but couldn’t update.

resin = Resin()
credentials = {‘username’:"", ‘password’:""}

On python. I think I shouldn’t be seeing this when authenticated with username and password. I know that the session token is valid 7 days.

Hi, let’s move the conversation to the new thread you started (Balena Python SDK "Unauthorized" exception) as this one is somewhat different and it’s better to keep issues isolated. Cheers!

Sure, I’ll delete it here