Resin request error: Unauthorized and data loss

Hello. For some reason I am getting Resin.request.error: Unauthorized when I try to update the device tags. Firstly, I spotted it on node.js sdk and after that I am experiencing it on the python one. So the major problem after this is that I tried to update the tags with your API directly and I end up having ruined all tags for 100 devices. The API I used:$filter=tag_key eq ‘’ When testing locally, I change the tag succesfully but when I started it in a python script which began updating them I ended up making all tags with one value… This is the request I am making:

data = json.dumps({“device”: str(device_id), “value”: str(tag_value)})
response = requests.patch(
headers={“content-type”:“application/json”,“Authorization”:“Bearer {}”.format(auth_token)},
data = data

Can we somehow revert to yesterday backup? (if there is such)

Taking a look at this now. I don’t believe we have a way to restore tag values that have been overridden by the API, but I am checking with the team. We can take a look at the script to see where the issue might have occurred, can you share what update_existing_tag_url does?

1 Like

update_existing_tag_url = “$filter=tag_key eq ‘{}’” This is a variable for the API url I used.

The issue with the script may be that the spaces in the request are not URI encoded (%20), so everything after tag_key is lost.

We’re still investigating our options for recovery, but for future use we strongly recommend testing any scripted API calls on non-production devices, as these types of errors can inadvertently cause major configuration changes.

Agree. I used it on a non-production before that with the same url. Isn’t it parsing the space to %20 by default?

Yes, after looking at it a bit more that’s probably not the issue. If you run a similar script using a GET request rather than a PATCH, are you able to correctly narrow down to specific devices?

Yes. I am getting tags information on this url:

BTW do you know why am I getting Unauthorized when I update tags through the sdks?

Do you know if you’re using a session token or an API key for authentication? It might be helpful to see an example of how you’re using the SDK, so we can better troubleshoot.

I am using a session token for the API and credentials for the SDKs. I tried with the API key as well. Logged in but couldn’t update.

resin = Resin()
credentials = {‘username’:"", ‘password’:""}

On python. I think I shouldn’t be seeing this when authenticated with username and password. I know that the session token is valid 7 days.