Hi,
we've installed 10.5.4 at an onsite customer, and have feature toggled on the NewServiceRequest feature to get the new Service UI in CRM.
We've enabled single signon for login (which seems to work fine), and the server is locked down with very limited access to the internet.
When opening a request we see that there is a call to /api/v1/Agents/Ticket/GetForRmUi fails with an 403 error. The header X-Errormessage says "WebException: The remote server returned an error (401) Unauthorized".
My gut feeling is that the ../Agents/Ticket/GetForRmUi method is trying to reach out to the internet for some reason. I see from the documentation that is a fairly new and unstable endpoint. What could cause it to try to access the internet?
Alle Svar (3)
My guess it is try to call the service client internally, which it can't authorize on.
You could try setting the impersonating user using customer service section in the web config:
https://docs.superoffice.com/en/online/identity/single-sign-on/onsite-sso.html#impersonation-user
Thanks David!
I didn't know about those new impersonate settings, but unfortunately adding those (to both NetServer's webconfig-file and also Web's webconfig-file) didn't solve the issue.
For now we've just opted for disabling the NewServiceRequest feature toggle.
To figure out if the problem was related to SSO or because the server doesn't have internet access, we temporarily disabled SSO, and then it worked, so the problem is related to SSO, not lack of internet.
Apparently, the forum doesn't allow us to mention the real name of the file named web-dot-config. Writing that filename gives a 403 error when posting in the forum.