Token based Api log in for cumulocity API in Version 10.18

*Cumulosity hosted we service with version 1018.0.229 used *

*Detailed explanation of the problem: Currently i am doing a proof of concept to evaluate the token based use of the cumulosity API (no base auth any longer). this does not seem to work. I was searching for a detailed documentation to tackle this topic but was not succesful with finding anything. *

*Error messages / full error message screenshot / log file:

“message”: “Full authentication is required to access this resource”,
“error”: “security/Unauthorized”,
“info”: “ttps://

Question related to a free trial, or to a production (customer) instance?

Customer instance is used: Startseite / Cumulocity - Cockpit

1 Like

Hi Matthias,

have you checked the following part of the documentation that was added with 10.18: Administration - Cumulocity IoT Guides.

Maybe that help?

We should also tag the question as Cumulocity IoT related, so it will appear in the Cumulocity section of the tech forum. @Stefan_Witschel.

Best regards


1 Like


how does your API Call look like? Is this about the platforms OAI Authentication method - or the new 10.18 functionality to use an access token from a connected authorization server?

If you have your Token and you’re using the Authorization header, make sure your header is in the format: Authorization: Bearer <your token here> . The "Bearer " prefix is important, I’ve seen this error-message before when not stating it.

Hello Korbinian,

i try t use the new 10.18 Functionality. So what i try is to use the API without the basic auth. The SSO is allready activated and running at our environment.

Even with the changed format it is not working. Shoudnt it work even simply im the browser if the browser contains the auth token as cockie ?

Thanks and best regards



I’ve connected a Keycloak Server to a Tenant and it worked for me - I was able to login and also to use keycloaks access tokens for Cumulocity API Calls. That indicates it’s not a general problem, probably more a misconfiguration somewhere.

How is the situation in your tenant? Which authorization server did you connect (Azure AD, Auth0, Keycloak, Okta, something different)? Does the SSO login work via UI? Does the login work via UI and it’s “only” the newly introduced functionality - to do API requests with the access token of your authorization server - that doesn’t work for you?

Some links that might help:

Not idea if this relevant here, but the URL cannot be valid. The “h” is missing from https and “cumulosity” also doesn’t look right.

1 Like

I was retyping it an links ar prohibided here in this forum.

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.