I created a console application to test the API token behavior, how it works with multiple users and API limits. The console app does the following:Calls the token endpoint by passing username/password. It receives the token and does a GET appointment 50 records API call. There is 20 second wait Because our license has Max 20 API users limit, I am running the above steps for 22 users to verify the behavior. It run synchronously for one user after another, not in parallel.Observations:Sometimes I get the 200 status and Response “<script>window.open("/Main","_top");</script>” in Appointment Get call In the screen System Monitor → Active Users, I notice it always maintains 20 users list. It removes the oldest active user from the list. But still I can use the token of the user which is not in the Active User list anymore and make API calls.Questions:What is the reason for the error “<script>window.open("/Main","_top");</script>” ? I have a use case to build app where around 30 users will need to make REST API calls in parallel. Because I am able to use the token of users not present in the “Active Users” screen, Can I use any number of API users using token endpoint until the token expires or do you think I will face the API limit? If I will face API limit issue, what issue would it be?

Hello @rajeshmishra90 !Could you post the API query your console application is using, minus any authentication details? This will help us troubleshoot and determine where the error messages might be coming from.To answer your questions:I believe the “<script>window.open("/Main","_top");</script>” error message could appear due the following:The API request might be expiring before it can finish setting the location for the query.The API request call might need the location to be identified first with an async call. Example from https://stackoverflow.com/questions/20696041/window-openurl-blank-not-working-on-imac-safari:var windowReference = window.open();myService.getUrl().then(function(url) { windowReference.location = url;});In terms of API users and limits, your licensing will determine the maximum number of concurrent API requests. I’d check in with your account team if you have any questions or need adjustments.If you are hitting an API limit either due to the request expiring without a logout method attached (see Acumatica posting below for best practices) and/or the maximum number of API users are being utilized, it’s possible that the API queries will expire while in transit, the data won’t be pulled back, or your team will continue to see error messages.Let me know if any of the above information helps, thanks!

Solved

REST API Response "< script > window.open ("/Main","_top"); < /script > "

1 year ago
October 10, 2023
6 replies
261 views

rajeshmishra90
Freshman II
11 replies

I created a console application to test the API token behavior, how it works with multiple users and API limits. The console app does the following:

Calls the token endpoint by passing username/password.
It receives the token and does a GET appointment 50 records API call.
There is 20 second wait
Because our license has Max 20 API users limit, I am running the above steps for 22 users to verify the behavior. It run synchronously for one user after another, not in parallel.

Observations:

Sometimes I get the 200 status and Response “<script>window.open("/Main","_top");</script>” in Appointment Get call
In the screen System Monitor → Active Users, I notice it always maintains 20 users list. It removes the oldest active user from the list. But still I can use the token of the user which is not in the Active User list anymore and make API calls.

Questions:

What is the reason for the error “<script>window.open("/Main","_top");</script>” ?
I have a use case to build app where around 30 users will need to make REST API calls in parallel. Because I am able to use the token of users not present in the “Active Users” screen, Can I use any number of API users using token endpoint until the token expires or do you think I will face the API limit? If I will face API limit issue, what issue would it be?

Best answer by rajeshmishra90

When I checked the system monitor for errors, I found that this error is coming due to login limit as I was assuming but got it confirmed. It's weird that I get 200 status with javascript code when the login limit is reached.

View original

Did this topic help you find an answer to your question?

VladS
Community Manager
24 replies
1 year ago
October 10, 2023

Hello @rajeshmishra90 !

Could you post the API query your console application is using, minus any authentication details? This will help us troubleshoot and determine where the error messages might be coming from.

To answer your questions:

I believe the “<script>window.open("/Main","_top");</script>” error message could appear due the following:
1. The API request might be expiring before it can finish setting the location for the query.
2. The API request call might need the location to be identified first with an async call. Example from https://stackoverflow.com/questions/20696041/window-openurl-blank-not-working-on-imac-safari:
```
var windowReference = window.open();

myService.getUrl().then(function(url) {
     windowReference.location = url;
});
```
In terms of API users and limits, your licensing will determine the maximum number of concurrent API requests. I’d check in with your account team if you have any questions or need adjustments.

If you are hitting an API limit either due to the request expiring without a logout method attached (see Acumatica posting below for best practices) and/or the maximum number of API users are being utilized, it’s possible that the API queries will expire while in transit, the data won’t be pulled back, or your team will continue to see error messages.
P
API Login Limit Error for REST API Calls with Access Token

Let me know if any of the above information helps, thanks!

Developer Relations Manager

rajeshmishra90
Author
Freshman II
11 replies
1 year ago
October 11, 2023

@VladSushkin83 Thanks for your response! here is the code snippet for the API call:

internal static async Task<string> AuthenticateROPCMultipleAsync(IConfiguration _configuration, string _acumaticaBaseUrl, HttpClient _client, string userName, string password)
        {
            try
            {
                var requestUrl = $"{_acumaticaBaseUrl}/identity/connect/token";

                var requestContent = new FormUrlEncodedContent(new[]
                {
                    new KeyValuePair<string, string>("password", password),
                    new KeyValuePair<string, string>("username", userName),
                    new KeyValuePair<string, string>("client_id", _configuration["ClientId"]),
                    new KeyValuePair<string, string>("client_secret", "secret"),
                    new KeyValuePair<string, string>("scope", "api offline_access"),
                    new KeyValuePair<string, string>("grant_type", "password"),
                });

                var response = await _client.PostAsync(requestUrl, requestContent);
                if (!response.IsSuccessStatusCode)
                {
                    Console.WriteLine("Authentication returned error");
                    var exceptionDetails = await response.Content.ReadAsStringAsync();
                    Console.WriteLine(exceptionDetails);
                    return null;
                }
                var resContent = response.Content.ReadAsStringAsync().Result;
                var auth = JsonConvert.DeserializeObject<AuthResponse>(resContent);
                return auth.access_token;
            }
            catch (Exception)
            {
                return null;
            }
        }

internal class AuthResponse
    {
        public string access_token { get; set; }
        public int expires_in { get; set; }
        public string token_type { get; set; }
        public string refresh_token { get; set; }
    }

I am unable to understand your point regarding the setting the location. I am making a call from the C# console application. The snippets attached are javascript so I am unable to follow it. Are you suggesting that I need to make modification to the way I am calling the Auth API?
Regarding the license API Limits, I do know what the limits and I attached the screenshot as well. The issue is that I have 20 users API limit in my license and even if I have more than active 20 users, they all are working without any error. I was expecting an error but with the AUTH token I am not getting the API limit, so I am asking why is it so?
1. I tried calling sign out with the token but it does not have any effect and I can still use the auth token to make appointment GET calls.

rajeshmishra90
Author
Freshman II
11 replies
Answer
1 year ago
November 13, 2023

terpstra
Freshman II
10 replies
3 months ago
December 11, 2024

One of our integrated product development teams ran into this issue as well.

Requesting and using more than three access tokens (our license concurrent session limit) in a short period of time without calling for a logout causes the API to return empty data with 200 OK on request 4 and later.

After a 10ish minute cooldown period, we can make three more requests before encountering blank responses.

A better partner application design that does not request a new access token for every request would prevent this issue, but it would be nice if Acumatica could add an error code for concurrent session limit reached instead of just replying with no data.

@Chris Hackett could this be transformed into a feature request?

Chris Hackett
Acumatica Community Manager
2753 replies
3 months ago
December 11, 2024

Hi @terpstra - If you wish to have this added as an Idea, please go to Product Ideas and add. Thank you!

Chris ~ Let us know how we're doing: https://forms.office.com/r/xmJUdZ1QE5 - A member helped you, please *Like* their post. A member provided an answer to your question, please mark it as *Best Answer*.

terpstra
Freshman II
10 replies
3 months ago
December 11, 2024

Chris Hackett wrote:

Hi @terpstra - If you wish to have this added as an Idea, please go to Product Ideas and add. Thank you!

Got it, wasn’t sure if it could be converted.

Idea created here:

https://community.acumatica.com/ideas/add-unique-error-codes-concurrent-web-services-api-27856

Reply

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

Cookie settings

We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.

Basic
Functional

Normal
Functional + analytics

Complete
Functional + analytics + social media + embedded videos

About Acumatica ERP system

Acumatica Cloud ERP provides the best business management solution for transforming your company to thrive in the new digital economy. Built on a future-proof platform with open architecture for rapid integrations, scalability, and ease of use, Acumatica delivers unparalleled value to small and midmarket organizations. Connected Business. Delivered.

Reply

Related topics

A360 Package Updates coming in July, 2024.

Pathfinder Community Monthly Flight Plan: September 2024

A360 Package Updates coming in Sep, 2024.

A360 Package Updates coming in Aug, 2024.

A360 Package Updates coming in Jun, 2024.

Most helpful members this week

Sign up

Social Login

Login to the community

Social Login

Scanning file for viruses.

This file cannot be downloaded

Cookie policy

Cookie settings