#RestAPI Call Help

I have some endpoints for a particular software that I'm trying to pass usernums through so that I can automate disabling of accounts when users are no longer with the company. I can query the user and lock the account using single commands like one offs by manually putting in the usernum in the URL. If I try to pass in a usernum, I either get all users back or sometimes I was getting a 404 not found. However, the URI is correct as when I look at the apiParameter.uri value it would be the same as if I passed it manually. Not sure what I am missing.

If I run this it will work fine:

$apiParameters = @{
    Headers    = @{
        Accept        = 'application/json'
        Authorization = "Bearer $bearerToken"
    }
    Uri        = 'https://hostname/ApiServer/administration/api/users/2789'
    WebSession = $session
    Method     = 'GET'
}
# Accessing the user properties
$adminResponse = Invoke-WebRequest @apiParameters

When I run this command I get all users back. I was also getting a 404 error not found which didn't make since either since the URI was correct when I outputed it to the console. I'm passing the usernum value from a MSSQL database to this section. Not sure if that makes a big difference or not.

foreach ($adUser in $ADResults) {
    $apiParameters = @{
        Headers    = @{
            Accept        = 'application/json'
            Authorization = "Bearer $bearerToken"
        }
        Uri        = "https://hostname/ApiServer/administration/api/users/$($adUser.usernum)"
        WebSession = $session
        Method     = 'GET'
    }
    
    Try {
        $adResponse = Invoke-WebRequest @apiParameters
    } Catch { 
        if ($_.Exception -eq 'The remote server returned an error: (404) Not Found.') {
           # Do other things here 
        }
    }

Here was an example of the URI from the console.

https://hostname/ApiServer/onbase/administration/api/users/2779

Log the url right before the request to see whats happening. i assume you need some sanitization of the usernum paramete rin your ad object. maybe it doesnt look like you imagine it 😄

I added a Write-Output $apiParameters.Uri right before the Try Catch statement and outputed what I would expect it to do. It's the same that in my example URI from the console.

On the back end and through the logs it looks like it's getting called correctly so not sure why powershell is returning all users in the content

well, what's odd now is that in my content response in powershell I don't see the user that I'm looking for. But if I run the same url query in postman it returns fine. 😕

Why are you messing with websession?

I'd recommend avoiding that unless you're dealing with a website that thinks you're a browser ...

Honestly, since you're going against an API anyway, I would use Invoke-RestMethod, not Invoke-WebRequest

i can just assume that the session is passed in order to stay logged in for later requests ... but yeah, never using that myself in these kinds of requests.
invoke-restmethod is more suitable for what you want to do!

Hey @visual cypress and @surreal sigil Sorry for the late response. Well my initial issue I figure out what due to some user privileges in the application. So I got that fixed. As for the websession, yes I was trying to pass the session cookie value from one rest call to the next so that I didn’t burn up licenses. It could’ve just been something I was going incorrectly at the beginning of writing this script but from what I recall invoke-webrequest was the only one working for me with the session cookie but I can try invoke-restmethod again. I’m not set on my script so always open to suggestions 🙂. Still learning rest api calls

Do you mean cookies, or tokens?
here's a good tutorial on using Web API's and Invoke-RestMethod https://adamtheautomator.com/invoke-restmethod/#Using_an_APIOAuth_Token_with_Bearer_Authentication