When running a script which makes a number of requests to the Sumo Logic API's I am sporadically receiving the following error message with some of the requests. I have verified my credentials are valid and other requests appear to succeed, so why do we receive this message?
"status" : 401,
"id" : "FRXHW-NB12G-HMYO6",
"code" : "unauthorized",
"message" : "Credential could not be verified."
In order to prevent possible brute force attacks, Sumo Logic throttles the number of authentication requests that can be made per minute to the service and APIs. The error message above may occur if you have exceeded the number of logins allowed over a one minute period.
The best practice for accessing the Sumo Logic API's is to store and provide a sessions cookie with each follow up request during your session to the API, which will prevent the authentication throttling from occurring. A simple example for storing and providing a session cookie with Curl is shown below. This command (-c <file>) will store the session cookie within a text file called cookies.txt. This will also then pass the contents of the existing cookie file (-b <file>) with follow up request to the API.
Note: The following examples will need to be performed against the API endpoint for your account deployment. For more information on determining the endpoint needed for your account please see the following documentation.
curl -b cookies.txt -c cookies.txt -u '<username>:<password>' -X GET https://api.sumologic.com/api/v1/collectors