I am trying to connect to my app on kinvey. From a browser, I can simply use:
https://baas.kinvey.com/appdata/<app_key>?app_secret=<secret>
I do get prompted to enter app_key and app_secret as uid and password but at least I get:
{
version: "3.8.13",
kinvey: "hello <my app name>",
appName: "<My app name>",
environmentName: "Development"
}
but, from python, I cannot. The closest I got was with:
requests.get('https://baas.kinvey.com/', headers={'app_key': app_key, 'app_secret': secret})
That takes me to a generic kinvey 'hello' but not to my app.
I also tried with
requests.get('https://baas.kinvey.com/' + app_key, headers={'app_key': app_key, 'app_secret': secret})
If i try to add the app_key + '?app_secret=' + secret to the url I get an error on malformed header/missing credentials.
Thoughts?
The correct way to add credentials to a Kinvey mbaas request is by setting a Basic Auth header, as explained here. Using the headers that you describe is not supported.
The steps here are that you use a base64-encoded appkey/appsecret to build a Basic Auth header in order to get to the "login" endpoints, after which you'll get a Kinvey token for the session authentication corresponding to the active user. There is no such thing as anonymous access to your app, apart from getting to the login endpoint.
Basically, this is not trivial. This is why using the REST API directly is not recommended, and using a specific SDK for your platform is. There's SDK's for many platforms including java/android, javascript, C#/xamarin, xcode/swift, etc. In those SDK's, you simply call functions like "Kinvey.login" or "Kinvey.appdata.get" and all auth and all offline, caching, etc. is taken care for you.