Cannot Access Authorization Bearer Token in EnsLib.REST.Service - Getting 500 Internal Server Error

Question

Question

Abdul Majeed · Oct 1

I'm trying to access the Bearer token from the Authorization header in my REST service class, but I'm getting a 500 Internal Server Error when I try to use %request.GetCgiEnv("HTTP_AUTHORIZATION").

My Environment:

InterSystems ensemble 2018
Using EnsLib.REST.Service with HTTP Inbound Adapter
REST API URL: http://ip:port/api-kiosk/patientData

My Code:

objectscript

Class CIS.PATIENT.ReadPatientData Extends EnsLib.REST.Service
{
Parameter ADAPTER = "EnsLib.HTTP.InboundAdapter";
Parameter HandleCorsRequest = 1;

XData UrlMap [ XMLNamespace = "http://www.intersystems.com/urlmap" ]
{
<Routes>
    <Route Url="/patientData" Method="POST" Call="getPatientData"/>
</Routes>
}

Parameter EnsServicePrefix = "|api-kiosk";

Method getPatientData(pInput As %Library.AbstractStream, Output pOutput As %Stream.Object, 
                     pPersonType As %String, pKeyField As %String, pKeyVal As %String, 
                     pGetField As %String = "") As %Status
{
    Set tSC = $$$OK
    Try {
        Set reqData = pInput.Read(,.tSC)
        
        // This line causes 500 Internal Server Error
        Set authHeader = %request.GetCgiEnv("HTTP_AUTHORIZATION")
        
        // ... rest of my logic
        
    } Catch ex {
        Set tSC = ex.AsStatus()
    }
    Quit tSC
}
}

I need to access the Bearer token from the Authorization header in my REST service method. What is the correct way to access HTTP headers (specifically the Authorization header) in EnsLib.REST.Service methods?

Any help would be greatly appreciated!

Product version: Caché 2018.1

Discussion (4)3

Log in or sign up to continue

Luis Angel Pére... · Oct 2

I'm not very sure that you should extend EnsLib.REST.Service to define a REST service with URLMap, but anyway, EnsLib.REST.Service is using EnsLib.HTTPInbound.Adapter so you can get the input data from OnProcessInput like this:

Method OnProcessInput(pInput As %GlobalCharacterStream, Output pOutput As %RegisteredObject) As %Status
{
     set authorization = pInput.Attributes("authorization")
...

Here is the doc related: https://docs.intersystems.com/healthconnect20251/csp/docbook/DocBook.UI....

1 0

score 0 · Answer 1 · 2025-10-01T19:44:28-04:00

Enrico Parisi · Oct 1

If the header is called "AUTHORIZATION", then use:

Set authHeader = %request.GetCgiEnv("AUTHORIZATION")

0 0

score 0 · Answer 2 · 2025-10-02T01:03:11-04:00

I'm using a class that extends EnsLib.REST.Service, and it looks like %request is not available. This might be causing a 500 Internal Server Error when I try to access it.

I tried this check:

If '$IsObject($Get(%request)) {
Set debugInfo.error = "%request object is NOT available"
Write debugInfo.%ToJSON()
Quit $$$OK
}

Thanks!

score 1 · Answer 3 · 2025-10-02T02:23:24-04:00

Abdul Majeed · Oct 2

Thank you very much — it's working.

1 0