Question:

When running a script which makes a number of requests to the Sumo Logic APIs, I sporadically receive the following error message with some of the requests. I have verified my credentials are valid and other requests appear to succeed, so why do we receive this message?

{ 
"status" : 401, 
"id" : "FRXHW-NB12G-HMYO6", 
"code" : "unauthorized", 
"message" : "Credential could not be verified." 
}

Answer:

In order to prevent possible brute force attacks, Sumo Logic throttles the number of authentication requests that can be made per minute to the service and APIs. The error message above may occur if you have exceeded the number of logins allowed over a one minute period.

The best practice for accessing the Sumo Logic APIs is to store and provide a session cookie with each follow up request during your session to the API, which will prevent the authentication throttling from occurring. A simple example for storing and providing a session cookie with cURL is shown below. This command (-c <file>) will store the session cookie within a text file called cookies.txt. This will also then pass the contents of the existing cookie file (-b <file>) with follow up request to the API.

curl -b cookies.txt -c cookies.txt -u '<username>:<password>' -X GET https://api.sumologic.com/api/v1/collectors
</password></username>