I am using the REST API to retrieve a list of records from our FileMaker server 16 database.
Here are the docs I've been following: FileMaker 16 Data API Guide
A record has a container field where we store an image.
According to the documentation, (
FileMaker 16 Data API Guide > Write FileMaker Data API Calls > Data Format Notes > Last bullet...
) "For container field data, the FileMaker Data API returns a URL with the path reference to the container data object."
That URL does come back correctly and it looks like this...
If I try to navigate to that url via a web browser, 99% of the time the server will respond with "401 Unauthorized".
1% of the time, somehow, a "X-FMS-Session-Key" cookie is set in my browser for the domain of the url. When that happens, the server will respond with the actual image.
If I delete that cookie so it is no longer in the request header, then it will go back to returning a 401 response.
Okay, so I think I've found the problem, I need the "X-FMS-Session-Key" cookie included in the request.
I try to recreate the exact same request to the image url with curl or python requests. I set the same headers as the browser is using to make the request. In the browser it will load, in python or in curl it will respond with a 401.
How do I properly authenticate and create a session (or whatever is needed) so that I can request images?
I do not intend to load the images directly into a web browser, I have a script that temporarily downloads the images to a local disk.
Also, for what it is worth, the domain my application uses and the domain our filemaker server exists at are different domains.