AnsweredAssumed Answered

Using the REST API, how do I authenticate and properly request an image URL which is stored in a container field?

Question asked by teewuane on Feb 20, 2018
Latest reply on Jun 6, 2018 by FMCostaRica

I am using the REST API to retrieve a list of records from our FileMaker server 16 database.


Here are the docs I've been following: FileMaker 16 Data API Guide


A record has a container field where we store an image.


According to the documentation, (

FileMaker 16 Data API Guide > Write FileMaker Data API Calls > Data Format Notes > Last bullet...

) "For container field data, the FileMaker Data API returns a URL with the path reference to the container data object."


That URL does come back correctly and it looks like this...



If I try to navigate to that url via a web browser, 99% of the time the server will respond with "401 Unauthorized".


1% of the time, somehow, a "X-FMS-Session-Key" cookie is set in my browser for the domain of the url. When that happens, the server will respond with the actual image.


If I delete that cookie so it is no longer in the request header, then it will go back to returning a 401 response.


Okay, so I think I've found the problem, I need the "X-FMS-Session-Key" cookie included in the request.


I try to recreate the exact same request to the image url with curl or python requests. I set the same headers as the browser is using to make the request. In the browser it will load, in python or in curl it will respond with a 401.


How do I properly authenticate and create a session (or whatever is needed) so that I can request images?


I do not intend to load the images directly into a web browser, I have a script that temporarily downloads the images to a local disk.


Also, for what it is worth, the domain my application uses and the domain our filemaker server exists at are different domains.