I found the problem. Like usual I struggle for days then I decide to ask online, fiddle a little while waiting for replies and then I find the issue!

The solution make no sense to me but anyway here goes...

In Eventviewer --> System, there was a DNS warning. SAMINC could not be found and later SAMLTD could not be found as well.

So I altered the hosts file to point request made for hostnames SAMINC and SAMLTD  to 127.0.0.1

Like this.

C:\Windows\System32\drivers\etc

# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost

127.0.0.1 samltd
127.0.0.1 saminc

Then suddenly it all started working.

Hello,

I have exactly the same problem. But your solution here did work out for me. I have a user WEBAPI (Passowrd:WEBAPI) with access to all modules. I have enabled access to Web API too.

When making a request with an authorization header whose value is Basic V0VCQVBJOldFQkFQSQ== 

The outcome is as below:

The log file shows:
-----------------------------

----------------------------------------
Timestamp: 3/15/2020 3:08:40 PM
Message: Error-[Tenant:] [Company:] [Module:] [User:] - Sage 300 Web API encountered an error for Url 'k**sage/.../ARCustomers'.:
Exception Source:
Exception Type: System.UnauthorizedAccessException
Exception Message: Attempted to perform an unauthorized operation.
---- Stack Trace ----


Please someone advice

Have you resolved this issue?  I am having exactly the same problem. 

I had the same issue. It turns out the password for the Sage WEB API user must be in all UPPERCASE or numbers, no lowercase letters are allowed in the Password.

I have all the above still getting status 401. Does anyone have alternatives.
Its frustrating

A few questions:

1. Are webscreens installed?
2. What user are you using to connect to the web API?
3. If admin, have you enabled the admin access to the web API in BOTH places?
4. Have you tried using the Swagger UI to access/update Sage?

1.Yes Webscreen.installed
2. I am using both C# code, POSTMAN, and Swagger,
3. Yes, I have set this tag "<add key="AllowWebApiAccessForAdmin" value="true" />" for both online and api
4.Yes I have

Ok, cool. So it looks on the face of it that it is set up. With regards to 4 you say you've tried the Swagger UI. Did it work? ie did you get data out? Could you update records?

Yeah, Swagger UI has the pop screen for credentials, which I put the correct one but still remain even with wrong or correct logins

Ok, try using the ADMIN credentials there. Make sure you type the user name and password in upper case on that pop up. You've enabled the admin user in the config files so try that first. If you're going to use a different user then you don't need to enable admin. I tend not to use admin myself but to get this off the ground, we can rule out user config by using admin.

Yes, I did that, used the admin credentials, still didn't work

In IIS when you click on Default Web Site and open the Authentication. You should only have Anonymous Authentication enabled. All others should be disabled.

Then...

Open localhost/sage300webapi and when it loads, click on the blue button to open the swagger ui. Expand ARCustomers. Click on the last GET which takes a customer number parameter. The parameters listed should be SAMLTD as the company unless you have changed the default in the config. In the customer number put 1200 click Try it Out! When the prompt pops up, put in your admin user name and password in upper case. Do you get anything back? The URL will be this 

https://localhost/Sage300WebApi/V1.0/-/SAMLTD/AR/ARCustomers('1200')

So you can copy that and paste it into a browser and it will (should) return the JSON. If you're getting a 401 it means you have not authorized.

In IIS when you click on Default Web Site and open the Authentication. You should only have Anonymous Authentication enabled. All others should be disabled.

Then...

Open localhost/sage300webapi and when it loads, click on the blue button to open the swagger ui. Expand ARCustomers. Click on the last GET which takes a customer number parameter. The parameters listed should be SAMLTD as the company unless you have changed the default in the config. In the customer number put 1200 click Try it Out! When the prompt pops up, put in your admin user name and password in upper case. Do you get anything back? The URL will be this 

https://localhost/Sage300WebApi/V1.0/-/SAMLTD/AR/ARCustomers('1200')

So you can copy that and paste it into a browser and it will (should) return the JSON. If you're getting a 401 it means you have not authorized.

Thanks. The first suggestion worked for me. Made sure only Anonymous Authentication was enabled and then it worked like a charm.

I am still stuck here, I have given the folder rights, ensured my passwords and username are in CAPS but all I get is 

'Error Code: Unauthorized, Error Message: Sage 300 WebApi Authentication error from invalid credentials'.

am using sage 2020  update 7 and CRM 2021 R2. I cannot login to sage webscreen as well. Am getting 

'Error HRESULT E_FAIL has been returned from a call to a COM component'. on  web api am getting  'Authentication error from invalid credentials'

any idea will assist me.

Are you using the admin user? Have you altered both web.config files to allow admin to access the web api? If not, have you granted authority to the API user?

I am using an account called CRM which has full rights in sage modules . The password am using is

USERID:CRM

PASSWORD:CRM

I have tried  the admin user as well  

USERID:ADMIN

PASSWORD:ADMIN

 and have enabled admin user on

C:\Sage\Sage 300 ERP\Online\WebApi\web configure file

And on CRM i have configured user level secuity as below

Have you ensured that ONLY anonymous authentication is enabled in IIS? That is one change that worked for me.

Yes, I have enabled it in CRM, Sage 3oo, sage300webapi.

This is what I did. I believe I gave IUSR full rights to Sage folder.

Thanks, Just did that but still same error.

I am not sure of what am doing wrong.

Have you checked the trace logs? They are in your Sage300\Online\WebApi\Logs, Sage300\Online\Web\Logs, and Sage300\Online\Worker\Logs. When you try and make a request and you get the unauthorised message, it should give you more in there. There might be more in the IIS logs which are probably in one of the C:\inetpub\logs\LogFiles\W3SVC# folders.

If they don't throw anything up, then we'll start from the beginning. I only just set up the web API on a new server yesterday.

Sage300\Online\WebApi\Logs I have

Timestamp: 3/8/2022 9:37:13 AM
Message: Error-[Tenant:] [Company:] [Module:] [User:] - Sage 300 Web API encountered an error for Url 'maina-pc/.../TXTaxGroups
Exception Source:
Exception Type: System.UnauthorizedAccessException
Exception Message: Attempted to perform an unauthorized operation.
---- Stack Trace ----

Machine Name: MAINA-PC

on  C:\Sage\Sage 300 ERP\Online\Worker\Logs  I have

Timestamp: 3/4/2022 11:52:44 AM

Message: Critical-[Tenant:] [Company:] [Module:Worker Role] [User:] - The windows service failed to start.:
(Inner Exception)
(Inner Exception)
Exception Source:
Exception Type: System.ComponentModel.Win32Exception
Exception Message: The wait operation timed out

--- Stack Trace ----

(Outer Exception)
Exception Source: .Net SqlClient Data Provider
Exception Type: System.Data.SqlClient.SqlException
Exception Message: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: TCP Provider, error: 0 - The wait operation timed out.)

Sage300\Online\Web\Logs

no logs

C:\inetpub\logs\LogFiles\W3SVC1

2022-03-08 09:37:12 172.16.4.30 POST /CRM/eware.dll/Do SID=202525542041132&Act=432&Mode=1&CLk=T&Key0=4&func=baseUrl&dotnetdll=ImportPage&dotnetfunc=GetImportPage&Option=Synchronize 80 - 172.16.4.30 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/99.0.4844.51+Safari/537.36 maina-pc/.../Do 200 0 0 473
2022-03-08 09:37:12 172.16.4.30 GET /CRM/Themes/custom/RedefinedStyles.css 20220308123712814 80 - 172.16.4.30 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/99.0.4844.51+Safari/537.36 maina-pc/.../Do 200 0 0 0
2022-03-08 09:37:12 172.16.4.30 GET /CRM/eware.dll/Do SID=202525542041132&Act=1696&Mode=1&CLk=T&FldCoachingActionID=ActACCPAC/Config_DropdownsKey0&AAct=432 80 - 172.16.4.30 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/99.0.4844.51+Safari/537.36 maina-pc/.../Do 200 0 0 18
2022-03-08 09:37:12 172.16.4.30 GET /sdata/crmj/userdata SID=202525542041132&Action=getNotifications 80 - 172.16.4.30 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/99.0.4844.51+Safari/537.36 maina-pc/.../Do 404 0 2 0
2022-03-08 09:37:12 172.16.4.30 GET /sdata/crmj/userdata SID=202525542041132&Action=getNotificationOptions 80 - 172.16.4.30 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/99.0.4844.51+Safari/537.36 maina-pc/.../Do 404 0 2 0

Could it be my IIS setup? or sage - crm versions incompatibility? (sage 2020  update 7 and CRM 2021 R2)

Looking at this request URL (http://maina-pc/Sage300WebApi/v1.0/-/CHECOM/TX/TXTaxGroups?$select=TaxGroupKey,TransactionType,Description%27) it looks like the permissions are not set up. So when setting up a user for web API, you are using the CRM user. I wouldn't as that is just for the CRM integration. Create another one (WEBAPI or something else) as a user that cannot change passwords and it doesn't expire. Then go into Security Groups create a group called WEBAPI and apply it to AP, AR, Admin services, Bank Services, Common Services, GL, and Tax Services and tick all for each. Save as you go. Then in User Authorisations, apply that group to AP, AR, AS, Bank, CS, GL, and Tax. That will give the user maximum permissions without admin. You can alter the access later. Then log into Sage with that user AT LEAST ONCE, and ALSO log into Web Screens AT LEAST ONCE to ensure that the user works. If you can't log in, it is most likely the portal database needs reintsalling.

Created  the user WEBAPI with all the rights. I can connect  on desktop app but on web am getting the below error.

I'd reinstall web screens and portal and make sure you're on the latest PU and try that again. Something isn't right with your installation.

Thank you all, I reinstalled everything from IIS to sage CRM and everything worked.

I suspect sage installation was not okay plus IIS.

I used  https://www.acutedata.com/iis-features-needed-web-screens/ to setup iis