When setting up the Remote Data Agent, the SAS Viya administrator provides an OAuth client secret to be used in the da-env.vars file. A client_credentials OAuth authentication flow with SAS Viya uses this secret.

This SAS KB article outlines how to do the following:

• Verify whether the secret is valid. 
• Determine if communication between the Remote Data Agent server and SAS Viya functions correctly.

Verification Steps

Gather Required Credentials

You need the following information:

• Client Secret: The SAS Viya administrator provides this information.
• Client ID: This ID is typically formatted as follows:

dagentsrv-<kubernetes_viya_namespace>

Note: Replace <kubernetes_viya_namespace> with the actual namespace where SAS Viya is deployed.

Run Authentication Test Using curl

Use the following curl command to test the authentication:

curl --request POST \
  --url https://example.com/SASLogon/oauth/token \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data grant_type=client_credentials \
  --data client_id=dagentsrv-<kubernetes_viya_namespace> \
  --data client_secret=<secret>

• Replace <example.com> with the actual SAS Viya host name.
• Replace <kubernetes_viya_namespace> with your environment's namespace.
• Replace <secret> with the provided client's secret. 

Interpret the Response

• A successful response includes an authentication token.
• If a 401 Unauthorized error occurs, double-check the client ID and secret.
• If a 403 Forbidden error occurs, review the IP Allowlist settings to ensure that the Remote Data Agent server is permitted to communicate with SAS Viya.