CredStore Perform Query error

Question

I am running into an issue while doing API calls to my apps backend, every connection now prompts with

CredStore - performQuery - Error copying matching cred         


        

Answer 1

This same issue happens to me and I found that if your API URL does not contain a "/" at the end of URL then iOS does not send "Authorization" value to the server. Due to which you will see a message like posted in question in the console.

So Simply add "/" at the end of URL

https://example.com/api/devices/

Answer 2

OK, I had this error, and fought with it for a long time (years) when interacting with my Ruby on Rails app.

I had default credentials set up as described in the accepted answer, but still got the error, and have been relying on a didReceiveChallenge response to supply the credentials - fortunately that worked as a work around.

But! I've just found the solution!

I was working on a hunch that that the protectedSpace fields did not match the Authorization challenge from the Ruby on Rails server - and I looked into the realm field, which seemed to be the only one that was being left undefined.

I started by printing out the server response headers, and although I was able to examine these, they did not include the WWW-Authorization field that would have included the realm field.

I thought this was maybe because my Rails app wasn't specifying the realm, so I started looking at the Rails side of things.

I found I could specify the realm in the call to,

authenticate_or_request_with_http_basic

...which I am using for HTTP Basic authentication.

I wasn't specifying a realm already, so added one,

authenticate_or_request_with_http_basic("My Rails App")

I then added the corresponding string to the protectionSpace,

NSURLProtectionSpace *protectionSpace =
    [[NSURLProtectionSpace alloc] initWithHost:@"myrailsapp.com"
        port:443
        protocol:NSURLProtectionSpaceHTTPS
        realm:@"My Rails App"
        authenticationMethod:NSURLAuthenticationMethodHTTPBasic];

Voila! That worked, and I no longer get the,

CredStore - performQuery - Error copying matching creds.  Error=-25300

Even after specifying the realm in the Rails app, I still don't see it passed in the HTTP header, I don't know why, but at least it works.

Answer 3

This is transport error, let's add transport permission like this in plist file:

<key>NSAppTransportSecurity</key>
    <dict>
        <key>NSAllowsArbitraryLoads</key>
        <true/>
    </dict>

Be careful as that enables connection to any server from your app. Read more on App Transport Security before proceeding. See comment by @kezi

Answer 4

I'm not sure why do we get this error when perform requests with Alamofire, but if you do API requests with some token in HTTP headers, you maybe don't need credentials store at all. So we can disable it for our request:

let configuration = URLSessionConfiguration.default
configuration.httpAdditionalHeaders = ourHeaders
// disable default credential store
configuration.urlCredentialStorage = nil

let manager = Alamofire.SessionManager(configuration: configuration)
...

No errors after such change.

Answer 5

I edited the String that contains the URL to fix this issue:

var myUrl = "http://myurl.com"
myUrl = myUrl.addingPercentEncoding(withAllowedCharacters: .urlFragmentAllowed)!

let url = URL(string: myUrl)

Answer 6

The cause of me getting this error was due to me accidentally using two spaces between the "Bearer" and access token in my Authorization header.

Incorrect:

request.setValue("Bearer  \(accessToken)", forHTTPHeaderField: "Authorization")

Correct:

request.setValue("Bearer \(accessToken)", forHTTPHeaderField: "Authorization")

Simple mistake, but it took a while to find it.