Access forbidden Error

pitw · October 31, 2015, 9:07am

We try to upgrade our app from v1.9 to v2.
Beside the fact that V2 is much faster (!) we struggling with the following error:

First we login as demo user:

URL (POST):
…/api/v2/user/session

With body:

{
“email”: "user@test.com",
“password”: “password”,
“duration”: 0
}

This works and returns a session_token and a session_id.

In next step we try to call the service “db” / app “apptest”

URL (GET):
…/api/v2/db

With header:
X-DreamFactory-Session-Token --> session_token from above
X-DreamFactory-Application-Name --> apptest

This returns:

“error”: {
“context”: null,
“message”: “Access Forbidden.”,
“code”: 403,

We have created a role with permissions on all services. Also we enabled CORS with * and assigned created role to user.

Problem stays the same on local install and on dreamfactory enterprise. We also tested with different services,users and roles.

pitw · October 31, 2015, 1:48pm

After some try + error I found out that if using X-DreamFactory-Api-Key instead of X-DreamFactory-Application-Name the request works.

Is X-DreamFactory-Application-Name deprecated in V2?

jeffreystables · November 3, 2015, 4:00pm

Yes. As 2.0 is a complete rebuild and not an upgrade, some things like this have changed. I recommend checking the 2.0 wiki for details if you encounter this or other issues. The API key aspect is covered on this documentation page.

pitw · November 3, 2015, 4:11pm

Thanks Jeffrey

We already found out

Topic		Replies	Views
Access Forbidden (403) error when calling API in online sandbox environment REST API	6	4682	October 14, 2015
Problem to access DreamFactory APIs from PostMan(Google Chrome Client) community , rest	7	4825	March 21, 2017
API Authentication Error REST API	1	1761	February 25, 2015
Error 401 Unauthorized Authentication & Security	2	5579	December 28, 2015
Error in request URL Connecting to SQL	1	3023	August 3, 2016

Access forbidden Error

Related Topics