Getting permission denied

priyanka123

Hi ,
I am trying to access this API https://test.connectone.xyz/api/users
I am passing data {
"username": "forumadmin",
"email": "p@mail.com",
"password": "****"
}
I am not able to register the data through API . getting error permission denied.
{
"errors": [
{
"status": "403",
"code": "permission_denied"
}
]
}
Please help me

luceos

priyanka123 can you show the code of the full request? Eg request method, header (mask the passwords).

priyanka123

Hi @luceos,
Thank you for your reply !
I am checking this in post man . I have used post method https://test.connectone.xyz/api/users
and pass this in body in json format
{
"username": "forumadmin",
"email": "p@mail.com",
"password": "admin123"
}

luceos

priyanka123 are you using the master token?

priyanka123

Hi luceos
I have created API key in database and calling that in header authorization.Please check given image.

luceos

You need to set the header manually:

Key: Authorization
Value: Token <token> if master or user token, Token <token>; userId <userId> if master for a specific user

You can't use API key as Authorization as it creates the wrong header.

clarkwinkelmann

If it's an API Key, you need to add the userId= part, like Token <token>; userId=<userId>. For example, Token abcdefg; userId=1.

I think luceos example is wrong because the = is missing.

Also make sure that registrations are enabled or that the userId is an admin.

A different issue is that your body payload is not properly formatted (it's not following json:api spec), but that will be a different 400 error once you fix the authorization part.

priyanka123

Hi @luceos ,
Still I am getting same error.

luceos

priyanka123 don't surround the token with brackets. That's to show its a variable. Drop < and >

priyanka123

luceos
yes , I have removed that but still not working and getting same error

luceos

priyanka123 what are the response headers?

priyanka123

luceos
I am getting same error permission denied

priyanka123

Hi @luceos , @clarkwinkelmann ,
Please check what i followed the process but still i am getting permission denied error.
i have added random 40 key in my DB API_Key Table & user id 1,After that I have passed in postman header that key and user id but still getting same error.

Plaese help me , I am not able to access any APIs . 🙁

clarkwinkelmann

priyanka123 I'm not sure if this can be it, but there should be no spaces between userId=1

priyanka123

clarkwinkelmann
Still getting same error

priyanka123

Hi @luceos , @clarkwinkelmann ,
please check my postman collection .
https://www.postman.com/collections/4ea8abfebd8955999ca8
please help me in resolving the API issue