This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

POST failing with 403 error

Posted on 03-03-2022 09:07 AM
dtcyad1
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi @dchiesa1 ,

I am running into a peculiar issue while send a POST to Apigee X. I have a very simple Proxy with no authentication. I have a POST flow defined. When I send the POST with only one line in the JSON payload, it works fine. The moment i add a second attribute on the same line or the second line, it fails with a forbidden error. In debug mode, I dont even see any activity in the debug screen (the one i am attaching just shows the success when i send just one attribute. I am sending all the three screen shots. I have tried the POST from Postman and the command line, but it still fails. So i am not able to send bigger JSON payloads either. I tried changing the ContentType to text,raw.... but nothing seems to work the moment i add more than one param. Ayn ideas on why this might be happening?

 

ThanksScreen Shot 2022-03-03 at 10.05.36 AM.pngScreen Shot 2022-03-03 at 10.04.53 AM.pngScreen Shot 2022-03-03 at 10.03.37 AM.png

 

 

0 3 1,148
Topic Labels
0 Likes
3 REPLIES 3

Posted on --/--/---- --:-- AM
dchiesa1
Staff
Reply posted on --/--/---- --:-- AM

Hi

Sorry I'm not able to diagnose what's happening on your proxy with the 403 codes. 

The images you showed clearly indicate a 403 received by the client (which I think is Postman). 

But the trace image shows a 200.  It does not appear that the trace screenshot corresponds to the request that received a 403.

A 403 response code indicates "forbidden".  That means the server is disallowing the client's request.  This can happen in Apigee if you use a VerifyAPIKey or OAuthV2/VerifyAccessToken in the proxy, and the client sends an invalid API key, or an invalid access token. It can also happen in Apigee if Apigee routes the request to an upstream system, and the upstream returns a 403.  

How can you determine the cause? My suggestion is to start the trace/debug session, then send the request that results in a 403. Then look at the transaction in the debug visualizer, to determine which policy or stage is generating the 403. 

 

0 Likes

Posted on --/--/---- --:-- AM
dtcyad1
Bronze 1
Bronze 1
In response to dchiesa1
Reply posted on --/--/---- --:-- AM

Hi @dchiesa1 , 

yes - the debug image was to show that a POST with just one attribute does make it through successfully. But nothing else comes there if I add 2 attributes . The forbidden that you see in Postman also appears if I run the curl command for it. The Proxy is clean -no  auth policies (which would still have shown up as an error in the debug). Once I change the JSON payload to having 2 attributes, nothing appears in the debug session!!

Thanks

0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
In response to dtcyad1
Reply posted on --/--/---- --:-- AM

the debug image was to show that a POST with just one attribute does make it through successfully. But nothing else comes there if I add 2 attributes .

Hmm! it sounds like it's not the API Proxy that is rejecting your request!

If I were diagnosing this I would look into the response headers to try to determine the problem. I am not familiar with the postman interface so I don't know how to configure it to send a plain JSON payload. I know curl though. Your command should look like this:

 

curl -i https://myendpoint.net/sada-kvm-admin/service-account \
  -d '{ "type" : "service_account", "place" : "usa" }'

 

If the request sent like this is not received by yur API proxy, then there is something else in between your client (curl) and your Proxy in Apigee that is throwing the 403. And THAT, I suppose might be revealed in one of the 18 response headers you are getting in the response. Look there !

0 Likes
Top Solution Authors
View all