I have a callout GET call which works perfectly when i construct the URL like below in my callout policy.
<HTTPTargetConnection> <Properties/> <URL>https://xxxxxxxx.execute-api.us-west-2.amazonaws.com/Prod/api/User?userId={accesstoken.user.login}</URL> </HTTPTargetConnection>
But then instead of hardcoding the URL, i have used a KVM policy to get the env variables prior to the callout policy and then modified my callout above URL as
<HTTPTargetConnection> <Properties/> <URL>https://{lambda-api-gateway-url}/api/User?userId={accesstoken.user.login}</URL> </HTTPTargetConnection>
And now i am getting always 403 with "message":"Forbidden"
the Target URL it constructs looks good but do not know why i am getting 403 instead of 200.
p.s: BEfore my callout policy, i have a oAuth2.0 policy which is running ok, no problem with that
Yes, it's unfortunate, but you cannot compose the URL that way in an HTTP Target connection.
Instead, you must set the variable "target.url". Something like this:
var resolveVariableReferences = (function (){ var variableNameRe = "[^ \t\n\"',/\\\\{}]+?"; // non-greedy capture var varPrefixRe = '{'; var varSuffixRe = '}'; var variableRegex = new RegExp( varPrefixRe + '(' + variableNameRe + ')' + varSuffixRe); function resolveVariableReferences(s) { var match = variableRegex.exec(s); while (match){ var variableName = match[1]; var value = context.getVariable(variableName); if (value && value !== '') { s = s.replace('{' + variableName + '}', value); } match = variableRegex.exec(s); } return s; } return resolveVariableReferences; }()); var template = "https://{lambda-api-gateway-url}/api/User?userId={accesstoken.user.login}"; var resolvedValue = resolveVariableReferences(template); context.setVariable('target.url', resolvedValue);
You should embed that into a JavaScript policy and execute it in the target request flow.
User | Count |
---|---|
2 | |
2 | |
1 | |
1 | |
1 |