I'm getting the following response when trying to publish to a RabbitMQ exchange whose virtual host the user has access to:
{
"error": "not_authorised",
"reason": "Not management user"
}
I can give the user the management tag but that would let him access the UI which is not what we want.
Related
I tried to use below mixpanel API for fetching event data.
Link
But I am facing a below 403 forbidden error.
{
"request": "/api/2.0/events",
"error": "You do not have the required scope(s) for this request"
}
It seems to be like some permission is missing for accessing the API. But I can't able to find out where to set this scope
Please help me how to get rid of this error
We've found success with the schema if you generate a Service Account from the Organization/Project Settings and use those credentials when authorizing the request.
To do this, go to your Organization Settings, click "+ Service Account" and use the credentials that are generated in the request you submit.
I deployed my microservice over master tenant and subscript it onlty to subtenant.
If I call:
GET https://subtenant.cumulocity.com/service/mymicroservice/health i get Status Code 200 and UP
However if I call:
GET https://subtenant.cumulocity.com/service/mymicroservice/myendpoint/data
I get Status Code 500 and
{
"timestamp": 1534235792950,
"status": 500,
"error": "Internal Server Error",
"exception": "com.cumulocity.sdk.client.SDKException",
"message": "Http status code: 403\n{error=\"security/Forbidden\",message=\"Access is denied\",info=\"https://www.cumulocity.com/guides/reference-guide/#error_reporting\",details=\"null\"}",
"path": "/ mymicroservice /data"
}
When I subscribe to the master tenant, the microservice is working fine! It seems that the user of subtenant is not allowed to access the Cumulocity APIā¦ I also checked the user and the role. The access rights are all granted. How can i access my microservice at subtenants?
I solved the problem by my self. I made a mistake; i forgot to add a role to the manifest to requiredRoles. It was also not working in master tenant.
I am trying to send FAX using POSTMAN using following URL "https://platform.devtest.ringcentral.com/restapi/v1.0/account/~/extension/****88004/fax"
and I'm getting:
{
"errorCode": "CMN-408",
"message": "In order to call this API endpoint, user needs to have [OutboundFaxes] permission for requested resource.",
"errors": [
{
"errorCode": "CMN-408",
"message": "In order to call this API endpoint, user needs to have [OutboundFaxes] permission for requested resource.",
"permissionName": "OutboundFaxes"
}
],
"permissionName": "OutboundFaxes"
}
There was a problem in Bearer Token at the time of making Send Fax request.
Because I was using primary account details for generating Token and at the time of sending FAX I was using extensionid of extension 102 and Bearer Token was generated with Main account extension 101. That is why it was throwing [OutboundFaxes] permission error.
To send FAX with ExtensionId of extension 102 , then generate the token using subaccount 102 details instead of main account.
I have successfully reproduced the issue.
test case
The root cause is just what #Jack said: authorize with extension 101 then try to send the fax with extension 102.
The error message is
{ errorCode: 'CMN-408',
message: 'In order to call this API endpoint, user needs to have [OutboundFaxes] permission for requested resource.',
errors:
[ { errorCode: 'CMN-408',
message: 'In order to call this API endpoint, user needs to have [OutboundFaxes] permission for requested resource.',
permissionName: 'OutboundFaxes' } ],
permissionName: 'OutboundFaxes' }
I think the error message needs to be improved. It's very hard to figure out the root cause by reading it. I have reported this issue to RingCentral engineering team.
When I try to authenticate against the Zendesk API as an end-user, and then list tickets, it always responds with 403 Forbidden:
e.g.
GET
https://mysite.zendesk.com/api/v2/requested.json
Basic Authorization
returns with a 403
{
"error": {
"title": "Forbidden",
"message": "You do not have access to this page. Please contact the account owner of this help desk for further help."
}
}
It appears that the "tickets" API (like above) is not for end-users. Instead they must use the "requests" API .
So use: https://mysite.zendesk.com/api/v2/requests.json instead...
I am currently researching a way to use the Google Purchase Status API with just HTTP request calls, and I have hit a brick wall. I have an app setup with Google Play, and ownership of the Google Console account.
Basically, I just would like to check the status of a user's purchase on my server. The only information I should be using is the purchase token, product ID, and product package.
I have followed all the documentation on doing this at developer.android.com/google/play/billing/gp-purchase-status-api.html
The HTTPS request call I am attempting to make is this (product names and real strings substituted):
googleapis.com/androidpublisher/v1.1/applications/(com.product.myproduct)/inapp/(com.product.myproduct.product1)/purchases/(myproductpurchasestring)?access_token=(myaccesstokenstring)
and my response is always this:
{
"error": {
"errors": [
{
"domain": "androidpublisher",
"reason": "developerDoesNotOwnApplication",
"message": "This developer account does not own the application."
}
],
"code": 401,
"message": "This developer account does not own the application."
}
}
When polling my access token through this http request call:
googleapis.com/oauth2/v1/tokeninfo?access_token=(myaccesstokenstring)
this is my response:
{
"issued_to": "12345.apps.googleusercontent.com",
"audience": "12345.apps.googleusercontent.com",
"scope": "https://www.googleapis.com/auth/androidpublisher",
"expires_in": 3319,
"access_type": "offline"
}
So according to the documentation at https://developers.google.com/accounts/docs/OAuth2#webserver, I need to:
Authorise myself and retrieve a refreshable access token that is generated from 'Client ID for web applications' in the API access section of the Google API Console. I have done this.
Utilise this access token for google API calls in either of 2 ways: appending the string to the HTTP header 'Authorization', or as part of the HTTPS request itself with the property access_token=(mytokenstring). This part does not work for me, I always get an unauthorised message.
My question I guess would be: is it possible to use a simple HTTPS request call (without external library support) to retrieve the status of a purchased item without user interaction on backend servers?
I would really appreciate any help, most of the other threads are about how to go about getting a refresh token, but I have covered that already.
ok, I figured out my own problem with the help of a colleague. Basically, my access token was being generated under an account which wasn't linked to the project in any way. It would be safest to use the owner of the project's google account when generating the access token.
Phew!