Bearer token working in Postman but not in Server
The api changed some of it´s security configurations tonight, but i have been doing server side calls for a few months so i discard this being a problem in the server.
This is my configuration in postman
Hello, this is my API Call in JAVA
{Authorization=Bearer XXXXXXXXXXXXXXXX, headers={Content-Type=application/json}, params={limit=50, state=published, page=1}, url=https://app.tuotempo.com/api/v3/tt_portal_fiatc_test/catalog}
The exception i get in the HTTPRequest from JAVA is
{"result":"ERROR","return":[],"msg":"ACCESS RIGHT DENIED","exception":"TUOTEMPO_SERVICE_NOT_ALLOWED","execution_time":"","debug":"You need a valid access right for the instance tt_portal_fiatc_test"}
What i am missing?
EDIT: Additional INFO: the GET call in JAVA
EDIT2: Already tried without the "bearer" just with Auth: XXXXX.
{Authorization=XXXXXXXXXXXXXXXX, headers={Content-Type=application/json}, params={limit=50, state=published, page=1}, url=https://app.tuotempo.com/api/v3/tt_portal_fiatc_test/catalog}
RESPUESTA{headers={content-type=application/json, transfer-encoding=chunked, vary=Accept-Encoding, expires=Thu, 19 Nov 1981 08:52:00 GMT, cache-control=no-cache, pragma=no-cache, set-cookie=lang=es; expires=Sun, 25-Dec-2022 05:31:28 GMT; Max-Age=2592000; path=/; secure; HttpOnly, x-status-code=403, date=Fri, 25 Nov 2022 05:31:28 GMT, connection=close}, status_code=403, reason_phrase=Forbidden, content=[B@241dde53}
CONTENT: {"result":"ERROR","return":[],"msg":"ACCESS RIGHT DENIED","exception":"TUOTEMPO_SERVICE_NOT_ALLOWED","execution_time":"","debug":"You need a valid access right for the instance tt_portal_fiatc_test"}
It was a silly thing in the end. As we can see in the logs (visible in EDIT2 for example).
The Auth. is OUTSIDE the HEADERS, if it´s not in the headers, the API doesn´t read it.
There was a security problem in the API and this was the way to discover that the API (third party one) was PUBLIC since it´s implementation, that´s why we didn´t thought that the call wasn´t well implemented.
- 'wsimport' is not recognized error in command prompt
- Best way to compare two JSON files in Java
- Java get month sort name from date
- Obtain and download Javadoc (JDK API documentation) to a local file for offline reading
- How to get the number of days in a specific month using Java Calendar?
- Custom Spring annotation for request parameters
- License for package Android SDK Platform 29 not accepted
- Java Compile Time Error: reached end of file while parsing
- ShellIpcClient and NonCelloThread errors java
- How to verify a signature from the Phantom wallet?
- FirebaseAuth - Get tokenId in Java backend
- How to hide constructor on a Java record that offers a public static factory method?
- Is it possible to get MariaDB4J to work on an M1 Mac?
- Cannot run simple compiled java program?
- Getting IntelliJ to generate Java Sources from Proto files
- Insert a java string constant in a quarkus qute template?
- Why is the run button not working in Eclipse?
- Stuck on Card/Deck exercise from Java official tutorial
- Spring Batch - Deleting metadata post job completion throws error - Incorrect result size: expected 1, actual 0
- Simple export and import of a SQLite database on Android
- How to serialize a date to a specific format?
- How to make the Youtube's rotating spinner loading screen on Java Swing
- How to sort List<Integer[]> in java?
- How to prevent spring boot from auto creating instance of bean 'entityManagerFactory' at startup?
- Sharing instance of a class between multiple tests running in parallel in Junit5
- Launch4J not recognizing Eclipse Temurin OpenJDK Java 17
- Turn my stack into a string?
- How can I document or exclude the generated BuildConfig class in my documentation?
- Is it a bad practice to catch Throwable?
- Java: Right Click Copy Cut Paste On TextField