Error requesting access token API-REST

Good Afternoon, Requesting your support with the following topic:
We create an integration with SugaCRM through an API-REST.
The detail is that we are trying to obtain an authentication token from SugarCRM with the endpoint /rest/v11/oauth2/token using the authorization protocol: OAuth2

However we get the following response:
Error requesting access token
403 Forbidden
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access this resource.</p>
</body></html>

We have proceeded with the following points
1. Token request from Postman which is correct.
2. Access credentials have been verified and are correct.
3. The connection user is “Active”.
Is there something we need to consider?
Thanks for your help.

Parents
  • Without seeing the precise PHP code you are using, it is a little tricky to debug your code.

    The script posted by  is an excellent resource for testing that the API calls are working in your environment and I recommend keeping it as a test script for yourself. Worth bearing in mind is the fact that curl use in PHP is now deprecated within the Sugar environment (as of 12.1 I believe) and so it will no longer work if you use it within Sugar code. You need to switch to using the new ExternalResourceClient there instead. The script will still work independently in your own web server though so don't go throwing it away just yet ;)

    However, in terms of the error you are seeing, IME the most often cause of this is using the wrong verb in the call. To get an auth token you need to be using the POST endpoint not GET (you are actually CREATING a token not GETting one so you use the POST call to create) - if you use GET instead you are likely to get the error you showed as GET is not an authorised verb on that endpoint.

    Another thing to look out for is that you are passing the header "Content-Type:application/json" with your call. I have seen instances (especially using cURL) where omitting this causes the call to fail. However, if I recall correctly, I got a different error to yours when that was the case.

    If neither of these apply to you, and Francesca's script doesn't point you in the right direction, then perhaps post the code you are using and we can take a look and see what else might be wrong. I can assure you that the API does work and works very well. I find it an excellent implementation of a ReST API and use it all the time for making updates to On-Cloud instances where the UI is not suitable.

    Thanks,

    JH.

Reply
  • Without seeing the precise PHP code you are using, it is a little tricky to debug your code.

    The script posted by  is an excellent resource for testing that the API calls are working in your environment and I recommend keeping it as a test script for yourself. Worth bearing in mind is the fact that curl use in PHP is now deprecated within the Sugar environment (as of 12.1 I believe) and so it will no longer work if you use it within Sugar code. You need to switch to using the new ExternalResourceClient there instead. The script will still work independently in your own web server though so don't go throwing it away just yet ;)

    However, in terms of the error you are seeing, IME the most often cause of this is using the wrong verb in the call. To get an auth token you need to be using the POST endpoint not GET (you are actually CREATING a token not GETting one so you use the POST call to create) - if you use GET instead you are likely to get the error you showed as GET is not an authorised verb on that endpoint.

    Another thing to look out for is that you are passing the header "Content-Type:application/json" with your call. I have seen instances (especially using cURL) where omitting this causes the call to fail. However, if I recall correctly, I got a different error to yours when that was the case.

    If neither of these apply to you, and Francesca's script doesn't point you in the right direction, then perhaps post the code you are using and we can take a look and see what else might be wrong. I can assure you that the API does work and works very well. I find it an excellent implementation of a ReST API and use it all the time for making updates to On-Cloud instances where the UI is not suitable.

    Thanks,

    JH.

Children