https://community.cisco.com/t5/controllers/return-code-403-forbidden-access-denied-on-several-api-s/m-p/4498290#M2337 <P>Ok, yesterday I had a call with Cisco and the problem ist solved.&nbsp;</P><P>1) My permissions were insufficient and&nbsp;</P><P>2) I did not know, that api* und apx* URL's are behind different gateways and need different authentication / client credentials due to different applications in use.&nbsp;</P><P>api* URL is behind Mashery GW and uses the application(s) on <A href="https://apiconsole.cisco.com" target="_self">https://apiconsole.cisco.com</A> while</P><P>apx* URL is behind Mulesoft GW and uses the application(s) on&nbsp;<A href="https://anypoint.mulesoft.com/apiplatform/apx/#/portals" target="_blank">https://anypoint.mulesoft.com/apiplatform/apx/#/portals</A></P><P>With having both in place and the correct permissions granted API access is working for CCW-R and Service APIs.&nbsp;</P> Fri, 05 Nov 2021 07:50:06 GMT CiscoAPI 2021-11-05T07:50:06Z https://community.cisco.com/t5/controllers/return-code-403-forbidden-access-denied-on-several-api-s/m-p/4497643#M2336 <P>Hello,&nbsp;</P><P>&nbsp;</P><P>I've got some experience in using API's but I'm new to the Cisco API's.&nbsp;</P><P>According to Cisco my account has the correct permissions using CCW-R (we're PSS) and Service API's. We registered the API's we want to use to two apps due to different auth methods - one for the CCW-R and one for Service API's.&nbsp;</P><P>&nbsp;</P><P>While some API's are working fine (e.g. EoX and Advisories) I've goth 'Access Denied' on other API's. For example:&nbsp;</P><P>GET <A href="https://api.cisco.com/sn2info/v2/coverage/status/serial_numbers/FCW2323G0TV" target="_blank" rel="noopener">https://api.cisco.com/sn2info/v2/coverage/status/serial_numbers/FCW2323G0TV</A><BR />GET <A href="https://api.cisco.com/product/v1/information/product_ids/UBR10012,ASR1001" target="_blank" rel="noopener">https://api.cisco.com/product/v1/information/product_ids/UBR10012,ASR1001</A><BR />GET <A href="https://apx.cisco.com/cs/api/v1/customer-info/customer-details" target="_blank" rel="noopener">https://apx.cisco.com/cs/api/v1/customer-info/customer-details</A><BR />GET <A href="https://apx.cisco.com/cs/api/v1/customer-info/customer-details" target="_blank" rel="noopener">https://apx.cisco.com/cs/api/v1/customer-info/customer-details</A><BR />POST <A href="https://api-test.cisco.com/ccw/renewals/api/v1.0/search/contractSummary" target="_blank" rel="noopener">https://api-test.cisco.com/ccw/renewals/api/v1.0/search/contractSummary</A></P><P>&nbsp;</P><P>Can someone please give me a hint if I'm doing it wrong?&nbsp;</P><P>&nbsp;</P><P>Here are the API's registered for the service (please ignore, that the CCW-R is added as well):</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="01.png" style="width: 312px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/136520iD8CBB8B279F70D4F/image-dimensions/312x800?v=v2" width="312" height="800" role="button" title="01.png" alt="01.png" /></span></P><P>The token request is working fine (using it for EoX and Advisories as well because it's the same app):</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="02.png" style="width: 550px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/136524i2B6442F8F4BC8D68/image-size/large?v=v2&amp;px=999" role="button" title="02.png" alt="02.png" /></span></P><P>My request header is looking like the following:</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="03.png" style="width: 999px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/136522i74CE6D241945876D/image-size/large?v=v2&amp;px=999" role="button" title="03.png" alt="03.png" /></span></P><P>According to the API and their documentation I add JSON information to the body. For example the customerID when trying to receive respective information.&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="04.png" style="width: 931px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/136523i34D1B459A2001108/image-size/large?v=v2&amp;px=999" role="button" title="04.png" alt="04.png" /></span></P><P>&nbsp;</P><P>The response is always the same:&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="05.png" style="width: 999px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/136521i09FCBCF01295CA3F/image-size/large?v=v2&amp;px=999" role="button" title="05.png" alt="05.png" /></span></P><P>&nbsp;</P><P>I really appreciate your help! Thanks, David.</P> Thu, 04 Nov 2021 06:45:13 GMT https://community.cisco.com/t5/controllers/return-code-403-forbidden-access-denied-on-several-api-s/m-p/4497643#M2336 CiscoAPI 2021-11-04T06:45:13Z https://community.cisco.com/t5/controllers/return-code-403-forbidden-access-denied-on-several-api-s/m-p/4498290#M2337 <P>Ok, yesterday I had a call with Cisco and the problem ist solved.&nbsp;</P><P>1) My permissions were insufficient and&nbsp;</P><P>2) I did not know, that api* und apx* URL's are behind different gateways and need different authentication / client credentials due to different applications in use.&nbsp;</P><P>api* URL is behind Mashery GW and uses the application(s) on <A href="https://apiconsole.cisco.com" target="_self">https://apiconsole.cisco.com</A> while</P><P>apx* URL is behind Mulesoft GW and uses the application(s) on&nbsp;<A href="https://anypoint.mulesoft.com/apiplatform/apx/#/portals" target="_blank">https://anypoint.mulesoft.com/apiplatform/apx/#/portals</A></P><P>With having both in place and the correct permissions granted API access is working for CCW-R and Service APIs.&nbsp;</P> Fri, 05 Nov 2021 07:50:06 GMT https://community.cisco.com/t5/controllers/return-code-403-forbidden-access-denied-on-several-api-s/m-p/4498290#M2337 CiscoAPI 2021-11-05T07:50:06Z