4 Replies Latest reply on Aug 26, 2015 4:40 PM by KMSigma

    Receiving 403 Forbidden When Using REST API In C#

    davfost@microsoft.com

      Receiving 403 Forbidden When Using REST API In C#

       

      I was referred to the following C# example of using REST APIs Sample code: OrionSDK/Program.cs at master · solarwinds/OrionSDK · GitHub

       

      This looked very promising and I have attempted to implement it for my process. However, all requests are failing with a 403 Forbidden error.

       

      I have verified if I used invalid credentials I get a 401 unauthorized error so it appears to be authenticating my request, but I can't get results for a simple query operation.

       

      I am basically using the code from the example but I am only calling the query action with the following simple query string and no arguments:

      conststring query = @"SELECT nodeid, caption FROM Orion.Nodes";

       

      I have output the JSON string created before it is passed to the request and it looks like this:

      {"parameters":null,"query":"SELECT nodeid, caption FROM Orion.Nodes"}

       

      Is there something wrong with the JSON or my query request?

        • Re: Receiving 403 Forbidden When Using REST API In C#
          davfost@microsoft.com

          I recently had similar issue with a 403 response in a different project and there it turned out that the server required additional header values to be set when making a request.

           

          Does anyone know if there are specific required header setting for opening a connection to the V3 SolarWinds service using Json?

           

            • Re: Receiving 403 Forbidden When Using REST API In C#
              tdanner

              The only required headers are:

               

              1. "Content-Type: application/json" (if this is missing you will get a 500 response with a message about "unexpected message format 'Raw'")

              2. "Authorization: Basic XXXXXX"

                   If this is missing you will get 401 Unauthorized.

                   If the credentials are wrong, you will get 403 Forbidden.

               

              We had a thread last week (REST API returning 403 Forbidden for Admin user) from a user who was having 403 errors when trying to connect with a Windows account. When they switched to a different account, the problems went away. We were not able to determine the cause of the problems.

               

              Have you tried using a different user account? Are you using a Windows account or a database account?

                • Re: Receiving 403 Forbidden When Using REST API In C#
                  davfost@microsoft.com

                  Hi tdanner,

                   

                      I have set the content type to application/json and the authorization to basic. This got me past an initial 401 unauthorized respond and to the 403 response I am currently getting.

                   

                      I am using a Windows account, and I have not yet a basic site logon account. I will ask the admin to set one up so I can test with it. However, that would not be a long term solution for me. The tool we are making needs to be executable by many different users and it's current behavior does not require them to enter any login info as they are authenticated with the current user credentials. We want to maintain that experience when we add support for suspending SolarWinds nodes.

                   

                       I have also been investigating the CSClient sample provided with the SDK. I am hitting the same 403 error trying to use that code to make a query request, but it appears I have more control over binding info there.

                   

                       Is there an example of setting up a InformationServiceClient object using the local users windows credentials?

                   

                    • Re: Receiving 403 Forbidden When Using REST API In C#
                      KMSigma

                      I know that this post was more in line with C++, but I wanted to share my little discovery.

                       

                      Using PowerShell, I was able to authenticate with the Orion server if I was running the following script from within the domain:

                      Add-PSSnapin -Name SwisSnapin -ErrorAction SilentlyContinue
                      $SwisUsername = "DEMOLAB\Orion"
                      $SwisPassword = "P@ssw0rd"
                      $SwisHost    = "orion-host.demo.lab"
                      $SwisCredentails = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $SwisUsername, ( ConvertTo-SecureString -String $SwisPassword -AsPlainText -Force ) 
                      $SwqlQuery = "SELECT FileName, FileData FROM Orion.MapStudioFiles WHERE IsDeleted = False ORDER BY FileName"
                      $SwisConnection  = Connect-Swis -Hostname $SwisHost -Credential $SwisCredentails
                      Get-SwisData -SwisConnection $SwisConnection -Query $SwqlQuery
                      

                       

                      When I ran the same against the same Orion server (but not within the same domain), I got an authentication error.