Cannot access a REST API (403)

Question

Question

Denys Kondratiuk · Dec 5, 2023

#ObjectScript #REST API #InterSystems IRIS

I need to create a simple REST application.
I`ve created an app:

Also here is a dispatcher class:

Class Lab3.helloWorld Extends %CSP.REST
{

Parameter Authentication = 0;
Parameter HandleCorsRequest = 0;
XData UrlMap [ XMLNamespace = "https://www.intersystems.com/urlmap" ]
{
<Routes>
    <Route Url="/hello" Method="GET" Call="Hello" />
</Routes>
}

ClassMethod Hello() As %Status
{
	Do ##class(%REST.Impl).%SetContentType("application/json")
    If '##class(%REST.Impl).%CheckAccepts("application/json") Do ##class(%REST.Impl).%ReportRESTError(..#HTTP406NOTACCEPTABLE,$$$ERROR($$$RESTBadAccepts)) Quit
    Set response="hello world"
    Do ##class(%REST.Impl).%WriteResponse(response)
    Quit $$$OK
}
}

But when I call the Get method: http://localhost:52773/csp/crud/hello
There is an error: 403 Forbidden
I don't understand what can cause it.

Discussion (2)2

Log in or sign up to continue

Enrico Parisi · Dec 5, 2023

You have setup your REST Web application "Allowed Authentication Method" as "Unauthenticated", therefore your REST code/application runs under the "UnknownUser" account/user.

My guess is that the UnknownUser user does not have enough privilege (Role(s)) to run your code.
If this is just a private, isolated test system, try adding %All role to the UnknownUser user account.

Enrico

2 0

score 0 · Answer 1 · 2023-12-05T16:33:47-05:00

Denys Kondratiuk · Dec 5, 2023

Yep, it works!
Enrico, many thanks!

0 0