Getting 403 with custom http header X-Api-Key


#1

1) Give a description of the problem
Getting 403 Authorization error with custom http header
I have a http post that is getting a 403. I am able to curl the same service with this command:
curl -X POST --header “X-Api-Key:123abc” --header “Content-Type:application/json” --data ‘{“command”: “connect”, “port”:"/dev/ttyUSB0", “printerProfile”: “_default”, “baudrate”: 115200}’ http://192.168.1.26/api/connection
Here is more details:


2) What is the expected behaviour?
I should get a success 200 response

3) What is happening/not happening?
Getting a 403 auth failed


#2

Look here. Need your feedback on a new key-value piston input type in webCoRE


#3

Now there’s a word that brings back some memories… LOL


As far as your question, I wonder if changing:
"X-Api-Key:123abc"
to:
"X-Api-Key":"123abc"
will make a difference.

Most of your other dataPoints have quotes around the name as well as the dataPoint.


#4

Your curl is placing the ‘X-Api-Key’ in the header field. To do this with webcore version v0.3.10f.20190822 you will need todo the following shown in example here. This is similar to key access required for the AWS API Gateway. Note the Authorization header (optional) selection is required and needs to be a true JSON using the escaped {} brackets.


38%20PM
Screen Shot 2019-08-14 at 5.03.38 PM.png1518×582 42.4 KB


#5

This did it! HOLY COW. Thank you so much! I have spent way too long trying to get smartthings to talk directly to octoprint.