My Products
Help
andretvard
CONTRIBUTOR ***

"You don't have permission to access this resource" when accessing API

by andretvard

Hi 

 

We noticed that many of our customers started to get "You don't have permission to access this resource" error when accessing API. It seems that GET requests work but not POST/PUT.

 

Please advise on how to handle this problem.

 

Here is the response we get from API:

 

<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access this resource.</p>
</body></html> 
23 REPLIES 23
Florian Haase
PARTNER

by Florian Haase

Same problem here: 

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>403 Forbidden</title> </head><body> <h1>Forbidden</h1> <p>You don't have permission to access this resource.</p> </body></html> Faktura 203797 - <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>403 Forbidden</title> </head><body> <h1>Forbidden</h1> <p>You don't have permission to access this resource.</p> </body></html>

 

We try to add attachment to incoming invoices. That critical for us because we use that for reverse invoicing. 

 

Could you please send us the companyID?

Florian Haase
PARTNER

080902

This does not look like a companyID, could you please doublecheck?

Florian Haase
PARTNER

Sorry that paste went wrong. Its 

3116476
erik-kle
PARTNER

by erik-kle

A customer reports that lineDescription and uom is not posted on SalesOrderV2. So this old bug from this summer is probably back. 

IPP-REQUEST-ID: 0fa328f1-6b77-4c9a-a0f4-f51c3a73b4af

andretvard
CONTRIBUTOR ***

by andretvard

Hi

 

POST controller/api/v1/customerinvoice/{invoiceNumber}/attachment still does not work.


RESPONSE:
{StatusCode: 403, ReasonPhrase: 'Forbidden', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers:
{
Date: Wed, 31 Aug 2022 06:43:12 GMT
Server: Nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 199
Content-Type: text/html; charset=iso-8859-1
}}

 

3a8cddc5-7619-461f-839e-facfd801dcf3

by Magnus Johnsen

Hi,

We're not able to reproduce this, is it still an issue? 2022-08-31 10_37_37-Postman.png

Michel V
CONTRIBUTOR ***

by Michel V

Hi Magnus,

Still getting reports about adding attachments to certain documents:

HTTP-POST => integration.visma.net/API/controller/api/v1/supplierInvoice/documentType/Invoice/{invoiceId}/attachment
HTTP-Receive-Header => HTTP/1.1 403 Forbidden
Connection: Keep-Alive
Date: Wed, 31 Aug 2022 09:18:29 GMT
Keep-Alive: timeout=15, max=91
Content-Length: 199
Content-Type: text/html; charset=iso-8859-1
Server: Nginx

by Magnus Johnsen

Hi,

Could you please send us the error message returned as well?

We are not able to reproduce this, but it might be related to companyInContext issues. 

Michel V
CONTRIBUTOR ***

by Michel V (Updated ‎31-08-2022 13:25 by Michel V )

We are able to create supplierinvoice but when adding an attachment the following error occurs:

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access this resource.</p>
</body></html>

by Magnus Johnsen

Could you please send us the companyID?

 

Michel V
CONTRIBUTOR ***

by Michel V
erik-kle
PARTNER

by erik-kle

PUT /controller/api/v1/shipment/{shipmentNbr}
500 - VismaId: 02995599-65ad-411e-93df-ca149b752a13. Object reference not set to an instance of an object

{
"shipmentNumber": {
"Value": "000126"
},
"shipmentPackageLines": [
{
"boxId": {
"Value": "PC"
},
"weight": {
"Value": 90.000000
},
"customRefNbr2": {
"Value": "Test"
},
"operation": "Insert"
}
]
}

by Magnus Johnsen

The issues seems to be resolved now, calls are going through.

Please let us know if you are still having issues. 

Thank you. 

Michel V
CONTRIBUTOR ***

by Michel V (Updated ‎30-08-2022 16:56 by Michel V )

We are still experiencing the issues with adding attachments to invoice 

POST /controller/api/v1/customerinvoice/{invoiceNumber}/attachment

Adding attachments to supplierinvoices also returns 403 Forbidden

POST /controller/api/v1/supplierInvoice/{invoiceNumber}/attachment

Updating customer seems to work now

Stefan Hult
PARTNER

It Works for us. Thanks.

andretvard
CONTRIBUTOR ***

by andretvard

PUT SalesOrder 

POST SalesOrder/Action/CreateShipment 

by Magnus Johnsen

Hi,

We are able to reproduce this on some endpoints, do you have any examples that we can pass on to the developer team?

We are currently looking in to this.
It would help knowing:

  • Endpoint
  • Timestamp
  • Request-ID

Thank you. 

Michel V
CONTRIBUTOR ***

by Michel V (Updated ‎30-08-2022 15:30 by Michel V )

Hi Magnus,

We are currently noticing the same problem. (time is GMT+2)


Endpoints:
Updating customer PUT /controller/api/v1/customer/{customerCd}

8/30/2022, 1:59:42.880 PM 

8/30/2022, 1:59:42.803 PM 

8/30/2022, 1:59:42.394 PM

8/30/2022, 1:59:41.713 PM

 

Adding attachment to invoice POST /controller/api/v1/customerinvoice/{invoiceNumber}/attachment

8/30/2022, 2:59:51.406 PM

8/30/2022, 2:59:51.282 PM

 

Unfortunately i do not have a Request-ID

I will be happy to provide you with more details should you require them.