I get the following error during attempt to do any request:
State: Closed/Suspect/Application is denied access to the system - text: "Access Denied-256 not accessible to <user_name>"
What does it mean?
@pavel.kropachev
The DACS server has enabled the Application Permissioning. The error means that this user is not allowed to use this application (256).
Therefore, you need to contact a DACS administrator to permit this user for the application ID 256. The application ID 256 is the default application ID for APIs.
Thanks for answer!
Doesn't it mean that application user must have permissions for application ID 256 (in addition to other application IDs) to be able to use API?
Or I can provide specific application ID during interaction with DACS (like in case OmmConsumerConfig.applicationId(ID))?
Yes, if the Application Permissioning is enabled on DACS, the user must have permissions for application ID specified in the OmmConsumerConfig. The default value is 256 for APIs.
Yes, you can change the value of application ID used by the application through OmmConsumerConfig.applicationId(ID).
@Jirapongse
I just to understand - is application ID separated for OmmConsumer and DACS?
Hello @pavel.kropachev
When a consumer connects to an infra (ADS), it includes user, appId, position info with the login request.
The infra endpoint will interact with DACS entitlements system, to use this info, to make sure that the login should be allowed.
The best approach, as suggested with @Jirapongse, is to contact your market data/dacs group/admin, to make sure that your user is entitled, the appId you use ( either 256 or a different id that you use) is permissioned to the user, and also to double-check what RICs the user is permissioned to consume, in order for your consumer app to login and, consequently, to consume the RICs.
Hello @zoya faberov
I see that application ID can be set for consumer. It's clear.
In turn in case of using DACS the application name (application ID in the context of DACS) should be also set and has the same value that is used for consumer.
For example, if application ID 999 is permitted for user, then this value should be set for consumer and for identity of DACS (for this user).
Yes. Please see the picture included by @Jirapongse,
If the user (in DACS) is permissioned for id=999, the user will be able to login with id=999.
If the user is not entitled for id=997, the user will not be able to login with id=997
The login can be permissioned for more then one appId within dacs, and in this case,
the user will be able to establish multiple connections, with any appId that the user is permissioned for.
The user will not be able to login with any appIds they are not permissioned for.
Therefore, it is crucial for you to know, what your user is permissioned for (in DACS) and configure your consumer accordingly.
@zoya faberov Thanks for clarification!