question

Upvotes
Accepted
7 1 0 5

Access Denied-256 not accessible

I get the following error during attempt to do any request:

State: Closed/Suspect/Application is denied access to the system - text: "Access Denied-256 not accessible to <user_name>"

What does it mean?

elektronrefinitiv-realtimeelektron-sdkrrtema-apielektron-message-apiauthentication
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvote
Accepted
45.2k 103 43 60

@pavel.kropachev

The DACS server has enabled the Application Permissioning. The error means that this user is not allowed to use this application (256).

Therefore, you need to contact a DACS administrator to permit this user for the application ID 256. The application ID 256 is the default application ID for APIs.


dacs.png (28.0 KiB)
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
7 1 0 5

Thanks for answer!

Doesn't it mean that application user must have permissions for application ID 256 (in addition to other application IDs) to be able to use API?

Or I can provide specific application ID during interaction with DACS (like in case OmmConsumerConfig.applicationId(ID))?

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Yes, if the Application Permissioning is enabled on DACS, the user must have permissions for application ID specified in the OmmConsumerConfig. The default value is 256 for APIs.

Yes, you can change the value of application ID used by the application through OmmConsumerConfig.applicationId(ID).

Upvotes
7 1 0 5

@jirapongse.phuriphanvichai

I just to understand - is application ID separated for OmmConsumer and DACS?

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
28.3k 30 11 15

Hello @pavel.kropachev

When a consumer connects to an infra (ADS), it includes user, appId, position info with the login request.

The infra endpoint will interact with DACS entitlements system, to use this info, to make sure that the login should be allowed.

The best approach, as suggested with @jirapongse.phuriphanvichai, is to contact your market data/dacs group/admin, to make sure that your user is entitled, the appId you use ( either 256 or a different id that you use) is permissioned to the user, and also to double-check what RICs the user is permissioned to consume, in order for your consumer app to login and, consequently, to consume the RICs.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
7 1 0 5

Hello @zoya.farberov

Thanks for answer!

I see that application ID can be set for consumer. It's clear.

In turn in case of using DACS the application name (application ID in the context of DACS) should be also set and has the same value that is used for consumer.

For example, if application ID 999 is permitted for user, then this value should be set for consumer and for identity of DACS (for this user).

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvote
28.3k 30 11 15

Hello @pavel.kropachev

Yes. Please see the picture included by @jirapongse.phuriphanvichai,

If the user (in DACS) is permissioned for id=999, the user will be able to login with id=999.

If the user is not entitled for id=997, the user will not be able to login with id=997

The login can be permissioned for more then one appId within dacs, and in this case,

the user will be able to establish multiple connections, with any appId that the user is permissioned for.

The user will not be able to login with any appIds they are not permissioned for.

Therefore, it is crucial for you to know, what your user is permissioned for (in DACS) and configure your consumer accordingly.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

@zoya.farberov Thanks for clarification!