EDP API throws 403
Hello,
Since like 2h ago, I'm receiving 403 - forbidden errors from the EDP api, trying to look at the FRTB bucket.
Could you help with this please? (To be clear - it did work yesterday & this morning - but just stopped working.)
Thanks very much
Kind Regards
Ludwig
@ludwig.arndt,
Do not modify your code, it is fine :-)
I have just received confirmation that your permissioning was changed. The team is looking into this, and will come back to you shortly.
Hello @ludwig.arndt,
Please raise this issue with Refinitv Helpdesk. They can check the entitlements/logs and validate the source of this error.
@ludwig.arndt,
As you are using the API, I am assuming you renew your access token on a regular basis, as it expires after 5 minutes. I also say this because an expired token would normally result in a 401, not a 403.
To help us debug, can you tell us:
- What is the content of the error message delivered in the body of the 403 response ?
- What is the exact query you are posting ?
This might be a permissioning issue; maybe your account permissions were modified by mistake. This has been escalated to the appropriate team, to check.
@christiaan.meihsl - i do handle token expiries and that used to work (catching the 401 and just refreshing the token).
Obtaining an "initial" access token does work too. However i'm denied endpoint
https://api.refinitiv.com/file-store/beta1/file-sets?bucket=frtb-bucket
and - thanks for the suggestion - get the error message
'{"error":{"id":"18ed201e-fca4-4f1b-aeff-626fb608c5eb","code":"insufficient_scope","message":"access denied. Scopes required to access the resource [trapi.cfs.publisher.read] or [trapi.cfs.subscriber.read]","status":"Forbidden"}}'
On fruther debugging, i see i am currently sending below credentials to obtain the initial token - maybe the scope is wrong now?
{
"credentials": {
"username": "ludwig.arndt1@db.com",
"password": "<notmypassword>",
"grant_type": "password",
"scope": "trapi",
"takeExclusiveSignOnControl": true
},
"cfs_credentials": {
"client_id": "<some hash>",
"client_secret": "<secret>"
}
}
Thanks for your help!
actually sorry - the credentials i send for log in is only part of it, here:
"credentials": {
"username": "ludwig.arndt1@db.com",
"password": "<notmypassword>",
"grant_type": "password",
"scope": "trapi",
"takeExclusiveSignOnControl": true
}
and the CFS credentials come in the request header.
@ludwig.arndt,
Thank you for the details, they are helpful.
The endpoint (https://api.refinitiv.com/file-store/beta1/file-sets?bucket=frtb-bucket) is correct, as well as the scope (trapi) you use when requesting the token.
Before you change anything in your code, can you confirm that the same code you are using was working correctly yesterday or earlier today ?
The error message seems to indicate a permissioning issue; maybe your account permissions were modified by mistake. I have escalated this additional information to the appropriate team, to check.
@ludwig.arndt, I have just received confirmation that your permissioning was changed. The team is looking into this.
Hi Christiaan, yes, this is exactly why I'm wondering: The above error started some time this morning (like around 10 FFT??). I didn't change anything to my code and it did work before.