I am using the Trial Version of Appian as i am new to the ecosystem and trying to create an sample application that will query data from an API endpoint that requires an AWS Cognito authorization token to authenticate the user accessing the API. I tried using the API Key on the Connected System object i created, where the header name is authorization and i place my AWS Cognito token as the value of the API Key, but I get the following error. Any suggestions that would help me understand this and allow me to make this work would be greatly appreciated.
Dictionary success: false result: HttpResponse statusLine: "HTTP/1.1 403 Forbidden" statusCode: 403 headers: Dictionary Server: "Server" Date: "Tue, 08 Jun 2021 15:12:10 GMT" Content-Type: "application/json" Content-Length: "23" Connection: "keep-alive" x-amzn-RequestId: "8a4c3490-c568-41dd-98e0-518312a3b3c4" x-amzn-ErrorType: "ForbiddenException" x-amz-apigw-id: "AnJPnEtooAMF9Pw=" contentType: "application/json" body: "{"message":"Forbidden"}" error: IntegrationError title: "You are not permitted to perform the requested operation" message: "The external system understood the request but refused to authorize it" detail: "HTTP/1.1 403 Forbidden" connectedSystem: null (Connected System)
Discussion posts and replies are publicly visible
Did you try to call the API from any other system or test tools like postman? I think the error message is pretty clear.
yes, the api works from other methods
Did you compare the outgoing HTTP requests from Appian and postman? Can you post both of them?
**** API Request thru SOAPUI
GET u0w6cnse11.execute-api.us-east-1.amazonaws.com/.../firehouses HTTP/1.1Accept-Encoding: gzip,deflateauthorization: {Token}Host: u0w6cnse11.execute-api.us-east-1.amazonaws.comConnection: Keep-AliveUser-Agent: Apache-HttpClient/4.5.5 (Java/12.0.1)
**** API Request thru Appian
GET /dev-lab/firehouses HTTP/1.1authorization: **********Host: u0w6cnse11.execute-api.us-east-1.amazonaws.comConnection: Keep-AliveUser-Agent: AppianAccept-Encoding: gzip,deflate
Not sure why the URL is different in APPIAN because the entire base is setup in the Connected System Properties
Hi Stacy,
I am sharing different thing here. Because without looking into the API documentation couldn't comment on the API url part.
Below is the free sample API endpoint - https://weatherstack.com/quickstart.They provide access key upon registering your email. Please try to test this by creating connected system and later use in integration. Also here passing the apikey in query parameters and in your case your passing in connected system. I think thats is the one difference i could see here.
Please try the below endpoint and compare with your API call so that you can figure out the root cause.
below is the request
GET /current?
access_key= addyourkey&query=New+York
HTTP/1.1
Host: api.weatherstack.com
Connection: Keep-Alive
User-Agent: Appian
Accept-Encoding: gzip,deflate
Hope this helps! thanks
this example worked however this example uses query parameters to pass the access_key. my code uses the API KEY authentication method on the Connected System
Looks good to me. The difference in the URL is only cosmetic.
By any chance, are there any other restrictions on the AWS side like VPN/Firewalls/IP-Filters?