I was able to retrieve Project Users of a project in BIM 360 using Forge API about a month back, using API as GET - https://developer.api.autodesk.com/bim360/admin/v1/projects/:projectId/users.
Since the last month, I am not able to fetch the users and receiving 403 responses. I have tried with the two-legged and three-legged token, as well as appending the header of the region in request, but still not getting the response.
API Link: https://forge.autodesk.com/en/docs/bim360/v1/reference/http/admin-v1-projects-projectId-users-GET/
Please assist me, if anyone is aware of any changes made in the API.
I tried this request and I got this 403 response.
{
"developerMessage": "Token does not have the privilege for this request.",
"moreInfo":"https://forge.autodesk.com/en/docs/oauth/v2/developers_guide/error_handling/",
"errorCode": "AUTH-010"
}
As we can read, I was missing account:read in the scope. Can you check that or give us the developerMessage you receive ?
Related
I am currently working on a project using the Autodesk Forge platform. I have been using the Viewer, Model Derivative, and Data Management APIs without any issues since yesterday that suddenly when I tried to open a model (uploaded weeks ago) and returned a 403 error on requests to view the model.
I did some research with Postman and I tried to do the same calls I'm doing in my app with the same credentials. The OAuth API and Data Management API seem to work correctly because they let me have access to the token and upload a model. The problem seems to be when I try to translate the uploaded model.
The call I'm using in Postman is:
https://developer.api.autodesk.com/modelderivative/v2/designdata/job
And what Postman is returning is:
403 Unauthorized.
{
"developerMessage": "The client_id specified does not have access to the api product",
"moreInfo":"https://forge.autodesk.com/en/docs/oauth/v2/developers_guide/error_handling/",
"errorCode": "AUTH-001"
}
Something similar happens when I try to open a model in my app.
The Request URL is the next one: https://developer.api.autodesk.com/derivativeservice/v2/manifest/{urn}?domain=http%3A%2F%2Flocalhost%3A8080
And the returned code is 403 Unauthorized.
These are the headers in the call:
Headers
The codebase hasn't changed in weeks and exhibits the same behavior leading me to believe it's a code change in the referenced Autodesk Forge libraries or a service issue on the derivative or viewer service.
I can upload cut-up code if required.
Thank you.
After obtaining a 3-legged token I can retrieve hubs, projects, checklists, issues, and other related project data, but when I query the endpoints listed below using the same token I get back a 403 status accompanied with the following error:
*"developerMessage": "Token does not have the privilege for this request.",
"moreInfo": "https://forge.autodesk.com/en/docs/oauth/v2/developers_guide/error_handling/",
"errorCode": "AUTH-010"*
https://forge.autodesk.com/en/docs/bim360/v1/reference/http/companies-GET/
https://forge.autodesk.com/en/docs/bim360/v1/reference/http/admin-v1-projects-projectId-users-GET/
Could you please give me some insights here?
Thanks,
Henrique Alexandre
You'll need a 2-legged token for the Get companies endpoint.
About Get Project users, please check the scopes of your token.
The successful endpoints (retrieve hubs, projects, checklists, and issues) require data:read scope, while Get Project users require account:read scope.
I'm trying to pubhlish a project using this guide - https://forge.autodesk.com/en/docs/data/v2/tutorials/publish-model/
I am able to get the docs hub ID for the expected hub (using 3 legged token, after having Autodesk provision the b360 docs account, and setting up integration w/ forge app), and pass this into the call to get the projects (using same token, or new token) using this guide - https://forge.autodesk.com/en/docs/data/v2/reference/http/hubs-hub_id-projects-GET/
I get back a response 404 error using the hub ID provided in the GET hubs call that starts with b.xxx from the GET hubs
{
"developerMessage": "The requested resource does not exist.",
"moreInfo": "https://forge.autodesk.com/en/docs/oauth/v2/developers_guide/error_handling/",
"errorCode": ""
}
I've tried this with a. as well, instead of b. and also no prefix on hub ID with no luck. I verified that this Id matches what is shown in the account admin settings online as well.
The get request looks like this, and includes authorization token in format Bearer {{token}} where {{token}} is the (same) variable for the token that works when getting hub ID's.
https://developer.api.autodesk.com/project/v1/hubs/b.e3a26052-6b48-4a03-9115-xxxxxxxxxxx/projects
Is my format incorrect, or is there something else going on?
The request looks ok, incl. the hub ID (the b. prefix must be there). One thing to check for is whether the actual user you're using to obtain the 3-legged token has access to any projects inside this hub.
Also, what happens when you try the GET hubs/:hub_id endpoint? Can you see the hub information or do you get 404 as well?
The Google Drive API GET query started to fail (we are using this api in one of our client service):
https://www.googleapis.com/drive/v3/files/1ke4Yoxxxxxxxxxxxxxx?alt=media&access_token=ya29.ImG9BwT.....
We're sorry...
... but your computer or network may be sending automated queries. To protect our users, we can't process your request right now.
See Google Help for more information...
"Unusual traffic from your computer network"
Everything was ok till today.
Just made a couple of tests with curl:
HTTP GET with access_token inside HTTP header:
curl -H "Authorization: Bearer ya29._valid_access_token" https://www.googleapis.com/drive/v3/files/1r5BT2WPrulQ6FyhT8RcqV51TVOThEmhK?alt=media
Result: success, file downloaded.
HTTP GET with access_token as a part of HTTP request:
curl https://www.googleapis.com/drive/v3/files/1r5BT2WPrulQ6FyhT8RcqV51TVOThEmhK?alt=media&access_token=ya29._valid_access_token
Result: error
{
"error": {
"errors": [
{
"domain": "usageLimits",
"reason": "dailyLimitExceededUnreg",
"message": "Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup.",
"extendedHelp": "https://code.google.com/apis/console"
}
],
"code": 403,
"message": "Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup."
}
}
Note that the Google API project approved by Google and has a Production state!!!
Hi Google team, any ideas why it is happening?
Thank you
Posting this just for documentation purposes. As per the reference provided by Tanaike, since January 1, 2020:
download calls to files.get, revisions.get and files.export endpoints which authenticate using the access token in the query parameter will no longer be supported.
Only requests that download media content (alt=media) are affected by this change.
The access token should be provided in the HTTP header, like Authorization: Bearer oauth2-token or, if that's not possible, follow the workarounds provided in the referenced documentation:
For file downloads, redirect to the webContentLink which will instruct the browser to download the content. If the application wants to display the file to the user, they can simply redirect to the alternateLink in v2 or webViewLink in v3.
For file exports, redirect to the export link in exportLinks with the desired mime type which will instruct the browser to download the content.
Reference:
Changes in authorization to Google Drive API
Authorization via HTTP header
Posting an addition to the documentation of iamblichus specific for application data in Google Drive.
My App uses the Google Drive API in the backend to store the documents of my users on their own Drive. Importantly, I store the data in an application data folder such that the users can't accidently delete the data.
To let the users retreive their documents I used to redirected the user to the
downloadUrl: https://www.googleapis.com/drive/v2/files/id?alt=media&source=downloadUrl&access_token=ya29.** where I added alt=media and access_token to the query. This worked fine till January 1, 2020. As confirmed above. However, now the request fails with the message:
We're sorry... ... but your computer or network may be sending
automated queries. To protect our users, we can't process your request
right now.
GET request downloadUrl failing
In my efforts to find a solution to this problem I've tried the workarrounds provided by Google but they are in my experience not working for documents in an application data folder.
I tried the webContentLink with the access_token query in v2 but it fails with an 401 Unauthorized error.
The alternateLink in v2 and the webViewLink in v3 fail with the error:
The desired file does not exist.
I can't use the exportLinks because that's only for Google Documents.
The solution I found was to first download the file to the server using the Google Drive PHP SDK and then serve it to my users using a Content-Dispostion header. Such as described here. It is a lot less elegant in my opinion because the end users doesn't download the document directly from the Google Drive API but it works.
It's a shame that Google didn't update their documentation nor notified their users..
Is it possible to get an existing token for a user using the "/tokens" resource?
Currently, if a token exists, a 409 is returned by the POST:
Request:
POST https://api.box.com/2.0/tokens
Body: {"email":"some-email-a-token-exist-for#email.com"}
Response:
{"type":"error","status":409,"code":"conflict","help_url":"http://developers.box.com/docs/#errors","message":"Token already exists","request_id":"1568559050e4a10f78f66"}
What I'd like to be able to do is make a GET request to retrieve the existing token.
Just so you know, the /tokens endpoint is still in Beta. Even though Box released the rest of the V2 API as GA in December, that endpoint is still being worked on. We're working with a few developers to make sure we get the "instant access" mechanism easily useable, but also secure.
Let us know at api (at) box.com if you'd like to be on our /tokens advisory group.