API connector Error 403 "message":"Missing Authentication Token"

Hi,
I have a 403 Error when using a POST method for an API service that I have already tested using Insomnia with out problems.

  1. My URL is OK.
  2. No need for authentication at all.
  3. I do put the header Content-Type : application/json on API connector
  4. I do select None or sefl-handed Authentication option in the API connector
  5. See my API connector full configration here :
  6. You can try it at POST https://kcorpri2xa.execute-api.us-east-1.amazonaws.com/prod/relations
    using this body =
{
  "seedUrl":"https://cirris.ulaval.ca/fr/chercheurs-et-cliniciens/chercheurs-reguliers",
	"deepLevel":0,
	"weights": {
		"firstName":0.2,
		"lastName":0.3,
		"fullName":0.7,
		"email":1,
		"webSite":0.8  
	},
	"itemsToLookFor":[{
		"bubbleID":"1529498287696x383027674630284300",
		"firstName":"Bertrand",
		"lastName":"Duchesne",
		"fullName":"Simon Duchesne",
		"webSite":null,
		"emails": ["[email protected]"]
	},{
		"bubbleID":"1562436064128x470302182975995900",
		"firstName":"Michel",
		"lastName":"Cayouette",
		"fullName":"Michel Cayouette",
		"webSite":"https://www.mcgill.ca/expmed/dr-michel-cayouette",
		"emails": ["[email protected]"]  
	}]
}

You should have an answer like =

{
  "startTime": 1575501506438,
  "id": "f26d0700-73cd-4f30-aa34-2e3dab077b1b",
  "body": {},
  "status": "IN_PROGRESS",
  "path": "https://kcorpri2xa.execute-api.us-east-1.amazonaws.com/prod/requests/f26d0700-73cd-4f30-aa34-2e3dab077b1b",
  "executionTime": null
}

But this throw me a 403 error via API connector. Any ideas @romanmg ?
Thank you in advance for your help.

I’ve just tried a POST to that api and I get a 502 “bad gateway” error. If I do a GET I get the same 403 error. Is there documentation for this API?

Hi @rico.trevisan. Thanks for answering.
Be sure you are using a POST method and use the Body I updated above. and don’t forget the header Content-Type : application/json
Try again and let me know.

No documentation, this is a custom API developed on AWS that works pretty well on Insomnia.

It is important to add that when using the API connector and making a call, I do see the call received in the API side (as I am the owner and admin) and the good answer sent back to Bubble, but it seems Bubble can not parse it or there is a security control validation under the hood that throw the 403 error. Is this a wanted behaviour @emmanuel ? Thanks for answering.

Thanks. I’ve tried it and I get a 301 redirect on an API client (not on Bubble).

Anyway, I’m out of my depth. I’ll let other people try to help you.

Yup, it works well in Postman:

It looks like AWS requires authorization when you are calling it from the Bubble side.
Did you try to generate and use a simple x-api-key? You shouldn’t have issues in that case.

Thanks a lot anyway!

I will try but when using a “none or self-handled” authentication, I am supposed to be able to call my API and get the answer. That said, I see the call request and the call answer in Cloud watch on AWS as normal, without errors. So, it seems to be a Bubble side limitation.

If this could help, this is what I get on the Bubble Logger

Yup. It looks like an issue caused by the Bubble.
Please submit a bug report with the step-by-step instructions.
Also, don’t forget to attach this screenshot.

Ok, thanks. I will.

1 Like

Finally, we managed by avoiding the 301 redirect response from API service. It seems that Bubble does not support this behavior. We change it for a 200 response and that worked!. It could be helpful if this could be the answer instead of “Missing Authentication Token”, which is not the case.

1 Like