I’m need to get data from the website of my school, I have an account on it and for this i tried to make a GET request to “https://intra.epitech.eu/planning/#”. The result of it is an 403 error, it’s probably due to the fact that it can’t connect to my account when it tries the request. I very very new to postman and request so I don’t know what to do to solve this problem. I even try . the basic auth in auth section with my ID and password but id didn’t change anything.
HI Sam974fe and welcome,
Is there documentation on the API that you are attempting to connect to? I am asking to see if there are additional header parameters you need to pass.
No unfortunately there is nothing about it. But I finally succeed to make my GET request through an autologin link but the page doesn’t load like I want. The page is suppose to be an online planning. When I make my GET request, it charged everything (button next, and previous, logout button etc) except the planning. I tried to redo with a json for the date “?start=2019-12-30&end=2020-01-05” but still nothing.
GET is probably not the correct method to use when logging in. Try POST instead.
After you’ve successfully logged in, your next request could be a GET to access the information you’re after. Make sure your GET request is inheriting auth.
This error indicates that the server has determined that you are not allowed access to the thing you’ve requested, either on purpose or due to a misconfiguration . It’s probably because the site owner has limited access to it and you don’t have permission to view it. The vast majority of the time, there’s not much you can do to fix things on your (*client) end. There are four common causes for 403 Forbidden error (server side) . Here they are listed from most likely to least likely:
An empty website directory
No index page
Incorrect settings in the .htaccess file
Permission / Ownership error
If authentication credentials were provided in the request, the server considers them insufficient to grant access. The client SHOULD NOT automatically repeat the request with the same credentials. The client MAY repeat the request with new or different credentials. However, a request might be forbidden for reasons unrelated to the credentials.
Use the “Capture Requests” feature to interrogate what is being sent\received when you browse the site. This will help you work out what headers need to be sent (if any) and what type of request you need. (Get\Post, etc). This is useful when you don’t have API documentation.
You’ll probably need to Google the capture requests feature as this box isn’t big enough to explain how it works.
In basic terms, you setup Postman to act as proxy server. Then point your browser to this proxy. You can then turn on recording, and whatever you do in your browser is saved including all of the requests and responses. So in this case, start recording, login to the website and stop recording.
There are two ways to connect to the proxy, you can use a Chrome add-on for Postman which does all the magic for you, or you can use any proxy switcher add-on, and manually repoint it. (or you can just setup a proxy in Chrome settings, but its a pain turning it on and off each time).
If using the Postman add-on, you need to use the Postman desktop client, and you need to run it as admin (not just open it logged on as an admin) otherwise it won’t automatically prompt you to install the browser add-on.
True. An old thread. Just ran into similar “403 Forbidden” error message in PostMan when attempting to issue GET/PUT… Once I cleared the cookies within PostMan, all went well