ERROR : "user" must be defined returned when sending request

I keep getting the following returned when sending a request:

ERROR : “user” must be defined

I’m not sure how to fix this, as I am using the authorization configured for the parent group, I am connected to the product server, and I sometimes do NOT get this message when sending GET requests.

Can anyone provide any other reasons this may be happening? Thanks in advance.

It would be useful to post screenshots of the authorization you have configured and an example request and some details on the API documentation if its available.

This will be down to the API, which the normal advice would be to re-read the specification to understand what the API requires and will accept.

It sounds like you should have a “user” value in your request, either in a header or in the body. However, hard to tell without knowing what the API requires.

Sure, I’ve posted screenshots of a successful call:

and the non-successful call:

Both of these use the same authorization configured for the parent collection, Classifications:

Finally, the call that errored in POSTMAN succeeded when I used the browser. I’ll attached a screenshot of this in another reply.

Here’s a screenshot of the successful call in the browser.

First question is why does your URL have REST in the path, but the request\response is XML.

XML is Soap! Doesn’t the API support JSON as the request body and response? Is it really REST or Soap?

Your screenshot of a successful call in Postman is using a different URL\path than the non-successful call.

classifications vs classification/ExtraResourceInformation

Does ExtraResourceInformation requires something extra to be sent with the request.

Check the console log in Postman for both requests and carefully review what headers were sent, and ensure they are the same. Make sure the basic auth is actually being sent with the second request.

Also check the authorisation tab for the failing request, and ensure that the inherit from parent is enabled, and that you get the same “this request is using basic auth from folder classifications” message.

Does the request require certain headers? You can open the developer tools in the browser and inspect the console logs like you would do for Postman. It should who what headers were sent on the successful request. Check it against the request in Postman. Are they the same. Are there any differences.

Neither calls appear to have a body or params set. Is this correct?