All API calls now getting "You are not permitted to view the requested resource"

depeters · April 11, 2020, 3:02am

I have changed nothing. All of a sudden all of my api calls are getting the api error: “You are not permitted to view the requested resource”. I even renewed my api keys and I have set the api users to have maximum privileges. Why is this happening all of a sudden??

Falco · April 11, 2020, 3:26am

Are you using HTTP Headers for the API key?

depeters · April 11, 2020, 3:29am

Yes, I just saw this. So this will even affect a discourse instance I host myself and haven’t updated?

Falco · April 11, 2020, 3:31am

What exact version you are running?

depeters · April 11, 2020, 3:33am

I’ve since updated. I don’t have the old version number. It was almost a year old. But the errors started occurring before I updated.

depeters · April 11, 2020, 3:56am

Something is fishy if this somehow affected my self hosted non-updated instance.

Stephen · April 11, 2020, 5:14am

Without more details, including those version numbers, it’s almost impossible to say.

depeters · April 11, 2020, 6:12am

It should be easy to say if you do something that would make a supposedly entirely standalone self hosted instance stop working due to some unknown integration with external services.

blake · April 11, 2020, 1:27pm

There is nothing that should affect a standalone self-hosted install like this that hasn’t been upgraded. Even if we backported a change to an older version, you wouldn’t receive it unless you manually updated your install. Discourse out of the box doesn’t come with any external services unless you set them up yourself, like email and google analytics.

depeters · April 11, 2020, 7:52pm

I didn’t update anything and started getting 403 errors on all api calls. The only thing that fixed the errors was upgrading to the new version and changing request parameters to headers. Something is causing old versions to break due to the api changes even when they are standalone, self hosted and not being explicitly updated.

Stephen · April 11, 2020, 8:08pm

Change doesn’t occur without change. Something somewhere changed, whether you were aware of that change or not. If not in your container, then on one of the components outside it, or one of the connected systems.

This is all a lot of hand-waving without something tangible to look at though.

blake · April 11, 2020, 8:10pm

Yea I’m not sure. I have an old self hosted instance that still works the old api way. Glad you got it updated and working though.

Topic		Replies	Views
Sudden "The requested URL or resource could not be found." support	17	2490	June 4, 2021
API Error: You are not permitted to view the requested resource dev rest-api	13	9611	June 19, 2020
API endpoint users/by-external/ failing with authorization headers, works without bug rest-api	3	435	June 26, 2023
Discourse API - Unable to query certain endpoints support	8	1287	October 31, 2019
Request from API doesn't update User#last_seen_at support	9	723	April 16, 2019

All API calls now getting "You are not permitted to view the requested resource"

Related Topics