Can someone please post a working "raw" api call to invite a new user?


(Alasdair Young) #1

I want to invite a new user programmatically. The server I am using the call is running java (google app engine) so I can’t install the ruby API.

I have tried repeatedly to send an HTTP POST to myforum.example.com/t/1/invite.json with the following parameters:

api_key=MYKEY (it’s the key for “all users”)
api_username=MYADMINUSERNAME
email=webmaster@example.com

and I all get back is a 403 with ‘[BAD CSRF]’ as the message.

Can someone please post exactly what I need to send the REST api to get a valid response? I thought the whole point of using the api key plus a username was to avoid the csrf check?

Many thanks!


(Sam Saffron) #2

if you are gettng BAD CSRF it means that your api_key or api_username are incorrect.


(Jeff Atwood) #3

Is it possible to change the error message to say that instead?


(Sam Saffron) #4

I guess we could raise an InvalidAPICredentials or something if username / key pair are bad


(Alasdair Young) #5

What should the API username be? It sounds like a silly question but I’m clearly missing something obvious here. Where would I get the exact string that I should enter?

There is only one api key so far and it’s marked “all users” and I’ve copy and pasted it and checked it twice.


(Sam Saffron) #6

It would be the username making the call.

See:

from a cursory look at this code, it seems you did not pass api_key in properly.


(Alasdair Young) #7

I threw together a simple script to view the variables I’m posting on the server-side and everything seems to be coming in ok.

I sent you a pm with a test api key and the forum name. I really, really appreciate your help with this and if you happen to have a moment to post to the server using the credentials supplied, I’d greatly appreciate it.


(Jeff Atwood) #8

We should definitely raise a better more descriptive error so we can spend less time answering support questions about it…