Posted By Martin on 7/26/2023 10:02 AM One thing that is very strange: My ISP told me that he can authorize successfully to my API with the FTP-Credentials (which have nothing to do with the users and roles inside DNN)
One thing that is very strange: My ISP told me that he can authorize successfully to my API with the FTP-Credentials (which have nothing to do with the users and roles inside DNN)
Uh, that's weird.
Anyhow, did you try in a restored staging website? Are you able to modify the endpoint at all? If yes, I'd recommend removing all security from the endpoint and testing again. Then, begin by slowly increasing the security. For example, the next test might simply require `DnnAuthorize`, then use a built-in security role, then finally use your custom security role.
Yes, I tried anything unfortunately without success on a staging site (and with the same Test-Api on other DNN-Sites hosted by the same ISP).
I can reach the endpoint with no problem by adding the Attribute [AllowAnonymous]. But as soon as I use an authorization attribute like [DnnAuthorize] or [DnnAuthorize(StaticRoles = "Administrators")], the error 401 - Unauthorized: Access is denied due to invalid credentials appears.
Are you sure you're successfully passing through the ServicesFramework and passing it in the header of your requests? That's what this sounds like. 🤔
I think I'm doing everything correct because on my local PC everything works fine...
What exactly do you mean by 'passing it in the header of your requests'?
I have to mention that I have to access the Endpoint from outside: Endpoint is hosted on www.aaaaaaa.com and I have to do a request to this endpoint from www.bbbbbbb.com
Would it be better to switch to JWT?
Maybe 2 screenshots from Postman can help you find what I am making wrong:
You shouldn't necessarily need to switch to JWT for this, but it's an option.
If you're using Angular, here's an example of adding the headers:
https://github.com/Upendo...Scripts/common.js#L8
If you're using jQuery or something like it, here's an example of that:
https://github.com/WillSt...Order.ascx#L25C1-L68
Posted By Martin on 8/3/2023 4:49 AM Do you know if there exists a list with all core endpoints? For example something like DesktopModules/Internalservices/API/Authentication/login?
I'm not sure if such a list exists or not... 🤔
However, there is a section in the DNN documentation that might help you with that.
These Forums are dedicated to the discussion of DNN Platform.
For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:
Awesome! Simply post in the forums using the link below and we'll get you started.