Method Failed: with code: 403 - Forbidden username/password combo

samadam · ‎08-16-2024

I am testing a new REST api connection and get this error. I have the right user id and pwd .

Tried this but no luck:

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0720934

Any ideas on how to resolve this?

Robbie · ‎08-16-2024

A HTTP 403 error simply means you don't have permission to access the resource (endpoint).

You mention you have the right User ID and password, however that seems it's not the case. Whilst the User ID and password may be correct, does the user have access to the table and endpoint your trying to hit? Have you got ACL's in place - it seems likely.

To confirm this, can you access the API using your admin username and password? If that's the case (Assuming the ACL's don't exclude admin's from accessing the API as well), this points to the ACL's in place which may require roles etc.

Check the REST API 'Security' where the settings and ACL's are outlined - see example from the image below.

Additionally, do you have any plugins such as Adaptive Authentication installed which at a high level also provides REST API security and can lock API's down to IP address etc. (This plugin is not installed / activated by default but something I would encourage)

To help others (or for me to help you more directly), please mark this response correct by clicking on Accept as Solution and/or Kudos.

 Thanks, Robbie

Screenshot 2024-08-16 at 12.16.29.png

samadam · ‎08-27-2024

End point needed another header parameter once I added that it worked. Thank you

Sajith Kannoth · ‎09-29-2024

Hi,

We are facing similar issue. Could you please confirm which additional parameter was added to fix this?

Thanks,

Sajith

Yaswanth_M · ‎12-28-2024

Add the Permission in Azure AD , like User.Read , User.Read.All , User.ReadBasic.All , So it can the get the details from the end point and grant the permissions in the AD Non Login User can access if using other Account