When using an API that required Access Approval or is Private, I sometimes get the error message that of "message": "Authorization has been denied for this request.". How do you fix that?
Many of the APIs that require Access Approval or are Private require secondary authentication information. This is usually a Basic Authorization Header (a base64 encoded ucsbNetId:password combination) which will be used by the backend system to authenticate who or what application is calling into the API service. As a client you would be aware if a system required secondary authentication information, as you would be asked to provide a UcsbNetId when applying for access.
When the service is called, if the UcsbNetId/Password combination can't be authenticated successfully, or the UcsbNetId hasn't been authorized to access the API a common error message of "message": "Authorization has been denied for this request." may be replied.
Some common mistakes that lead to this error message are:
- Not including a Basic Authorization Header.
- Forgetting to base64 encode the ucsbNetId:password combination.
- The API provider hasn't added your ucsbNetId to the authorization systems.
If you are sure you're doing the first two above, please reach out to support@developer.ucsb.edu to see if your application's ucsbNetId can be added.