REST calls returning 403

1
I’ve been running an app for a couple of years and it has recently stopped accepting calls to a couple of REST APIs. This is in the free cloud and I wondered if it was caused by the implementation of a WAF on 30th March 2022 https://docs.mendix.com/releasenotes/developer-portal/mendix-cloud/ However I’m not convinced this is the case, because any attempt to access via browser or Postman is always successful, it is just access from other apps webhooks that fails Is there a way to determine where and why the 403 is being generated? If I connect the debugger, the call never triggers my microflow, so I assume it is outside my control
asked
3 answers
0

Hi Colin,

Do you have an error handler setup on the Call REST action?

You can use this to potentially capture why the REST call is failing, depending on the level of detail the target REST API returns in the response.

Here’s a sample of one I have setup on one of my app projects.

answered
0

Thanks for the comment, but I obviously didn’t explain my scenario properly.

I don’t get the error when calling a REST API; the error is when another service calls my app to an endpoint I am exposing. Postman is fine, so doesn’t help diagnose the problem

answered
0

403’s get generated client-side, so the calls from the other apps must be reaching your Mendix app, and your Mendix-app must be generating the 403-message before it reaches your published-Rest-service’s microflow. That means some processing of the Mendix-cloud between receiving the call and passing it to your microflow. That area is where the request handler is being the guard.

So a bit of doc-browsing brings us these two links:

Additional information about request handlers is available in the Requests section of Monitoring Mendix Runtime and the Applying Access Restrictions to Unnecessary Request Handlers section of How To Implement Best Practices for App Security.

Do the subjects in those articles bring you any closer to the solution?

 

 

 

answered