Issues with Wix REST API returning a 403
I'm trying, what on the surface seems a very simple GET request to the Wix REST API via Postman. Followed the documentation and generated an API key with the requisite permissions and an Account ID.
The GET request is to query the blog posts on the site, and is, according to the Wix docs, a very simple:
https://www.wixapis.com/blog/v3/posts
I've added the API Key, as the Authorization header, and the account id, as the custom 'wix-account-id' header, and getting Wix's 403 page.
Anybody out there been through the pain and can offer any suggestions?
I'm editing my original question to add details of the request, as requested:
And the Response:
<!DOCTYPE html>
<!--
-->
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="robots" content="noindex">
<title>403 Error: Forbidden | Wix.com</title>
<script async
src="https://static.parastorage.com/polyfill/v2/polyfill.min.js?features=default,es6,es7,es2017&flags=gated&unknown=polyfill&rum=0">
</script>
<script src="https://static.parastorage.com/unpkg-semver/fedops-logger@5/fedops-logger.bundle.min.js"></script>
<script>
fedopsLogger.reportAppLoadStarted("classic-error-pages-statics");
</script>
<script src="https://static.parastorage.com/unpkg-semver/header-footer-provider/app.bundle.min.js"></script>
<script crossorigin src="https://static.parastorage.com/unpkg/react@18.2.0/umd/react.production.min.js"></script>
<script crossorigin src="https://static.parastorage.com/unpkg/react-dom@18.2.0/umd/react-dom.production.min.js">
</script>
<link rel="stylesheet" href="//static.parastorage.com/services/classic-error-pages-statics/1.76.0/app.min.css">
<link rel="preload" as="font"
href="https://static.parastorage.com/unpkg/@wix/wix-fonts@1.14.0/media/WixMadeforTextVF_W_Wght.8022447a.woff2"
crossorigin>
<link rel="preload" as="font"
href="https://static.parastorage.com/unpkg/@wix/wix-fonts@1.14.0/media/WixMadeforDisplayVF_W_Wght.ab35e4df.woff2"
crossorigin>
<link rel="stylesheet" href="https://static.parastorage.com/unpkg/@wix/wix-fonts@1.14.0/madefor.min.css">
<link rel="stylesheet" href="https://static.parastorage.com/unpkg/@wix/wix-fonts@1.14.0/madeforDisplay.min.css">
</head>
<body>
<div id="root"></div>
<script>
window.__LOCALE__ = 'en';
window.__ERROR_DATA__ = {
staticsUrl: '//static.parastorage.com/services/classic-error-pages-statics/1.76.0/',
baseDomain: 'wix.com',
errorCode: '403',
exceptionName: 'null',
serverErrorCode: '-100',
data: {},
brand: 'wix',
requestId: '************'
};
</script>
<script src="//static.parastorage.com/services/classic-error-pages-statics/1.76.0/app.bundle.min.js"></script>
</body>
</html>Eventually got to the bottom of this.
I am indebted to this post, (Wix Rest API throws 403 Forbidden) for at least part of the answer.
The Wix documentation although, fairly extensive, omits certain key details.
Some of their REST API Methods, require an account id in the header, whereas others, require a site id.
The documentation on this particular does not even mention this, https://dev.wix.com/docs/rest/business-solutions/blog/posts-stats/list-posts
To make this GET request you will need an Authorization header with the value of your API Key and a custom header called wix-site-id.
To get these 2 pieces of information I did the following, (whether you can follow this, depends on your site permissions):
- To generate an API key, go to your Wix Dashboard and locate Settings.
Within Settings, scroll down to Development & integrations, choose Headless settings.
In the Headless settings page, there is a section called Admin API Key.
Click the button, Manage API Key, to navigate to your page to generate your API Key.
Once there, click the button Generate API Key, and ensure that you give the Key the exact permissions you need, in this case it was Blog Permissions. Very carefully record your key because you'll only ever see it once.
2. To get your site id is much more straight forward.
When you arrive at your Wix Dashboard, your site id is displayed as a Guid in the URL:
Once you have these pieces of information simply, make your GET request, and ensure you add these 2 headers:
Authorization: <your API Key>
wix-site-id: <your site id guid>
That's how I solved this particular issue.
- django rest auth email validation
- How to make an API request in Kotlin?
- The difference between XPOST and XPUT
- How to Get CORS to use HTTP 304 instead of HTTP 200 responses
- The method "X" is undefined for the type
- API Jmeter request modification upon using JSR223 PreProcessor
- How to get all childs of a issue of the gira, using method GET from api rest
- Swagger documentation for Spring Pageable interface
- Use of PUT vs PATCH methods in REST API real life scenarios
- How can I transform PayPal Classic Payment form into PayPal REST API PHP Application?
- Can a HTTP response get lost without the server noticing?
- How to find Bitbucket Account UUID?
- FastAPI GET endpoint returns "405 method not allowed" response
- How to add Sina Weibo activity feed to my page?
- Fedex API - SATURDAY_DELIVERY
- spring mvc4 http 404 not found
- Issues with Wix REST API returning a 403
- PiXhost's API- upload images
- Rest Server or API to test my Restful client?
- UPS REST API - Tracking vs Track by Reference
- Matching HERE Maps items with Wikipedia content using REST APIs
- GET, then manipulate that info (while loop and if statements), then PUT
- WordPress REST API 404 Not Found
- Exe as Webservice Endpoint
- Node.js - SequelizeDatabaseError: column "user_id" does not exist
- Can I programatically (using the API or otherwise) get a link to a PDF version of a Jasmin invoice?
- Is there a complete list of sharepoint online rest api from official docs?
- "render :nothing => true" returns empty plaintext file?
- Spring MVC - How to return simple String as JSON in Rest Controller
- How can I programmatically retrieve Azure App Service Plan hardware specs (vCPU, RAM) by SKU?