Discover M-Files Workspaces: All work available in the right business context, automatically!
➡️ Learn How it Works

Options
  • State Not Answered
  • Replies 10 replies
  • Subscribers 12 subscribers
  • Views 226 views
  • Users 0 members are here
Related

REST API: 403 Client Error: Forbidden for url after Create Request using Token

danijelmicic

Hello Guys, 

I'm trying to use the M-Files REST API in my Python application. I was able to login and received a token.

After that I'm trying to create new objects in my Vault. This is the JSON-body contained in my request:

json_body = {
            "PropertyValues": [
                {
                    "PropertyDef": config.get("mfiles.properties.class_property_def"),
                    "TypedValue": {
                        "DataType": 9,
                        "Value": "null",
                        "Lookup": {
                            "Deleted": "false",
                            "DisplayValue": "null",
                            "Hidden": "false",
                            "Item": config.get(f"mfiles.classes.process_class_id"),
                            "Version": -1
                        },
                    }
                },
                {
                    "PropertyDef": config.get("mfiles.properties.customer_property_def"),
                    "TypedValue": {
                        "DataType": 9,
                        "Value": "null",
                        "Lookup": {
                            "Deleted": "false",
                            "DisplayValue": "null",
                            "Hidden": "false",
                            "Item": config.get(f"mfiles.property_values.customer_value_id"),
                            "Version": -1
                        },
                    }
                },
                {
                    "PropertyDef": config.get("mfiles.properties.interface_id_property_def"),
                    "TypedValue": {
                        "DataType": 1,
                        "Value": measuring_point['idnr']
                    }
                },
                {
                    "PropertyDef": config.get("mfiles.properties.energy_type_property_def"),
                    "TypedValue": {
                        "DataType": 9,
                        "Value": "null",
                        "Lookup": {
                            "Deleted": "false",
                            "DisplayValue": "null",
                            "Hidden": "false",
                            "Item": config.get(f"mfiles.property_values.energy_type_{medium}_value_id"),
                            "Version": -1
                        },
                    }
                },
                {
                    "PropertyDef": config.get("mfiles.properties.interface_property_def"),
                    "TypedValue": {
                        "DataType": 9,
                        "Value": "null",
                        "Value": "null",
                        "Lookup": {
                            "Deleted": "false",
                            "DisplayValue": "null",
                            "Hidden": "false",
                            "Item": config.get(f"mfiles.property_values.interface_enportal_value_id"),
                            "Version": -1
                        },
                    }
                },
                {
                    "PropertyDef": config.get("mfiles.properties.marklokation_property_def"),
                    "TypedValue": {
                        "DataType": 1,
                        "Value": measuring_point['marktlokation']
                    }
                }
            ]
        }

I send the request with "X-Authentication": token as the header to my.m-files/.../159.aspx. The 159 represents a real objecttype in my vault.

Then I receive the following response: requests.exceptions.HTTPError: 403 Client Error: Forbidden for url: https://my.m-files/REST/objects/159.aspx

I don't really understand what's missing or what the issue is. As far is I understand there is an issue with the token that I passed to the new request. Also maybe my request body is not sufficent enough... I can also provide more source code if needed.

Help would be really appreciated. Note: This is my first time working with the REST API

Kind regards,
Danijel
Parents
  • 0

    Note that that endpoint will return a token even if the request itself is invalid, or the credentials are invalid.  My assumption is that there's something wrong with that initial request.  There may also be something wrong with the second request, but the 403 needs to be fixed first.

    Can you give some example of what you're doing to get the token?

Reply
  • 0

    Note that that endpoint will return a token even if the request itself is invalid, or the credentials are invalid.  My assumption is that there's something wrong with that initial request.  There may also be something wrong with the second request, but the 403 needs to be fixed first.

    Can you give some example of what you're doing to get the token?

Children
M-Files
M-Files Support


© 2025 M-Files, All Rights Reserved.