It's all about the answers!

Ask a question

Problem in posting a defect into rtc project workitem via postman ?

Arvind Sahu (1314) | asked Dec 13 '17, 2:07 a.m.
edited Dec 13 '17, 7:09 a.m.

 As i am trying to post a defect into rtc project which i have created in the cloud (sandbox trial version on cloud Version 6.0.5) through postman in return i am getting permission denied error...

In UI i can create a defect with same user  who is having admin privileges but can not do the same in postman with basic authentication.

My json request for creation of defect

 "dc:title": "Create rtc 3nd defect for demo from API.",
 "dc:creator": {
        "rdf:resource": "**"
 "rtc_cm:filedAgainst": {
 "oslc_cm:severity": {
 "oslc_cm:priority": {
 "": {
 "rtc_cm:foundIn": null,
 "rtc_cm:projectArea": {
 "rtc_cm:teamArea": null,
 "rtc_cm:approvals": null   

Please provide some guidance/suggestions or anything i am doing wrong and thanks in advance. 

Ralph Schoon commented Dec 13 '17, 7:17 a.m.

There is no information to be able to provide information. No real error message, no headers that are most important. See How should I ask a question in the Forum if I want to receive useful answers?

Consider the permission error to be correct due to some factor:
wrong login etc.

Arvind Sahu commented Dec 14 '17, 1:59 a.m.

 sorry for that , as i am new

Method : POST
header information

Authorization -- basic xxxxxxxxxxxxxxxxx(base 64)
Accept               application/json 

can able to do get operation from postman 

Arvind Sahu commented Dec 14 '17, 2:02 a.m. | edited Dec 14 '17, 2:02 a.m.
Exact error:

        <title>Jazz - Permission Denied</title>
        <link type="text/css" rel="stylesheet" href="/sandbox01-ccm/web/"/>
        <h2>Permission Denied</h2>
        <div>Your account does not have the group memberships required to access the requested resource.</div>

Accepted answer

permanent link
Donald Nong (14.5k414) | answered Dec 19 '17, 1:45 a.m.

The error message is a bit misleading. It is very likely that the HTTP request header X-Jazz-CSRF-Prevent is missing. You need this header with the cookie JSESSIONID content as its value. The same issue was discussed in the comment session of the below article.

Arvind Sahu selected this answer as the correct answer

Your answer

Register or to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.