It's all about the answers!

Ask a question

RTC 6.0.6 REST API Workitem add comment response 403


HIROAKI JOSAKO (45222) | asked Jul 20 '22, 2:55 a.m.

For some reason, it is said that there is no access right.
Where can I do it?

POST URL
https://jazz.com/ccm/resource/itemOid/com.ibm.team.workitem.WorkItem/_tzJswGSVEeiUQ4Lb8gF_ow/rtc_cm:comments/oslc:comment
Header
OSLC-Core-Version: 2.0
Accept: application/rdf+xml
Content-Type: application/json



post-data
{
"dcterms:description": "new comment"
}



response 403

Permission Denied

Your account does not have the group memberships required to access the requested resource.
----------------------------------------------
I referred to it

Accepted answer


permanent link
Ralph Schoon (61.6k33643) | answered Jul 20 '22, 8:07 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER

 It is not enough to send the OSLC headers. You also have to make sure you are authenticated and prove you are part of the session. In order to do so, you need to send the header JSESSIONID with the content of the JSESSIONID cookie.


Some applications also require some clients to send the header X-Jazz-CSRF-Prevent with the value of the JSESSIONID cookie. See https://rsjazz.wordpress.com/2019/05/13/using-a-rest-client-to-authenticate-to-elm-clm-applications/

also see:

HIROAKI JOSAKO selected this answer as the correct answer

Comments
HIROAKI JOSAKO commented Jul 21 '22, 12:35 a.m.

It is a wonderful point!
JSSESIONID was needed to request a post.
Try it!

Thanks


HIROAKI JOSAKO commented Jul 21 '22, 3:06 a.m.

It went well!
thank you!

Your answer


Register or to post your answer.