I'm able to make a successful Mailgun request using Postman, but when I make the request from my React Native app, it comes back "Forbidden."
export async function sendEmailApi(email: Email): Object {
const DOMAIN = "xxxx.mailgun.org";
const url = `https://api.mailgun.net/v3/${DOMAIN}/messages`;
const res = await axios.post(
url,
{
...email,
withCredentials: true,
headers: {
Accept: "application/json",
"Content-Type": "application/json"
}
},
{
auth: { username: "api", password: MailGunApiKey }
}
);
return res;
}
Am I making the request wrong? Is it something about the runtime security differences?
Another snag: I've been seeing this error with React Native Debugger, so I decided to see what happened without a debugger, so I set the code up to send the result (successful or caught) to console.error. But without the debugger attached, I get "Can't find variable: btoa". It doesn't even make it to the axios request.
It's strange because I tried using the btoa package to construct the header (rather than sending to axios's auth config parameter) but then scrapped that idea, deleting all references to btoa, and even removing the package.
One more note: when I use the imported MailGunApiKey for my password, and inspect the resulting request and compare it with the request postman generated (I used Basic Auth in Postman's authentication tab, not in the headers tab), the encoded auth string is identical except the app's adds oA== to the end.
When I tried simply using the string literal password in my code (instead of the MailgunApiKey variable), the encoded auth strings were identical, but the app returned 400 instead of 401.
