Can't POST or PATCH on server, got 403 forbidden with api-platform

Question

I have an issue since several days.

I'm creating an API with Symfony 5 and Api-platform.

I add a JWT auth with LexikJWTAuthenticationBundle. I have no problem for register, login or GET my entity.

When I start the API on my computer I can POST and PATCH on localhost without any problem but when I want to POST or PATCH an entity on my server I always have this response :

<html>

<head>
    <title>403 Forbidden</title>
</head>

<body>
    <h1>Forbidden</h1>
    <p>You don't have permission to access this resource.</p>
</body>

</html>

I have this response if I send a request with a valid token or without any token.

Maybe it is a problem with CORS or CSRF ? But I can't find a solution.

Does someone have an idea ?

Thanks a lot for your help

Yes. I try to regenerate one with passphrase and one without passphrase but it is not working better ! — Arthur Desutter, Feb 26 '20 at 14:12
do you have voter oder something like "is_granted( ROLE_ADMIN')" in your code?Can you paste your JWT, maybe a role issue — episch, Mar 02 '20 at 17:38

score 1 · Answer 1 · answered Jun 23 '20 at 08:29

1

For those who want the solution, the problem was the server configuration. A firewall blocked all requests other than GET.

answered Jun 23 '20 at 08:29

Arthur Desutter

21
2

Can't POST or PATCH on server, got 403 forbidden with api-platform

1 Answers1