You got no auth header. Need a bearer token or basic auth. The key only provides access scope not auth
2 Likes
Joshua, if I add Basic authorization in Postman with my Epicor manager account and password, the X-API-Key in the header vanishes, but I get a 403 error saying REST calls must pass a valid API key. Where do I add the API key to the request? As an additional key/value pair in the Postman Headers section, or Body? Postman automatically adds the Authorization to the header when sending.
3 Likes
Thank you, Joshua! I finally got it to work, posted a batch successfully thru Postman!
Nice!
@josecgomez , @jgiese.wci, as a coda to this whole mess, I was still having trouble running the Post function from my program, but I looked at the differences between the RESTExample and my project, and realized the RESTExample one was using literals on the EpicorRest properties to set them, where I was using Properties settings to do that. I changed those to being interpolated first before setting the EpicorRest properties, ran a test in our pilot environment and VOILA… Ran the posting function successfully! I’ve been banging my head against a wall for WEEKS getting to this point, and something so simple being the issue… 
THANK YOU to you both for sticking with me through this, I’ve learned A LOT through this whole process and have a tool I can use for testing I didn’t know before! You both are LIFESAVERS!! 
@josecgomez or @jgiese.wci, a question: Why would I need to set one of the EpicorRest properties with a statement like $@“{Properties.Settings.Default.}” instead of just Properties.Settings.Default. if they are both the same data type? Until I changed my code to use the first form the REST call wouldn’t work, but changing the code made the difference… Below is the code snippet…
private static void CallPostFunctionNew()
{
EpicorRest.AppPoolHost = <servername>;
if (_ServerID == "")
EpicorRest.AppPoolInstance = "EpicorERP";
else
EpicorRest.AppPoolInstance = $@"{_ServerID}";
EpicorRest.UserName = $@"{Properties.Settings.Default.BatchEntryPerson}";
EpicorRest.Password = $@"{Properties.Settings.Default.BatchEntryPass}";
EpicorRest.Company = $@"{Properties.Settings.Default.CompanyID}";
EpicorRest.APIKey = $@"{EnvAPIKey}";
EpicorRest.APIVersion = EpicorRestVersion.V2;
EpicorRest.License = EpicorLicenseType.Default;
EpicorRest.IgnoreCertErrors = true;
EpicorRest.Timeout = 10000;
EpicorRest.MaxRequestLogLength = 1;
var smsSend = new
{
GroupID = $@"{BatchGroupID}"
};
var rsp = EpicorRest.EfxPost(Properties.Settings.Default.RESTLibrary, Properties.Settings.Default.RESTFunction, smsSend);
if (rsp.IsErrorResponse)
Console.WriteLine(rsp.ResponseError.ToString());
Console.WriteLine(rsp.ResponseStatus.ToString());
}
You do not need to do that. I think it was a red herring and you changed something else at the same time.
1 Like