Using API to add a user from JAVA results in 403

My web server adds invoices and new clients to invoice ninja. This used to work in Version 4, it now has problems with version 5. I always get a 403 return code. I have changed the java code to make allowances for the security token name (X-API-TOKEN)

I am able to add the client using curl.

curl -X POST https://invoicing.co/api/v1/clients
-H “Content-Type: application/json”
-H “X-API-TOKEN: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx”
-H “X-Requested-With: XMLHttpRequest”
-d ‘{“name”:“testclient”,“private_notes”:“auto create from shopping cart”,“contacts”:[{“first_name":“testclient”,“email”:"[email protected]”}]}’

The JSON in this request comes from the logs in the java code, so is identical. In the java code I am setting Header values to the values used in the curl.

This code used to work in JAVA for version 4, with the only modifications for the X-API-TOKEN name, and minor changes to the JSON format sent to invoicing. As I mentioned, the JSON sent is identical for both curl and my java program.

Any suggestions?

Hi,

The 403 implies a security error, all I can suggest is to double check that the headers in the Java code are correct.

Not making much progress here.

I changed the URL to point to webpages on invoiceninja,con and invoicing.co and get back a 403 for any page, even changing the request headers for acceptable content types for webpages. Pointed to other websites I have, and java retrieves the contents of the webpage.

It seems invoicing.co is complaining about something before the request is even passed on.

I have known problems like this when cloudflare is used infront of a website. Are there any other headers required for the request?

That’s it, if the cURL request is working then it seems to show the problem must be the Java code?

Turned out that I had to adding a ‘User-Agent’ to the POST request header solved the problem.

@david does that seem right to you?