Provide us with the following info:
🧐 Hint: If you are using the ABP Studio, you can see all the information about your solution from the configuration window, which opens when you right-click on the solution and click on the Solution Configuration button.
- ABP Framework version: latest
- UI Type: Angular
- Database System: EF Core (MySQL)
- Tiered (for MVC) or Auth Server Separated (for Angular): yes(micro services architecture with separate modules)
- Exception message and full stack trace: Forbidden
- Steps to reproduce the issue: While calling the remote api from another api appservice to appservice getting forbidden error.
- I have a vendor enity with crud operations service in vendormodule and that is having list of addresses this address entity crud operations are in coreaccounting module.
- after saving the vendor i need to save list of addresses belongs to this vendor while calling the address service saveall method in coreaccouning module getting forbidden error all the configgurations are made correctly.
11 Answer(s)
-
0
HI,
Try install
Volo.Abp.Http.Client.IdentityModel.Webto your project.It will try get access_token from current user.
https://github.com/abpframework/abp/blob/dev/framework/src/Volo.Abp.Http.Client.IdentityModel.Web/Volo/Abp/Http/Client/IdentityModel/Web/HttpContextIdentityModelRemoteServiceHttpClientAuthenticator.cs#L24
-
0
Hi LiangShiwei,
In which project I need to install this package Vendor or CoreAccounting? I am calling method from vendor to core accounting. Also we have module and service projects separate, should I need to install in service or module?
-
0
HI,
you should add it in the project that sends the request and don't forget add the module dependencies to the Module class
-
0
added in both module and service projects but getting same error -
0
-
0
Hi,
I see, you are using the client credentials, is the client has the adress permissions ?
Could you please share the full logs(auth, services) with me? thanks
-
0
There are not much logs created.. We are logged in as admin user and granted all the permissions to admin
-
0
because you are using the client credentials, you have to assign permissions to client, not role.
-
0
Eurekaa.. Success I am able to call the service from another service after giving the permissions to client. Thank you for your support
-
0
Actually I missed to verify the update there are two methods create and update in my vendor(caller) service both are calling the core accounting service SaveAllAsync method having [HttpPost] attribute. While creating there is no errors am able to call the core accounting service SaveAllAsync method from Vendor, but while updating again getting the Forbidden error.
Below screens showing calling same service SaveAllAsync in coreaccounting from vendor service create and update methods. From Create method it is success but from update is getting Forbidden
-
0
I can't see any difference with two methods, you should check the permissions
