401 Authorization error is keep coming #9851

15 Answer(s)

• 

  0

  AI-Bot created 21 days ago

  Support Team ABP Agent

  • The error message Volo.Authorization:010001 ("Authorization failed! Given policy has not granted.") typically means the current user or token does not have the required permissions for the API endpoint being accessed.

  • If your refresh token is expiring or being revoked, and tokens are cleared every time you request an API, this is often related to authentication or cookie/session issues, especially in browser-based applications.

  • Common causes and solutions:

    1. Token/Permission Issues: Ensure the user has the correct permissions and roles assigned for the API endpoint.
    2. Token Storage: Make sure your access and refresh tokens are stored securely and persistently (e.g., localStorage, sessionStorage, or cookies) and are not being cleared unintentionally (such as on page reload or navigation).
    3. SameSite Cookie Policy: Modern browsers enforce stricter cookie policies. If you are using cookies for authentication, you may need to adjust the SameSite attribute. See the official ABP article for handling SameSite cookie issues, especially for Chrome and Safari:
       • Patch for Chrome Login Issue (IdentityServer4 SameSite Cookie Problem)
    4. Token Expiry: If your refresh token is expiring too quickly, check your IdentityServer or OpenIddict configuration for token lifetimes and adjust as needed.

  • Steps to resolve:

    • Verify user permissions and API policies.
    • Check how tokens are stored and ensure they persist across navigation.
    • Review and update your authentication cookie settings for compatibility with all browsers.
    • Adjust token lifetimes if necessary.

  Sources:

  • Patch for Chrome Login Issue (IdentityServer4 SameSite Cookie Problem)

  ---

  This response was generated by AI. If it didn’t solve your problem, feel free to post a new answer — our support team will jump in to help you soon.

  Save Cancel
• 

  0

  manas-patnaik_HON created 21 days ago

  It did not solve the problem

  Save Cancel
• 

  0

  manas-patnaik_HON created 21 days ago

  [ { "code": "Volo.Authorization:010001", "message": "Authorization failed! Given policy has not granted.", "details": null, "data": null, "validationErrors": null } ]

  Save Cancel
• 

  0

  maliming created 21 days ago

  Support Team Fullstack Developer

  hi

  Can you share the full debug logs (logs.txt) of all your projects?

  https://abp.io/support/questions/8622/How-to-enable-Debug-logs-for-troubleshoot-problems

  You can delete the logs.txt and reproduce the problem, then share it with liming.ma@volosoft.com

  
  var loggerConfiguration = new LoggerConfiguration()
      .MinimumLevel.Debug()
      .MinimumLevel.Override("Microsoft.EntityFrameworkCore", LogEventLevel.Warning)
      .MinimumLevel.Override("OpenIddict", LogEventLevel.Verbose)
      .Enrich.FromLogContext()
      .WriteTo.Async(c => c.File("Logs/logs.txt"))
      
  
  IdentityModelEventSource.ShowPII = true;
  
  IdentityModelEventSource.Logger.LogLevel = EventLevel.Verbose;
  var wilsonTextLogger = new TextWriterEventListener("Logs/identitymodel.txt");
  wilsonTextLogger.EnableEvents(IdentityModelEventSource.Logger, EventLevel.Verbose);
  

  Thanks

  Save Cancel
• 

  0

  manas-patnaik_HON created 20 days ago

  I have shared the logs over the email

  Save Cancel
• 

  0

  maliming created 20 days ago

  Support Team Fullstack Developer

  hi

  1. The website has a CORS problem. Please add your domain to CorsOrigins section of appsettings.json

  CORS policy execution failed.
  Request origin https://sitehostweb.azurewebsites.net does not have permission to access the resource.
  

  Save Cancel
• 

  0

  maliming created 20 days ago

  Support Team Fullstack Developer

  hi

  Your log level is Information, not Debug, I can't see more info.

  Can you change it to Debug and share again?

  See

  

  Save Cancel
• 

  0

  manas-patnaik_HON created 19 days ago

  Hi,

  THE CORS policy is already added in both appsettings.json and also in the app service.

  Save Cancel
• 

  0

  maliming created 19 days ago

  Support Team Fullstack Developer

  ok, please share the new Debug logs.

  Thanks.

  Save Cancel
• 

  0

  manas-patnaik_HON created 19 days ago

  Hi,

  My colleague Nirmal shared the debug logs over the email

  Save Cancel
• 

  0

  maliming created 19 days ago

  Support Team Fullstack Developer

  hi

  The logs level still [INF] instad of [DBG]

  See

  Save Cancel
• 

  0

  manas-patnaik_HON created 19 days ago

  

  Save Cancel
• 

  0

  manas-patnaik_HON created 19 days ago

  We need your support to close this issue. Can we have a screen sharing session to look into it?

  Save Cancel
• 

  0

  manas-patnaik_HON created 19 days ago

  Hi,

  Did I miss to add any code? I have attached the screenshot for your reference.

  Save Cancel
• 

  0

  maliming created 17 days ago

  Support Team Fullstack Developer

  hi

  Change your log code in all projects(API. AuthServer)

  Then share all the logs.txt files again.

  liming.ma@volosoft.com

  var loggerConfiguration = new LoggerConfiguration()
      .MinimumLevel.Debug()
      .MinimumLevel.Override("Microsoft.EntityFrameworkCore", LogEventLevel.Warning)
      .MinimumLevel.Override("OpenIddict", LogEventLevel.Verbose)
      .Enrich.FromLogContext()
      .WriteTo.Async(c => c.File("Logs/logs.txt"))
      
  
  IdentityModelEventSource.ShowPII = true;
  
  IdentityModelEventSource.Logger.LogLevel = EventLevel.Verbose;
  var wilsonTextLogger = new TextWriterEventListener("Logs/identitymodel.txt");
  wilsonTextLogger.EnableEvents(IdentityModelEventSource.Logger, EventLevel.Verbose);
  

  Thanks.

  Save Cancel