403 “Forbidden” when calling api/v1/Opportunity with API-Key user (Docker 9.1.5)

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • office
    Junior Member
    • Jun 2025
    • 13
    #1

    403 “Forbidden” when calling api/v1/Opportunity with API-Key user (Docker 9.1.5)

    Hi everyone,
    • Stack: EspoCRM 9.1.5, official espocrm/espocrm:fpm Docker image behind Nginx proxy.
    • API User: type = API, auth = API-Key, no Roles yet.
    • Goal: pull Opportunity data for external analytics.
    • Request:
      bash
      CopyEdit
      curl -H "X-Api-Key: c2aad9add9b99548d93a2cd82da36ac2" \ "https://imunizareclimatica.eu/api/v1/Opportunity?select=id,name&maxSize=1"
    • Result: {"error":"Forbidden"} → HTTP 403.
    • Tried:
      • API key is active, user is active.
      • Works when I switch to basic auth with an Admin token.
    • Question: which minimal Role/ACL flags are required for an API key to READ Opportunities (and later Leads, Accounts)? And is there an EspoCLI command to assign the role instead of clicking in the UI?

    Thanks in advance!
    Tags: None
    • victor
      Active Community Member
      • Aug 2022
      • 937
      #2
      API User must have a Role like Regular User. And the capabilities of your API User will depend on what rights you grant in this Role.

      Click image for larger version Name: image.png Views: 0 Size: 30.7 KB ID: 118973

      which minimal Role/ACL flags are required for an API key to READ Opportunities
      If we are talking about the right to read absolutely all opportunities, then in the "Read" column you need to specify "all".

      You can check Access API or Regular User by clicking on the Access button in the Regular or API User profile.​

        Comment

        • office
          Junior Member
          • Jun 2025
          • 13
          #3
          it seems i forgot to click on the checked mark to save the admins allocation. thanks.

            Comment

            Previous template Next
            Working...