Cannot access MS Project Server 2013 REST API server - authorization error

1
votes

I use Project Online to host Sharepoint 2013 with MS Project Server 2013. When I try to access https://my_company.sharepoint.com/sites/pwa/_api/ProjectData/Projects from my Restful Jersey client and after providing the right credentials I get a response with status type 403. The String that corresponds to the text body of the response is the following xml:

<?xml version="1.0" encoding="UTF-8"?>  
    <m:error xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata">
        <m:code>-2147024891, System.UnauthorizedAccessException</m:code>
        <m:message xml:lang="en-US">Access denied. You do not have permission to perform this action or access this resource.</m:message>
    </m:error>

The code I'm using in order to authenticate and access the Rest API is the following:

String url = "https://myCompany.sharepoint.com/sites/pwa/_api/ProjectData/Projects";
try {
    Client client = Client.create();
    client.addFilter(new HTTPBasicAuthFilter(username, pass));
    WebResource webResource = client.resource(url); 
    ClientResponse response = (ClientResponse)webResource.type(MediaType.APPLICATION_ATOM_XML).get(ClientResponse.class);
    InputStream inputStream = response.getEntityInputStream();

    try {
        String output = IOUtils.toString(inputStream);
        System.out.println("output: "+output); 
    } catch(IOException e) {
        e.printStackTrace();
    }
} catch (Exception e) {
    e.printStackTrace();
}

I guess that the problem is somehow related with the https protocol that Project Online uses but I'm not sure. Any help would be appreciated.

1
javarestjerseyjersey-clientms-project-server-2013
403 usually means that you have authenticated but do not have access to the resource you're trying to access. Check the user's privileges on the server and make sure you're trying to connect to the correct URL.Natan
I have enabled the specific user's global permissions under PWA settings on Project Server so that user has the appropriate permissions to access the respective services. Beyond this and as far as I've gone through this issue, my client cannot authenticate to an https url without an ssl context, so I suppose that this error has mainly to do with this lack of ssl configuration in my client.jkonst
Unless Project Server does client-side-certificate authentication, I doubt that's the problem. Without ssl context and verified server-side certificate you wouldn't get any response from the server. You getting 403 is a sign that server certificate validation is not a problem.Natan
I can't. I'm not familiar with Project Server and its authorization logic, so I can't point the specific problem here. I'm only saying that SSL verification is a different subject and is not related to 403 HTTP code.Natan
Please try to provide one more header X-RequestDigest into your request. For this header value, just consume API POST your.sharepoint.com/_api/contextinfo with auth details and read FormDigestValue and pass this value as header into your request. This may solve you issuePKhode

1 Answers

2
votes

two things: 1- if you are using Project Online, it uses OAuth no Basic Auth 2- the user must be in a group with "Access Project Server Reporting Service" permission enabled