Cannot access new REST APIs in 7.2 using browserCannot access new REST APIs in 7.2 using browserhttps://liferay.dev/c/message_boards/find_thread?p_l_id=119785294&threadId=1143563382026-04-07T05:37:31Z2026-04-07T05:37:31ZRE: Cannot access new REST APIs in 7.2 using browserAbdul Kareemhttps://liferay.dev/c/message_boards/find_message?p_l_id=119785294&messageId=1211775722021-10-01T13:30:08Z2021-10-01T13:29:38Z<p>Please refer this. https://learn.liferay.com/dxp/latest/en/headless-delivery/consuming-apis/making-unauthenticated-requests.html</p>
<p>you need to create a service access policy.</p>Abdul Kareem2021-10-01T13:29:38ZRE: Cannot access new REST APIs in 7.2 using browserVictor Maneahttps://liferay.dev/c/message_boards/find_message?p_l_id=119785294&messageId=1205027992020-12-12T18:17:06Z2020-12-12T18:17:06Z<p>
<strong>Solution 1</strong>: As per @MohammedYasin's response, you
should add the "Authorization" header as in the example
bellow (I'm using Postman):</p>
<p>
<img src="/documents/14/0/basic_auth.png/3f3f18d3-5afe-2b75-09ea-fbedc24d1726?t=1607796751515&imagePreview=1" /></p>
<p>
<strong>Solution 2</strong>: disable the authentication for your
module. For this, follow
the https://help.liferay.com/hc/en-us/articles/360021024071-Making-Authenticated-Requests-
details. Keep in mind that their example
(com.liferay.headless.delivery.internal.jaxrs.application.HeadlessDeliveryApplication-default.config)
is for the component from their example. The real name of the config
file should be in regard with what you have defined. For example, if
your Class is PdfGeneratorApplication and is
in PdfGenerator.application package, the your config file should be
named PdfGenerator.application.PdfGeneratorApplication-default.config
with the following content:</p>
<pre><code class="language-java">oauth2.scopechecker.type="none"
auth.verifier.auth.verifier.BasicAuthHeaderAuthVerifier.urls.includes="*"
auth.verifier.auth.verifier.OAuth2RestAuthVerifier.urls.includes="*"
auth.verifier.guest.allowed="true"</code></pre>
<p> </p>Victor Manea2020-12-12T18:17:06ZRE: Cannot access new REST APIs in 7.2 using browserMohammed Yasinhttps://liferay.dev/c/message_boards/find_message?p_l_id=119785294&messageId=1144560332019-07-26T11:50:34Z2019-07-26T11:50:34ZHi, <br /> This is because all the services are protected under Basic access authentication, if your using postman or rest client set the Basic Auth in Header or if you want to access from browser you need to add com.liferay.headless.delivery.internal.resource.v1_0.OpenAPIResourceImpl#getOpenAPI in SYSTEM_DEFAULT (Service Access Policy)Mohammed Yasin2019-07-26T11:50:34ZCannot access new REST APIs in 7.2 using browserMichael Freemanhttps://liferay.dev/c/message_boards/find_message?p_l_id=119785294&messageId=1143563372021-10-04T17:32:59Z2019-07-19T12:43:38Z<p>I am unable to access the new REST Open API in DXP 7.2 from a browser
window.<br /> If i use a REST client tool, set up BASIC AUTH, and hit
the URL <a
href="http://localhost:8080/o/headless-delivery/v1.0/openapi.json">http://localhost:8080/o/headless-delivery/v1.0/openapi.json
</a>everything works fine and as expected.<br /> If however i try to
hit that exact same URL from the address bar of a logged in browser
session I receive:<br />
<strong>Access denied to com.liferay.headless.delivery.internal.resource.v1_0.OpenAPIResourceImpl#getOpenAPI</strong>
<br /> Am I doing something wrong?</p>Michael Freeman2019-07-19T12:43:38Z