Keep getting 403 errors when I attempt to test endpoints

Question

I have been hired by an organization who subscribes to IronWiFi services, to create a daily update of an IronWiFi user used for guest internet access in their office for the day. I have been using the page at https://market.mashape.com/ironwifi/ironwifi to test endpoints, but I can't seem to get it to work. I've been working with the CHANGE PHONE endpoint as a test with my own account, and I have the following questions: 1) I am not clear what value I should insert in the account_id field. Where can I find this value?
2) When I click the AUTHORIZE button, I enter my IronWiFi user credentials, and it replaces the first Authorization input field with Basic followed by a token. Is this the correct behaviour?
3) What token do I place in the second authorization input box? One of the X-Mashape-Key values that I created on Mashup?

Thanks...........................Patrick Gaul

PatGaul · Answer

OK...been messing around with this and I think I'm almost there. I want to change the password for a user, but the response is :

>{"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html","title":"Bad Request","status":400,"detail":"JSON decoding error: Syntax error, malformed JSON"}

Here is the command that caused the error:

>curl -X PATCH --include "https://ironwifi.p.mashape.com/api/account/PASGuest" >-H "X-Mashape-Key: stm1xDpCgFmshhzGSwMfeTFlBjvSp1Q047XjsnE6goKQH0w1cF" >-H "accept: application/json, text/plain, */*" >-H "authorization: Bearer 5851594c6faa0e946899f9361b78856c063f6335" >-H "content-type: application/json;charset=UTF-8" >-d "new_password=Chromium123" >-d "old_password=Silver1"

Now, CURIOUSLY, if I remove the two password parameters at the end (new_password= and old_password=), I get the following result:

>HTTP/1.1 200 OK >Alt-Svc: clear >Cache-Control: max-age=0, must-revalidate, no-cache, no-store >Content-Security-Policy: frame-ancestors www.ironwifi.com >Content-Type: application/hal+json >Date: Fri, 20 Oct 2017 17:49:54 GMT >Pragma: no-cache >Server: Mashape/5.0.6 >Via: 1.1 google >X-Cloud-Trace-Context: a79ce9adae38f2723f0ff078a2e35e7a >X-Content-Type-Options: nosniff >X-Frame-Options: ALLOW-FROM https://www.ironwifi.com/ >Content-Length: 85 >Connection: keep-alive > >{"_links":{"self":{"href":"https:\/\/console.ironwifi.com\/api\/account\/PASGuest"}}}

...So the problem appears to be with the last two parameters. I've checked the syntax and it looks correct. What am I doing wrong?

PatGaul · Answer

Thanks for the example. Unfortunately, when I attempt to get Account_ID by going to https://console.ironwifi.com/api/account I get

{"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html","title":"Forbidden","status":403,"detail":"Forbidden"}

I'm logged in using the company's admin account. Why am I getting a 403 (Forbidden) error?

ironwifi · Answer

Account_ID is the company_id returned when you fetch /api/account

Please see examples on this page and generate API key in our Console -> Account:
https://www.ironwifi.com/documentation/api/

To change your phone number:
curl 'https://console.ironwifi.com/api/account/ACCOUNT_ID' -X PATCH -H 'origin: https://console.ironwifi.com' -H 'authorization: Bearer API_KEY' -H 'content-type: application/json;charset=UTF-8' -H 'accept: application/json, text/plain, */*' -H 'authority: console.ironwifi.com' --data-binary '{"phone":"+1234567"}'

PatGaul · Answer

I've been working with your console for hours. If you could just answer the three questions that I posed in my original message that would help. I can't make any sense of your API!

ironwifi · Answer

Hi Patrick,

easiest to start with our API is to open our Console, use Chrome Developer tools and watch individual API calls.

You can send the API calls directly to https://console.ironwifi.com/api

Please send any support requests directly to support@ironwifi.com

Martin

IronWifi

0.2 / 10

508ms

100%

N/A

Keep getting 403 errors when I attempt to test endpoints