requesting endpoints - suddenly forbidden - key not working anymore for getting endpoints

Hi there,

Allow us to have a quick check on this and get back to you.

Hi, 

Can you share the error return from the response? Also collect logs using logz.io based on the ID correlation response.
Validate as well below details.

The API credential still exists
-It has proper roles assigned

The API credential is applicable to their tenant
-Often times this will arise if they create the API credential at the tenant level and try to use it for another tenant
-Validate the API credential is a PDB level credential

The Tenant in question is managed
-This will return a 403 if the tenant in question being queried is not a managed tenant.

Hi,

thanks for your answer.

We get the following error if we attempt to get the endpoint data:

 {
"error": "forbidden",
"correlationId": "65273394-a935-4aa3-bcbd-baa060cd0b58",
"requestId": "62daf4e5-289b-4008-b5af-819c5f64baa5",
"createdAt": "2021-09-27T10:11:42.224Z",
"message": "Forbidden"
}

- The API Key credential is a PDB level credential

- It is not a tenant-level credential

- The API credential still exists and has the role “Service Principal Super Admin” assigned

- The tenant from which we want to get the endpoints, is a managed tenant

Logz.io . We never used Logz.io before, so we need detailed instructions, how to use it, to get the desired information.

Kind regards

Ralph Felger

Hi Ralph,

Thank you for sharing the details. For the logs.io I'll drop you a DM for instructions on how we can collect logs to further investigate the issue. 

Hi GlennSen,

now we have activated Remote Assistance.

Our unique Sophos ID: c2707604-0741-142a-88fc-d72de9b5b2f0

please tell me when we can start a new test run with our software to detect the problem with the key.

Kind Regards

Ralph Felger

Hi Ralph, 

We tried fetching the logs through the details you've shared with us but we aren’t able to fetch any information.
"correlationId": "65273394-a935-4aa3-bcbd-baa060cd0b58",
"requestId": "62daf4e5-289b-4008-b5af-819c5f64baa5",
Does your key associate with email ID? If so? Can you DM us the Details we can try fetching using Email ID? 

Hi Ralph, 

We tried fetching the logs through the details you've shared with us but we aren’t able to fetch any information.
"correlationId": "65273394-a935-4aa3-bcbd-baa060cd0b58",
"requestId": "62daf4e5-289b-4008-b5af-819c5f64baa5",
Does your key associate with email ID? If so? Can you DM us the Details we can try fetching using Email ID? 

Hi GlennSen,

our software runs on demand, i will have to start it manually and i asked in the reply before :

please tell me when we can start a new test run with our software to detect the problem with the key.

we did not have started our test run because i have got no reply on this question

can i start a test run anytime with our software to detect the problem with the key.?

i will now start a test run with the problem key.

here are the results trying to get the endpoints  for  the tenants:

{
"error": "forbidden",
"correlationId": "c2de9c9b-1a1a-409f-8c9e-71c4d19bec84",
"requestId": "9a0e7afb-30a6-4685-b4bf-7b73d93837d8",
"createdAt": "2021-10-08T06:06:45.437Z",
"message": "Forbidden"
}

{
"error": "forbidden",
"correlationId": "cfbb6196-d892-4c15-8dc7-dd619a14bd02",
"requestId": "d6b02775-fa8c-43a9-b046-78175e18ffac",
"createdAt": "2021-10-08T06:07:58.485Z",
"message": "Forbidden"
}

Kind Regards

Ralph Felger

Hi GlennSen,

since we haven't heard from each other for some time:

Have you been able to verify our testrun with the given key? Should we start a new test run with our software? Or can we support you in other ways in solving the problem?

Kind Regards

Ralph Felger