Hi Lewatle, When interacting with the DSpace 7 REST API, a CSRF token is *required* to be sent with any modifying requests (POST, PUT, etc). See the documentation in our REST contract about this: https://github.com/DSpace/RestContract/blob/main/csrf-tokens.md
The error you are seeing is noting that the CSRF token was either invalid or missing from the request. Tim On Wednesday, February 8, 2023 at 6:25:36 AM UTC-6 joem...@gmail.com wrote: > Hi DSpace Team, > > I am integrating DSpace 7 with external site using REST API, I am getting > the following error, site will be pushing items to DSpace 7 repository, I > have created collection and added user as admin user to push items to that > collection using REST API any advise is appreciated : > > [image: rest api error.png] > Also please see the following bottom part of log file: > > 2023-02-08 14:12:34,633 WARN 8b8d2fb9-8569-4973-9168-b9fbaa0b6015 > 4be5c62f-c00d-459a-aa19-5e7bc1a3c971 > org.dspace.app.rest.exception.DSpaceApiExceptionControllerAdvice @ > Authentication is required (status:401 exception: Access is denied at: > org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:73)) > 2023-02-08 14:12:34,927 INFO 8b8d2fb9-8569-4973-9168-b9fbaa0b6015 > 566dfe1c-97c9-478a-a7e5-9ed952bfeedf > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/authz/authorizations/search/object] originated from > /xmlui/browse?type=subject&value=protein%2Bfolding > 2023-02-08 14:12:34,927 INFO 8b8d2fb9-8569-4973-9168-b9fbaa0b6015 > 6988db4c-67d2-421c-a5dd-8c17ed903092 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/authz/authorizations/search/object] originated from > /xmlui/browse?type=subject&value=protein%2Bfolding > 2023-02-08 14:12:34,927 INFO 8b8d2fb9-8569-4973-9168-b9fbaa0b6015 > 37aaec75-a8ab-4025-a03e-4e7bb9b403a7 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/authz/authorizations/search/object] originated from > /xmlui/browse?type=subject&value=protein%2Bfolding > 2023-02-08 14:12:34,928 INFO 8b8d2fb9-8569-4973-9168-b9fbaa0b6015 > 06d1084e-3458-44ed-a3cf-b5672829feda > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/authz/authorizations/search/object] originated from > /xmlui/browse?type=subject&value=protein%2Bfolding > 2023-02-08 14:12:34,931 INFO 8b8d2fb9-8569-4973-9168-b9fbaa0b6015 > 932de25e-437b-48ed-a6f4-7bbdfe783320 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/authz/authorizations/search/object] originated from > /xmlui/browse?type=subject&value=protein%2Bfolding > 2023-02-08 14:12:38,192 INFO unknown fd90964e-63aa-403f-a1d7-3aa408894d59 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api] originated from / > 2023-02-08 14:12:38,208 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > 914c9aea-0a8b-41f6-9fd3-b33912d212fd > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/authn/status] originated from / > 2023-02-08 14:12:38,220 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > 95337709-2af1-4791-997b-e799d22c2e2f > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api] originated from / > 2023-02-08 14:12:38,232 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > c87c18c7-ff99-40a2-b085-a2bfe5f7b610 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api] originated from / > 2023-02-08 14:12:38,259 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > 0c08261b-df34-4985-8eaa-3838b66bd616 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/pid/find] originated from / > 2023-02-08 14:12:38,274 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > a9a14e04-2565-4e5a-aa0e-c0995d0863e5 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/core/items/a237481f-6f19-4ebf-ba71-cc3d28ef7905] > originated from / > 2023-02-08 14:12:38,316 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > 616f08b5-7fb8-46d1-9c1a-d3251c2a4f51 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api] originated from / > 2023-02-08 14:12:38,329 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > d514e9d5-1162-4d9e-9fa9-d6dfba06142b > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api] originated from / > 2023-02-08 14:12:38,340 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > 6b23926e-4ff3-4508-b5e7-4f67421c6a8b > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api] originated from / > 2023-02-08 14:12:38,895 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > 35240db7-2438-4a2a-9d6c-0dcbc40a0d9f > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/system/scripts/metadata-export] originated from / > 2023-02-08 14:12:38,895 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > 805d66ed-f6b6-46d9-8a88-4a21bb639c70 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/discover/browses] originated from / > 2023-02-08 14:12:38,895 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > 5506289b-d6c6-45a1-9c09-7dc5207abeea > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/core/sites] originated from / > 2023-02-08 14:12:38,897 WARN b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > 35240db7-2438-4a2a-9d6c-0dcbc40a0d9f > org.dspace.app.rest.exception.DSpaceApiExceptionControllerAdvice @ > Authentication is required (status:401 exception: Access is denied at: > org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:73)) > 2023-02-08 14:12:38,899 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > 39e901a0-0d78-4812-b685-5568c65c5b34 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/system/scripts/metadata-import] originated from / > 2023-02-08 14:12:38,900 WARN b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > 39e901a0-0d78-4812-b685-5568c65c5b34 > org.dspace.app.rest.exception.DSpaceApiExceptionControllerAdvice @ > Authentication is required (status:401 exception: Access is denied at: > org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:73)) > 2023-02-08 14:12:38,901 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > 328de12c-c307-4800-b7d9-f2903bddb6b4 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET > /server/api/core/items/a237481f-6f19-4ebf-ba71-cc3d28ef7905/owningCollection] > originated from / > 2023-02-08 14:12:38,901 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > a58b2de9-6b39-43b7-9f67-07ff385c1a9f > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET > /server/api/core/items/a237481f-6f19-4ebf-ba71-cc3d28ef7905/relationships] > originated from / > 2023-02-08 14:12:38,901 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > bacc164c-20a7-4e27-9336-d0faebe94270 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/core/items/a237481f-6f19-4ebf-ba71-cc3d28ef7905/bundles] > originated from /items/a237481f-6f19-4ebf-ba71-cc3d28ef7905 > 2023-02-08 14:12:38,902 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > ece5b50f-c86c-4a98-bcab-41a49bfffca5 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/core/items/a237481f-6f19-4ebf-ba71-cc3d28ef7905/thumbnail] > originated from / > 2023-02-08 14:12:38,904 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > 7084d45b-1d70-44d7-b5c8-561ffc2a43cb > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET > /server/api/core/items/a237481f-6f19-4ebf-ba71-cc3d28ef7905/mappedCollections] > > originated from /items/a237481f-6f19-4ebf-ba71-cc3d28ef7905 > 2023-02-08 14:12:38,904 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > 2aa581fb-9690-46cd-8de3-02cbb2654005 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/core/items/a237481f-6f19-4ebf-ba71-cc3d28ef7905/version] > originated from / > 2023-02-08 14:12:38,905 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > fa9ab109-0646-4d93-9bc4-c411dbbb1289 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/authz/authorizations/search/object] originated from > /items/a237481f-6f19-4ebf-ba71-cc3d28ef7905 > 2023-02-08 14:12:38,906 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > f6fbc375-07c4-4c2d-9c28-476e29ba2e1f > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/authz/authorizations/search/object] originated from > /items/a237481f-6f19-4ebf-ba71-cc3d28ef7905 > 2023-02-08 14:12:39,353 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > 4eb28278-4807-4f0e-9d3a-ad2d759b45d8 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/authz/authorizations/search/object] originated from > /items/a237481f-6f19-4ebf-ba71-cc3d28ef7905 > 2023-02-08 14:12:39,360 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > 67fc1742-5367-489c-b7c7-09356ceed776 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/authz/authorizations/search/object] originated from > /items/a237481f-6f19-4ebf-ba71-cc3d28ef7905 > 2023-02-08 14:12:39,362 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > e4f9d40f-7953-4f73-9374-1c9e2b7ffd5f > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/authz/authorizations/search/object] originated from > /items/a237481f-6f19-4ebf-ba71-cc3d28ef7905 > 2023-02-08 14:12:39,363 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > 51004632-295b-4f27-b602-a0c7810a249c > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET > /server/api/core/communities/212142a8-a40c-4557-84fa-9db056fbee63/parentCommunity] > > originated from /items/a237481f-6f19-4ebf-ba71-cc3d28ef7905 > 2023-02-08 14:12:39,363 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > 72f964a1-c6d4-44bc-ad68-6a1ebf9764ef > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/authz/authorizations/search/object] originated from > /items/a237481f-6f19-4ebf-ba71-cc3d28ef7905 > 2023-02-08 14:12:39,363 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > e5899287-7550-41e8-8fd5-b1927af3b892 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/authz/authorizations/search/object] originated from > /items/a237481f-6f19-4ebf-ba71-cc3d28ef7905 > 2023-02-08 14:12:39,366 INFO b1dc80ab-3b96-4980-b77c-8f5ab83f4724 > a1cefbb1-8a52-467f-9f22-8d019f8e8849 > org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request > [GET /server/api/authz/authorizations/search/object] originated from > /items/a237481f-6f19-4ebf-ba71-cc3d28ef7905 > > Regards, > Lewatle > -- All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx --- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to dspace-tech+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-tech/0214ae6f-91c6-4cd3-8fd1-d7b473b94d69n%40googlegroups.com.
