ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Error: “Invalid API key” or "HTTP Error 403: FORBIDDEN" when generating an API key for Symantec Mobility / App Center


Article ID: 161008


Updated On:


Mobility Suite


 You are invoking a Symantec Mobility API, which requires that you generate an API key. You generate the key and include it with the API call to the Mobility server. However, when you attempt to access Mobility via the API, the API call is rejected and you one of the following errors:.

  • “Invalid API key” is displayed in the logs
  • "HTTP Error 403: FORBIDDEN" is returned from the API



 The API key contains one of the following symbols: ! # $ & ‘ ( ) * = , / : ; = ?


You can either regenerate another API key that doesn’t have one of the reserved characters, or you can encode the symbol in the URL by using the hexadecimal representation of the symbol’s ASCII value. This value is preceded by the % symbol.  The following table provides the encoded values for the reserved symbol set:

Symbol HEX Encoded Value
! %21
# %23
$ %24
& %26
' %27
( %28
) %29
* %2A
+ %2B
, %2C
/ %2F
: %3A
; %3B
= %3D
? %3F