Incident access not authorized or the incident does not exist when updating custom incident attributes via API
search cancel

Incident access not authorized or the incident does not exist when updating custom incident attributes via API

book

Article ID: 404624

calendar_today

Updated On:

Products

Data Loss Prevention Core Package Data Loss Prevention Enforce Data Loss Prevention

Issue/Introduction

API calls to /ProtectManager/webservices/v2/incidents to update the custom incident attributes ends up with 403 Forbidden HTTP response and the message "Incident access not authorized or the incident does not exist" even though the authorizing user has the "Incident Reporting" and "Incident Update" permission in the role. The incident number is confirmed to exist at the same time.

 

Cause

Custom attributes requires additional permissions for View or Edit operations. Those are granted separately from the Incident Reporting and Update API permissions.

Resolution

  1. Login to the Enforce Console and open the properties of the Role assigned to the API user.
  2. In the Custom Attributes section select "Edit All" right above the list of all the custom attributes.


    If more granular control over the attributes is required then the Edit permissions can be granted per attribute by unmarking "Edit All" and marking the boxes next to each individual attribute that the API user should be able to update.

  3. After adjusting the permissions the API user needs to relog for the new rights to be applied to it's role. In terms of the Enforce server Console it is a simple log off and log on operation in the UI. However in terms of API this requires clearing any cookies which the request may be using for a fresh session to be created with the DLP API for the authorizing user.

Additional Information

Since the API call to update custom attributes is done by their ID rather than their name it may be necessary to verify whether the PATCH command is issued for the right ID. To lookup the IDs associated with the custom attributes by their names a separate API GET call should be made to /ProtectManager/webservices/v2/incidents/customAttribute which will return a list of those.

Note that the API call to customAttribute function will only return custom attributes to which the API user has at least View permissions.

Powered by Wolken Software