Error: "403 FORBIDDEN \"Action execution not allowed.\"" seen when running external-values API calls for custom forms in Aria Automation
search cancel

Error: "403 FORBIDDEN \"Action execution not allowed.\"" seen when running external-values API calls for custom forms in Aria Automation

book

Article ID: 410981

calendar_today

Updated On:

Products

VCF Operations/Automation (formerly VMware Aria Suite)

Issue/Introduction

  • Running API endpoint /form-service/api/forms/renderer/external-values gives this 403 error of type "org.springframework.web.server.ResponseStatusException"
    • "message": "403 FORBIDDEN \"Action execution not allowed.\""
  • You have made sure that the user has access to Aria Automation Service Broker and a project which can access this form

Environment

VMware Aria Automation 8.16.x,, 8.17.x, 8.18.x

Cause

From Aria Automation 8.16.x onward, there are additional security measures in place for form execution.

This means that you first need to run the /form-service/api/forms/renderer/model API as detailed in the Resolution section below.

Resolution

To validate your access to the form, first perform these steps which will also give you a working example of the API calls:

  1. Log in to the Aria Automation GUI as the intended user and open the Service Broker catalog
  2. Open the browser "dev tools" by pressing F12
  3. Open the catalog item you wish to run by API: confirm that it opens and displays correctly
  4. Copy values for the API calls below that you will need to run. The important values are:
    • Request URL, which includes parameters in the format ?param1=val1&param2=val2&...
    • Request headers
    • Request body, also known as "payload"
    • The bearer token is needed for all API calls to authenticate the user - for more info, see Get Your Access Token for the VMware Aria Automation API

 

The API procedure for getting external values to form items is:

  1. GET https://<VRA-FQDN>/catalog/api/items/<ITEM-ID>
    • The response body contains an object called schema which is needed below.
  2. POST https://<VRA-FQDN>/form-service/api/forms/renderer/model
    • Parameters sourceId and sourceType are required here
    • Take care to include the version number in the sourceId so that the correct form version is chosen
    • The body must be the entire schema object from { to } given by request #1
  3. POST https://<VRA-FQDN>/form-service/api/forms/renderer/external-values
    • Parameters projectId and sourceType are required here
    • The body must contain the scriptAction section which specifies the actions requested and parameters used

 

For more information please consult the Swagger API docs for Custom Forms at https://<VRA-FQDN>/automation-ui/api-docs/

Powered by Wolken Software