Why do some Rest API calls return 403 while others work fine?

0053X00000H73FWQAZ · September 4, 2023, 4:56pm

I’m new to Milestone and trying to integrate it with my mass notification software. I’ve found that I can run some API command fine but others return 403. I guess that either my token or my user lacks permissions, but I’m not sure how to change that.

Commands that have WORKED:

/sites
/analyticsEvents
/eventTypes

Commands that return 403:

/cameraGroups
/events (GET)

How can I avoid these 403s? I’d really like to just get a user and token with full permissions to that I could test the whole of the system.

Bo_Ellegard_Andersen · September 5, 2023, 5:39am

The simple way to be allowed all is to use a user belonging to the Administrators role in Milestone XProtect. Alternatively you will have to grant permissions to the role the user belongs to, this can be done in the Management Client, Roles..