Hi!!
I’m new user with phplist. I have installed software successfully, but I can’t use api interface. I have installed in a server phplist, but I need create and delete subscribers from another server with api interface. In the another server I execute the example “RESTAPIphpListClient.php”, I obtain the session key, but the next call, fails:
Session key is: 609a16b3db746568add450589adf10a8
Fatal error : Uncaught exception ‘GuzzleHttp\Exception\ClientException’ with message 'Client error: GET http://tiendaperu.es/lists/api/v2/lists/3 resulted in a 403 Forbidden response: {“code”:403,“message”:“Forbidden”} ’ in /home/perustocks/public_html/test_phplist/vendor/guzzlehttp/guzzle/src/Exception/RequestException.php:113 Stack trace: #0 /home/perustocks/public_html/test_phplist/vendor/guzzlehttp/guzzle/src/Middleware.php(66): GuzzleHttp\Exception\RequestException::create(Object(GuzzleHttp\Psr7\Request), Object(GuzzleHttp\Psr7\Response)) #1 /home/perustocks/public_html/test_phplist/vendor/guzzlehttp/promises/src/Promise.php(203): GuzzleHttp\Middleware::GuzzleHttp{closure}(Object(GuzzleHttp\Psr7\Response)) #2 /home/perustocks/public_html/test_phplist/vendor/guzzlehttp/promises/src/Promise.php(156): GuzzleHttp\Promise\Promise::callHandler(1, Object(GuzzleHttp\Psr7\Response), Array) #3 /home/perustocks/public_html/test_phplist/vendor/guzzlehttp/promises/src/TaskQueue.php(47): GuzzleHttp\Promise\Promise::GuzzleHttp\ in /home/perustocks/public_html/test_phplist/vendor/guzzlehttp/guzzle/src/Exception/RequestException.php on line 113
What can happen?? If the key is generated, the credentials are ok, right?
Really my system is fpm-fcgi, but to test, I add in “$isOnCli = PHP_SAPI === ‘cli’ || PHP_SAPI === ‘cli-server’;” also "|| PHP_SAP === ’ fpm-fcgi’, for $isOnCli be true, and finally “($usesProxy || (!$isOnCli && !$isLocalRequest))” false to not exit, but I get the same error … =(
Fatal error : Uncaught exception ‘GuzzleHttp\Exception\ClientException’ with message 'Client error: GET http://tiendaperu.es/lists/api/v2/lists/3 resulted in a 403 Forbidden response: {“code”:403,“message”:“Forbidden”} ’ in /home/perustocks/public_html/test_phplist/vendor/guzzlehttp/guzzle/src/Exception/RequestException.php:113 Stack trace: #0 /home/perustocks/public_html/test_phplist/vendor/guzzlehttp/guzzle/src/Middleware.php(66): GuzzleHttp\Exception\RequestException::create(Object(GuzzleHttp\Psr7\Request), Object(GuzzleHttp\Psr7\Response)) #1 /home/perustocks/public_html/test_phplist/vendor/guzzlehttp/promises/src/Promise.php(203): GuzzleHttp\Middleware::GuzzleHttp{closure}(Object(GuzzleHttp\Psr7\Response)) #2 /home/perustocks/public_html/test_phplist/vendor/guzzlehttp/promises/src/Promise.php(156): GuzzleHttp\Promise\Promise::callHandler(1, Object(GuzzleHttp\Psr7\Response), Array) #3 /home/perustocks/public_html/test_phplist/vendor/guzzlehttp/promises/src/TaskQueue.php(47): GuzzleHttp\Promise\Promise::GuzzleHttp\ in /home/perustocks/public_html/test_phplist/vendor/guzzlehttp/guzzle/src/Exception/RequestException.php on line 113
@Thoma1s You can check the phplist_admintoken table that will have been created. There should be a row for each time that you ran the client. Does the timestamp look correct?
I’m having the same problem, and would really appreciate some help with this.
I successfully get a session key from https://www.mydomain.com/lists/api/v2/sessions, but as soon as I try to call anything else (e.g. to get list info, subscribers, etc) I get something similar to the following message:
Caught Exception: Client error: GET https://www.mydomain.com/lists/api/v2/lists/2 resulted in a 403 Forbidden response: {“code”:403,“message”:“Forbidden”}
I’m not aware of any permissions problems with my server. I don’t see relevant messages in the server logs to help diagnose the problem. Is this happening somewhere in the bowels of phpList?
Ok, so after a LOT of digging and debugging, I finally figured out the issue (for me at least). I inspected the request being received by phpList, and the Authorization header was never appearing, everything else was.
Was able to fix this through the .htaccess file by adding the following line: SetEnvIf Authorization “(.*)” HTTP_AUTHORIZATION=$1
I hope this can help someone else avoid this issue!