Closed m0j0r0j0 closed 3 years ago
What is domain name that you are using and your public IP?
Even I am facing this same issue. I have made sure my API requests are within the 100 calls per 5 minutes boundary. The call returns a 403 Error.
Facing same issue. I am requesting <5 times within 5 minutes. (Deployment : nodejs script on heroku )
I think the APIs are down for now
No API's are not down, they are working from the browser but throwing error via script.
Yes, works from browser but failing from script or REST client
@m0j0r0j0 I don't think you should be sharing your public IP address
You mean the site is working, but the API is not, right? @VatsalHirpara
No it works when you hit https://cdn-api.co-vin.in/api/v2/appointment/sessions/public/calendarByPin?pincode=600119&date=01-05-2021 from thr browser but not from a script.
@satheeshwaran Yes you are right, how could that be?
Add this as a parameter in your request
headers={'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36'}
Now it works without sending any headers.
@m0j0r0j0 Why did you close this ticket? We need to get the reason from the maintainer..
@m0j0r0j0 Why did you close this ticket? We need to get the reason from the maintainer..
by mistake i closed it, Reopened.
Now it works without sending any headers. @satishchandra-pandey its still not working, 403!
I get 403, using postman...
I get 403, using postman...
@NimishKmr its wokring from postman:
try hitting : https://cdn-api.co-vin.in/api/v2/appointment/sessions/public/findByDistrict?district_id=365&date=07-05-2021
@m0j0r0j0 - What auth are you using? How do I get token for Bearer Authentication?
@NimishKmr not required.
@m0j0r0j0 Some endpoints are working and some are throwing 403 using script. Include the headers and every script will work.
It is working from postman and from the browser, but isnt working from a script (Tried go, python reuests, python http) , getting 403
For me also browser was working fine, but in postman getting 403. By adding User-Agent header that worked for me.
User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36 Edg/90.0.818.51
@mehtanilay10 yes thanks, adding headers works even for scripts
@chalukyamohanraj we are seeing the same issue as well . We just saw the Rate limiting guideline that was updated today by the Cowin Team and we have modified our scripts accordingly. looks like our IP is still blocked. Can you please help us out. We do not intend to spoof the user-agent to access the API. Please let us know whats the way forward. web address: vaccinehunt.in @cowinapi please help
I am also facing the same error on my IP deployed on digital ocean at Bengaluru server
I tried using user-agent as well.
Facing the same issue in the android app.
@cowinapi I am sending 75 requests per 5 mins. Why I am getting REQUEST BLOCKED
Same issue still getting the 403 and I am well within the rate limit. The API works for browser but not for script.
Adding the user agent header is working, if it is still not working for some one then its because of your postman caches. Try clicking on the upper right hand side button which says "code" .... select curl from drop down and make a curl request from git bash. It will work. The user agent header was the problem
@udaysingh236 I am not using postman. I have a scheduler on a digitalocean droplet which tries to access API.
Facing same issue. I am requesting <5 times within 5 minutes. (Deployment : nodejs script on heroku )
Hi, I too tried to deploy the app on heroku but it seems the api has some kind of geo fencing where it does not allow servers based outside India to interact. I tried to find out if heroku had a server in India but could not find one. Can anyone help me with this or any other cloud platform ?
@tushar1032 I have used Digitalocean's bangalore server. But they have blocked my IP for now
@mtwn105 Thanks! I will try that. But I don't think they blocked your IP, did you exceed the rate limit? because if it is 403 error it got fixed with adding the header.
Yes request coming from outside India is blocked.
No it works when you hit https://cdn-api.co-vin.in/api/v2/appointment/sessions/public/calendarByPin?pincode=600119&date=01-05-2021 from thr browser but not from a script.
Same here it is working from browser fbut from REST is not working
@tushar1032 I tried setting user agent too. It worked for some time then again 403. ☹️
Any other suggestions welcome
Is @cowinapi gonna help us in these issues?
@mtwn105 for python requests it works like this header = {'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36'} link = f"https://cdn-api.co-vin.in/api/v2/appointment/sessions/public/calendarByDistrict?district_id=294&date={date}-05-2021" f = requests.get(link, headers=header)
after adding header user-agent in postman it works but when I tried to work in dart after adding header that shows forbidden as response body
Not sure how Dart works , but its working with python requests make sure you are hitting from India
In production env too it is showing STATUS_CODE 403 even when I use user-agent header.
Facing same issue. I am requesting <5 times within 5 minutes. (Deployment : nodejs script on heroku )
Hi, I too tried to deploy the app on heroku but it seems the api has some kind of geo fencing where it does not allow servers based outside India to interact. I tried to find out if heroku had a server in India but could not find one. Can anyone help me with this or any other cloud platform ?
It isn't because of the geo fencing because if you try the other API routes like "https://cdn-api.co-vin.in/api/v2/admin/location/states" it will work fine (maybe because I am making request to this route occasionally) but STATUS_CODE remains in some routes to which I am making repetitive request (while being in the limit).
No luck with the headers. Still getting 403. Anyone else still facing the issue.
No luck for me too on postman, even using the headers
Is there any public document mentioning the rate-limits? I assume all these 403s are because of rate-limits. Would have been nicer, if these rate-limits are published somewhere (ideally should be on the homepage of the repo).
Still facing the 403 issue, till yesterday evening everything was fine, suddenly it started giving 403 error, below is the summary I have got from discussion:
But the question here is are we allowed to change the user agent header explicitly, I mean is it a valid way to do that or by doing that we are violating any rules that I am not sure. @cowinapi can you please let us know what is the issue and what work around we need to choose
Is there any public document mentioning the rate-limits? I assume all these 403s are because of rate-limits. Would have been nicer, if these rate-limits are published somewhere (ideally should be on the homepage of the repo).
100 API calls per 5 minutes per IP, try to open the link in incognito, you will see the details https://apisetu.gov.in/public/marketplace/api/cowin/cowin-public-v2#/
@mtwn105 for python requests it works like this header = {'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36'} link = f"https://cdn-api.co-vin.in/api/v2/appointment/sessions/public/calendarByDistrict?district_id=294&date={date}-05-2021" f = requests.get(link, headers=header)
Worked for me on using this, thanks! Could you explain how adding the User-Agent
header helped fix things?
i was using API for appointment availability but getting below error . It was working till yesterday. my request rate is also very less.
method:- org.springframework.web.client.HttpClientErrorException$Forbidden: 403 Forbidden: [<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">