Closed andsty closed 2 weeks ago
To resolve the 403 Forbidden error when creating a custom tool with Open API Spec and adding authentication with a Bearer token in Dify version 0.7.0, ensure that you correctly configure the authentication settings. Here is how you can set it up:
Set the Authorization Method:
authMethod
section.bearer
type under authHeaderPrefix
.Configure the Authorization Header:
key
to Authorization
(or a custom value if required).value
to Bearer <your_token>
.Here is an example configuration:
const customToolConfig = {
authMethod: {
title: 'Authorization method',
type: 'Authorization type',
keyTooltip: 'Http Header Key, You can leave it with "Authorization" if you have no idea what it is or set it to a custom value',
types: {
none: 'None',
api_key: 'API Key',
apiKeyPlaceholder: 'HTTP header name for API Key',
apiValuePlaceholder: 'Enter API Key',
},
key: 'Authorization',
value: 'Bearer <your_token>',
},
authHeaderPrefix: {
title: 'Auth Type',
types: {
basic: 'Basic',
bearer: 'Bearer',
custom: 'Custom',
},
},
};
Ensure that the token you are using is valid and has the necessary permissions to access the resources you are trying to reach. Additionally, make sure that the OpenAPI schema is correctly defined and that the endpoint you are trying to access is correctly specified in the tool configuration [1][2].
To continue talking to Dosu, mention @dosu.
I guess you need to provide this endpoint and the openapi spec.
@dosu
{
"openapi": "3.0.0",
"info": {
"title": "Check Address Coverage API",
"description": "xxxxxx Check Address Coverage Web Services",
"contact": {
"name": "Send Email To",
"email": "xxxxxx"
},
"version": "1.0.0"
},
"servers": [
{
"url": "https://111.111.111.111:8110/api/checkAddressCoverage",
"description": "Development Server URL"
}
],
"paths": {
"/getAddressInfoByPostalCode": {
"get": {
"tags": [
"CheckCoverageV2"
],
"summary": "Get Address Info By Postal Code",
"description": "This service retrieves address information by postal code.",
"operationId": "getAddressInfoByPostCode",
"parameters": [
{
"name": "postalCode",
"in": "query",
"description": "Postal code to retrieve address information",
"required": true,
"schema": {
"type": "integer",
"format": "int64"
},
"example": 2301
}
],
"responses": {
"200": {
"description": "Successful operation",
"content": {
"application/json": {
"schema": {
"type": "object",
"properties": {
"code": { "type": "string" },
"name": { "type": "string" },
"details": { "type": "object" }
}
},
"examples": {
"OnSuccess": {
"description": "OnSuccess",
"value": {
"code": "1",
"name": "Success",
"details": {}
}
}
}
}
}
},
"400": {
"description": "Bad request",
"content": {
"application/json": {
"schema": {
"type": "object",
"properties": {
"code": { "type": "string" },
"name": { "type": "string" },
"details": { "type": "object" }
}
},
"examples": {
"OnFailure": {
"description": "OnFailure",
"value": {
"code": "-1",
"name": "BAD_REQUEST",
"details": {}
}
}
}
}
}
},
"401": {
"description": "Unauthorized operation",
"content": {
"application/json": {
"schema": {
"type": "object",
"properties": {
"code": { "type": "string" },
"name": { "type": "string" },
"details": { "type": "object" }
}
},
"examples": {
"OnFailure": {
"description": "OnFailure",
"value": {
"code": "-1",
"name": "Unauthorized",
"details": {}
}
}
}
}
}
},
"403": {
"description": "Forbidden operation",
"content": {
"application/json": {
"schema": {
"type": "object",
"properties": {
"code": { "type": "string" },
"name": { "type": "string" },
"details": { "type": "object" }
}
},
"examples": {
"OnFailure": {
"description": "OnFailure",
"value": {
"code": "-1",
"name": "FORBIDDEN",
"details": {}
}
}
}
}
}
},
"404": {
"description": "Resource not found",
"content": {
"application/json": {
"schema": {
"type": "object",
"properties": {
"code": { "type": "string" },
"name": { "type": "string" },
"details": { "type": "object" }
}
},
"examples": {
"OnFailure": {
"description": "OnFailure",
"value": {
"code": "-1",
"name": "RESOURCES_NOT_FOUND",
"details": {}
}
}
}
}
}
},
"409": {
"description": "Conflict in the request",
"content": {
"application/json": {
"schema": {
"type": "object",
"properties": {
"code": { "type": "string" },
"name": { "type": "string" },
"details": { "type": "object" }
}
},
"examples": {
"OnFailure": {
"description": "OnFailure",
"value": {
"code": "-1",
"name": "CONFLICT",
"details": {}
}
}
}
}
}
},
"500": {
"description": "Internal server error",
"content": {
"application/json": {
"schema": {
"type": "object",
"properties": {
"code": { "type": "string" },
"name": { "type": "string" },
"details": { "type": "object" }
}
},
"examples": {
"OnFailure": {
"description": "OnFailure",
"value": {
"code": "-1",
"name": "Error Message",
"details": {}
}
}
}
}
}
},
"503": {
"description": "Service unavailable",
"content": {
"application/json": {
"schema": {
"type": "object",
"properties": {
"code": { "type": "string" },
"name": { "type": "string" },
"details": { "type": "object" }
}
},
"examples": {
"OnFailure": {
"description": "OnFailure",
"value": {
"code": "-1",
"name": "SERVICE_UNAVAILABLE",
"details": {}
}
}
}
}
}
}
},
"security": [
{
"AddressRepositoryAuth": []
}
]
}
}
},
"components": {
"securitySchemes": {
"AddressRepositoryAuth": {
"type": "apiKey",
"in": "header",
"name": "Authorization"
}
}
}
}
here is my openapi spec and i am adding authendication basic with Header is Authorization and key is added as Bearer {base64key}==
Can you paste a screenshot of the custom tools auth headers?
Found the error.change endpoint to http and it worked.i believe is due to a self signed certificate
Self Checks
Dify version
0.7.0
Cloud or Self Hosted
Self Hosted (Docker)
Steps to reproduce
Create a custom tool with Open API Spec and adding authendication Basic, Header is Authorization and key is added as Bearer {base64key}== and i alway get forbidden 403 error. I have try the same setup from postman with the same key and is working. Am i missing something?
✔️ Expected Behavior
When testing the endpoint it should return a response
❌ Actual Behavior
Reached maximum retries (3) for URL if i go to dify api logs i see error 2024-08-19 12:33:57,697.697 WARNING [Dummy-36] [ssrf_proxy.py:45] - Request to URL https://xxxxxxx:8110/api/checkAddressCoverage/getAddressInfoByPostalCode failed on attempt 2: 403 Forbidden