Authentication endpoint produces 403 Forbidden error

[MattW224]

The start_session function produces a 403 Forbidden error, and renders the entire script broken. I tried to leverage it as a starting point for my own tooling, but Ancestry locked down the endpoint. Have you discovered any alternate authentication mechanisms?

[neRok00]

I haven't used/tested this script for a while, and can't do any testing right now. But I was just looking at the Ancestry website, and it seems they've tweaked the URLs, and so I reckon it might work if you change lines 129 and 130 from;

login_url = 'https://www.ancestry.com/account/signin/frame/authenticate'
referer_url = 'https://www.ancestry.com/account/signin/frame?'

to

login_url = 'https://www.ancestry.com/account/signin'
referer_url = 'https://www.ancestry.com/'

Give it a go and report back.

[MattW224]

No such luck. I also copied the request headers from Chrome's network tab, and leveraged that in my script -- no dice.

[mrichar1]

I've just had a look at this myself, and the issue is coming before the login page is even reached. If you capture the response and look at the HTML it has the following (403):

Browser Validation
Error 54
This process is automatic. Your browser will redirect to your requested content shortly.

Please stand by, while we are checking your browser...
Incident ID: abcdefghabcdefgh
Timestamp: 2022-03-10T14:45:50.762Z

There probably isn't a nice way to work round this without much more complex browser spoofing.

[MattW224]

Bizarrely, I got this functional and developed my own API wrapper.

I'll have to retrace my steps, and will share the results here.