I have a callout GET call which works perfectly when i construct the URL like below in my callout policy.
<HTTPTargetConnection>
<Properties/>
<URL>https://xxxxxxxx.execute-api.us-west-2.amazonaws.com/Prod/api/User?userId={accesstoken.user.login}</URL>
</HTTPTargetConnection>
But then instead of hardcoding the URL, i have used a KVM policy to get the env variables prior to the callout policy and then modified my callout above URL as
<HTTPTargetConnection>
<Properties/>
<URL>https://{lambda-api-gateway-url}/api/User?userId={accesstoken.user.login}</URL>
</HTTPTargetConnection>
And now i am getting always 403 with “message”:“Forbidden”
the Target URL it constructs looks good but do not know why i am getting 403 instead of 200.
p.s: BEfore my callout policy, i have a oAuth2.0 policy which is running ok, no problem with that
1 Like
Yes, it’s unfortunate, but you cannot compose the URL that way in an HTTP Target connection.
Instead, you must set the variable “target.url”. Something like this:
var resolveVariableReferences = (function (){
var variableNameRe = "[^ \t\n\"',/\\\\{}]+?"; // non-greedy capture
var varPrefixRe = '{';
var varSuffixRe = '}';
var variableRegex = new RegExp( varPrefixRe + '(' + variableNameRe + ')' + varSuffixRe);
function resolveVariableReferences(s) {
var match = variableRegex.exec(s);
while (match){
var variableName = match[1];
var value = context.getVariable(variableName);
if (value && value !== '') {
s = s.replace('{' + variableName + '}', value);
}
match = variableRegex.exec(s);
}
return s;
}
return resolveVariableReferences;
}());
var template = "https://{lambda-api-gateway-url}/api/User?userId={accesstoken.user.login}";
var resolvedValue = resolveVariableReferences(template);
context.setVariable('target.url', resolvedValue);
You should embed that into a JavaScript policy and execute it in the target request flow.