Geocode Search 403

Hello.

I am having problems from my app to connect to this url: https://api.openrouteservice.org/geocode/search/structured?api_key=XXXX&address=C/Sevilla,%2054&postalcode=23710&locality=Bailen

where the response is 403 {“error”: “Access to this API has been disallowed”}

However, in profile it indicates that the key_api is valid and the quotas I have not exceeded.

On the other hand, from the web Dashboard, there is no problem.

Could you please help me?

Thank you very much.

Hey,

when stating

you are talking about the API Playground at Dashboard | ORS, correct? If you are able to request from the playground successfully, then there is no issue with your API key, but probably with your app’s code.

You can try posting a minimal example exhibiting the problem, but depending on your choice of language and framework, we might not be able to help.

Best regards

Correct
I am talking about Dashboard | ORS. Excuse my English, but I’m Spanish and I can’t speak English.

It is an application for private use for my wife to calculate distances to different possible destinations, to try to order according to convenience. This application is made in Angular and she only uses it at the beginning of the school year in Spain in September. I mention this to indicate that it is actually used from year to year. In September last year it worked perfectly. This year, the location of my wife’s city and the distance calculation to different cities fails, returning a 403. What I mean is that my application has no evolution or maintenance.

I imagine, that in this annual period, from September last year to now, Dashborad | ORS has undergone changes by updating, bug fixes, etc. new versions.

I understand that from the Dashboard does not give error, because the request is adjusted, headers, parameters, … And from a web browser, I make the GET request, sending the default headers of the browser and it works.

This leads me to the fact that from my application (by not improving or maintaining it), I am missing something that has been added with new versions in Dashboard | ORS and that is present in the Dashboard or in the browsers. I say this, because really the requests from my application manages to reach the server, but this one rejects them for some cause, which is the one that I would like to determine and I think that I lack to add some header or some parameter of authorization.

Of course I send part of my code in Angular so you can see something about one of the requests that give error.

This part of the code is the method for determining the location of my city. It calls a generic class that uses Angular’s http to perform the REST queries.

RouteService.ts

getAddress(user: User) {
  user.addresses.forEach(address => {
      let parameters = new HttpParams()
        .append('api_key', environment.apiKey)
        .append('address', 'C/Sevilla, 54')
        .append('postalcode', '23710')
        .append('locality', 'Bailen');

        const httpOptions = {
        observe: 'response',
        responseType: 'json',
        params: parameters
      };
    
      this.restService.get('/geocode/search/structured', httpOptions, true)
        .then((openroute: OpenRoute) => {
          if (openroute.features.length > 0) {
            user.addresses[0].longitude = openroute.features[0].geometry.coordinates[0];
            user.addresses[0].latitude = openroute.features[0].geometry.coordinates[1];
            this.loaded.emit(true);
          } else {
            this.messageService.showWarn(new Message('TODO: Localización del perfil no hallada.'));
            this.loaded.emit(false);
          }
        })
        .catch((message: Message) => {
          message.error = 'No se ha podido recuperar la localización del usuario ' + environment.username;
          this.messageService.showError(message);
        });
        
    });

}
This part ‘this.restService.get’ makes use of the following code.

And this code is part of the generic service class related to REST requests.

RestServiceClass.ts

 get<T>(path: string, options?: {},locked?: boolean): Promise<{}> {
    const uuidRequest = this.pushRequest(path, locked);
    return new Promise((resolver, reject) => {
        this.loading.emit(true);
        this.http.get<HttpResponse<T>>(path, options)
            .subscribe((response) => {
                this.removeRequest(uuidRequest);
                resolver(response.body);
            },
            (message: Message) => {
                this.removeRequest(uuidRequest);
                reject(message);
            }
        );
    });
}

And this code is part of the generic service class related to REST requests.

I hope I have explained myself, thank you very much for your answer.

@amtroyano

please make sure your request contains the following headers for geocode requests:

curl --include \
     --header "Content-Type: application/json; charset=utf-8" \
     --header "Accept: application/json, application/geo+json, application/gpx+xml, img/png; charset=utf-8" \
  'https://api.openrouteservice.org/geocode/search?api_key=you-api-key&text=Namibian%20Brewery'

If this still doesn’t solve the issue, please provide the actual request your app is sending e.g as curl from the devtools of your browser.

Best regards

1 Like

Well, thank you very much for your interest in helping.

I have been able to dedicate some time to the code and at the end I have been able to determine what the problem is and the solution has been relatively simple.

I had not mentioned that the requests from my application to your API was made behind an angular proxy and it was this that caused the error 403 due to CORS, by not sending the Origin header. By not sending the header, your servers cannot determine the validity of the request.

The solution is simple, in the configuration file of the proxy routes, for your servers I have added the property “changeOrigin”: true and ready.

With this property everything is working correctly.

I repeat, thank you very much for everything.

2 Likes