Api: Method not allowed on POST to Destiny2/Actions/Items/TransferItem

Created on 11 Oct 2017 · 8Comments · Source: Bungie-net/api

_I want to start out with the solution incase anyone stumbles across this_
Thanks to @rking788 for pointing out that I was missing the final '/' on the endpoint. It should look like this:
https://www.bungie.net/Platform/Destiny2/Actions/Items/TransferItem/

from what I have read, if you're stumbling across this make sure that you are calling https and have www. in there as well.

Those, along with not calling the endpoint in the Chrome app 'Postman', solved my issue. I called it with the Chrome app 'ARC' instead.

//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
// Original post
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

Hi there,

I followed your guy's documentation for oauth and all is working well. But I think maybe something is messed up with my scopes?

My client id is: 24742

I am testing, in postman, a POST on the endpoint:
https://www.bungie.net/Platform/Destiny2/Actions/Items/TransferItem

My headers are:

"X-API-Key":"(My api key)"
"Authorization":"bearer (current access token)"
"Content-Type":"application/json"

My body is:

{
  "itemReferenceHash" : 2907129557,
  "stackSize" : 1,
  "transferToVault" : true,
  "itemId" : "6917529038127259201",
  "characterId" : "2305843009265977975",
  "membershipType" : 1
}

I am getting this response:

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <title>Service</title>
        <style>BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; } #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; } A:link { color: #336699; font-weight: bold; text-decoration: underline; } A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; } A:active { color: #336699; font-weight: bold; text-decoration: underline; } .heading1 { background-color: #003366; border-bottom: #336699 6px solid; color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal;margin: 0em 0em 10px -20px; padding-bottom: 8px; padding-left: 30px;padding-top: 16px;} pre { font-size:small; background-color: #e5e5cc; padding: 5px; font-family: Courier New; margin-top: 0px; border: 1px #f0f0e0 solid; white-space: pre-wrap; white-space: -pre-wrap; word-wrap: break-word; } table { border-collapse: collapse; border-spacing: 0px; font-family: Verdana;} table th { border-right: 2px white solid; border-bottom: 2px white solid; font-weight: bold; background-color: #cecf9c;} table td { border-right: 2px white solid; border-bottom: 2px white solid; background-color: #e5e5cc;}</style>
    </head>
    <body>
        <div id="content">
            <p class="heading1">Service</p>
            <p>Method not allowed.</p>
        </div>
    </body>
</html>

Do you know if there is anything that can be done to resolve this?

Source

tcozzens

All 8 comments

I don't see a lot wrong with what you are trying to do. My only suggestion would be to add a trailing / to the TransferItem endpoint. So something like "https://www.bungie.net/Platform/Destiny2/Actions/Items/TransferItem/" I know the API can sometime be finicky about those things. Also, which scopes do you have selected in the Bungie applications portal on their site? (this page https://www.bungie.net/en/Application)

As an aside, I noticed you're working on an Alexa skill, I'm currently working on the Guardian Helper skill. https://github.com/rking788/guardian-helper You can take a look at my code for reference and if you know Go, I'm always welcoming contributions 👍

rking788 on 11 Oct 2017

If I tack on the extra '/' at the end, I get this as the response:

{
    "Response": 0,
    "ErrorCode": 2107,
    "ThrottleSeconds": 0,
    "ErrorStatus": "OriginHeaderDoesNotMatchKey",
    "Message": "Origin header does not match the provided API key.",
    "MessageData": {
        "Origin": "chrome-extension://aicmkgpgakddgnaphhhpliifpcfhicfo"
    }
}

I have these enabled:

 Read your Destiny vault and character inventory.
 Move or equip Destiny gear and other items.
 Access items like your notifications, memberships, and recent activity.

I will have to take a look at your code to check it out.

tcozzens on 11 Oct 2017

So it seems like that was a step in the right direction. I'm not sure what could be causing that problem though. What OAuth Client Type do you have selected for your Bungie application?

rking788 on 11 Oct 2017

confidential

tcozzens on 11 Oct 2017

Do you have something in the browser based apps?

tcozzens on 11 Oct 2017

i don't have anything in that field.

rking788 on 11 Oct 2017

👍1

You need to put chrome-extension://aicmkgpgakddgnaphhhpliifpcfhicfo in the Origin Header in your app configuration (I plucked that from the error message above). Your web browser adds that header as a security measure. That header may change as your app moves to the Chrome extensions store, so keep an eye on it. You can provide multiple values with a comma separated list.

Tetron-bng on 11 Oct 2017

👍1

Ok so I just got this to work!

Well kinda. hahaha. This was more of an issue with postman than the endpoint itself.

Postman doesn't allow you to overwrite your Origin-header (with ease). So I tried this out on the chrome app called ARC and it worked perfectly.

This makes sense on what you were talking about @Tetron-bng.

So @rking788 I am not really calling anything yet on the alexa skill. I like to test things out to get a feel for the flow of the APIs before I go messing in the actual code.

Thanks for the help guys!

tcozzens on 11 Oct 2017

👍1

Was this page helpful?

0 / 5 - 0 ratings