Sendgrid-csharp: Access forbidden when trying to GET user/profile

This seems to be an API issue more than a C# library question so I will contact support but I figured I would ask the question here anyway in case someone else has faced this issue and can share how they resolved this permission issue.

I just noticed that I am getting the exact same HTTP 403 error when making a request to:
GET https://api.sendgrid.com/v3/api_keys

someone else reported this problem

@Jericho is your account provisioned?

yes it is

Thank you, we are investigating.

Any update?

@Jericho could you please check your permissions and try once again? Thanks!

What permissions do you want me to check? As I explained before, I don't see any privilege that would be related to "API Keys". Here's what I see:

All privileges are "Full Access" (or read-only if full-access is not available).

I ran another test and I am still getting HTTP 403.

Thanks for getting that to me so quickly? Do you already have a support ticket number for this issue?

I opened ticket #594726 on February 5. All I heard since is they are "running some tests" and are "still investigating".

Thanks, I will follow up.

I just discovered the exact same HTTP 403 when issuing the following request:

GET https://api.sendgrid.com/v3/categories?limit=50&offset=0

Hi,

I have the same problem. Did you have any chance to fix this?

Thanks

Unfortunately, the problem still hasn't been fixed.

Thanks for your reply.
So, you also cannot call any of those post method api, right?

Here are the 3 API calls that are returning HTTP 403 for me:

1. GET https://api.sendgrid.com/v3/user/profile
2. GET https://api.sendgrid.com/v3/api_keys
3. GET https://api.sendgrid.com/v3/categories?limit=50&offset=0

All other API calls are working perfectly fine for me.

Oh, Thanks,

I have same issue for:
https://api.sendgrid.com/v3/stats
https://api.sendgrid.com/v3/templates

Also I can't generate any new API Key:

@Jericho I have updated our internal support ticket for you with a link to these details.

@erkinkas Please submit your issue to our support team at [email protected].

Thanks!

I also get this issue for stats.get.json api.

@sinaislam please submit your issue to our support team at [email protected].

Thanks!

For people finding this through google, it seems only the "main" account can generate API keys.
If you are a managed user, you'll have to ask your administrator to generate the API key for you.
To tell whether you are a managed user or an administrator, check your Settings dropdown for "Credentials" or "Plan & Billing Details".
Managed user:

Admin user:

@courajs Thanks for sharing the solution!

still getting this in 2018. lol
[ GOOD ]{"errors":[{"field":null,"message":"access forbidden"}]}NULL

Hi @omarshamali,

Have you tried the solution offered above by @courajs?

With Best Regards,

Elmer

@thinkingserious yes, i have the master account, generated a full access API, and still the same, i get access forbidden

Hi @omarshamali,

In that case, I suggest you reach out to our support team so that they may took a deeper look at your account.

@omarshamali The API & SendGrid as a whole is a bit broken at the moment in my opinion, I've made atleast 5 or 6 different support tickets in the past 6 months, all different issues, two of which have been "resolved" (What I mean by that is that they've suggested another route), not fixed. At the moment I'm facing the same issue as you, my API key has full access yet first I was receiving this:

Failed to load https://api.sendgrid.com/v3/messages?limit=10&query=msg_id%3D%22asdfasdf.0%22: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. Origin 'https://sendgrid.api-docs.io' is therefore not allowed access. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.

Then after navigating to https://api.sendgrid.com/v3/messages to bypass the CORS/ ACAO header(s) from SendGrid (I have all headers set to allow CORS on my sites) I get {"errors":[{"field":null,"message":"access forbidden"}]}

Additionally, I tried it from the SendGrid API docs themselves with the same result.

Sorry @thinkingserious but I don't think I have the patience to submit another support ticket.

also did anyone notice the radio inputs on firefox in this screenshot? the checked ones... they're off centre

Hello @branditodesign,

Here is some documentation on CORS issues. Please let me know if that is what you need.

With Best Regards,

Elmer

Sadly no it doesn't.
I'm not attempting to send emails via the browser but access other API
endpoints and receiving 403 forbidden.

On Thu, 10 May 2018, 3:31 AM Elmer <*@github.com> wrote:

Hello @branditodesign https://github.com/branditodesign,

Here is some documentation
https://sendgrid.com/docs/Classroom/Basics/API/cors.html on CORS
issues. Please let me know if that is what you need.

With Best Regards,

Elmer

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/sendgrid/sendgrid-csharp/issues/185#issuecomment-387815437,
or mute the thread
.

@branditodesign,

In that case I suggest you reach out to our support team as this is an API issue rather than SDK issue and I'm afraid I don't have the appropriate access or knowledge to help you troubleshoot.

With Best Regards,

Elmer

@thinkingserious SendGrid Support staff via livechat solved the issue.
As it turns out, since SendGrid changed their pricing model to charge for the last 30 days of data, they also restrict ALL access to the API UNLESS you pay for the $12/month plan to keep the last 30 days of activity/data, even if you're only trying to access data about an email from yesterday...

@branditodesign I noticed the same thing

Hi @branditodesign,

As an alternative, I suggest you checkout the Event Webhook.

I hope that helps.

With Best Regards,

Elmer

@thinkingserious A step ahead of you there :p, nearly saving the $12/month 😉
I just wish I could have the email address each email is sent from included with the webhook events, saves me from going into the activity feed or our CRM and searching for it myself.

Perhaps custom args can help make that easier for you by assigning a unique id (perhaps the user id in your CRM) to each outgoing email to make it easier to automatically match with the entry in your CRM.

The thing is though a lot of the times they're going out from different email address, also it seems that solution requires access to the v3 API, something we don't have :(
I should also note that these emails are not being sent through the API.

@branditodesign,

Can you elaborate your use case please? Thanks!

So our CRM is setup to send all the outgoing emails through SendGrid, although, sometimes the CRM will have issues which leads to some employees using the regular mail client to send the emails (still going through the SendGrid servers). Then when you're attempting to check who a certain dropped email belongs to, I have no way of checking via the Event Webhook. The event webhook does provide me with enough info to find that information out myself, although it'd be great to have along side the data in the table screenshot I posted earlier.

Appreciate the extended support :)

Hi @branditodesign,

Thanks for taking the time to elaborate so that I can share with our product team.

With Best Regards,

Elmer

Thank you for dealing with the GitHub issues professionally 😃

Tell me someone deleted that comment from Obi

He must have deleted it himself as I did not.

Sigh, the comment is still in my inbox....
Just a reminder not to post code without first removing your API keys!

The API key was from the code snippet posted by SendGrid on their docs page as a sample.
I deleted the comment shortly after posting it as I realized it should belong to a different category.

From: branditodesign [mailto:[email protected]]
Sent: Thursday, May 17, 2018 7:37 PM
To: sendgrid/sendgrid-csharp sendgrid-csharp@noreply.github.com
Cc: Obi Oberoi OOberoi@Tridel.com; Comment comment@noreply.github.com
Subject: Re: [sendgrid/sendgrid-csharp] Access forbidden when trying to GET user/profile (#185)

Sigh, the comment is still in my inbox....
Just a reminder not to post code without first removing your API keys!

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHubhttps://github.com/sendgrid/sendgrid-csharp/issues/185#issuecomment-390046554, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AiaYu7crfc6B0f-Zu28jpE9Hzd2ZpVvpks5tzgmPgaJpZM4HUeKA.

Strange... Last time I visited the docs I couldn't see any examples including an API key, only examples including YOUR_API_KEY or YOUR_API_KEY_HERE

My bad…you are correct.

From: branditodesign [mailto:[email protected]]
Sent: Thursday, May 17, 2018 7:57 PM
To: sendgrid/sendgrid-csharp sendgrid-csharp@noreply.github.com
Cc: Obi Oberoi OOberoi@Tridel.com; Comment comment@noreply.github.com
Subject: Re: [sendgrid/sendgrid-csharp] Access forbidden when trying to GET user/profile (#185)

Strange... Last time I visited the docs I couldn't see any examples including an API key, only examples including YOUR_API_KEY or YOUR_API_KEY_HERE

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHubhttps://github.com/sendgrid/sendgrid-csharp/issues/185#issuecomment-390050042, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AiaYu_WyIe9qXTP1nSxlpmSsSw1vP6Wgks5tzg5BgaJpZM4HUeKA.

@obioberoi,

We will go ahead and disable that API Key for your protection. Please create a new API Key. Thanks!

With Best Regards,

Elmer

ISSUE : Request** returned status Code 401Body:{"errors":[{"message":"The provided authorization grant is invalid, expired, or revoked","field":null,"help":null}]}

package springboot.SendgridExample;
import java.io.IOException;

import com.sendgrid.*;

public class Sendmail1 {
public static void main(String[] args) throws IOException {
Email from = new Email("[email protected]");
String subject = "I'm replacing the subject tag";
Email to = new Email("[email protected]");
Content content = new Content("text/html", "I'm replacing the body tag");
Mail mail = new Mail(from, subject, to, content);
mail.personalization.get(0).addSubstitution("-name-", "Example User");
mail.personalization.get(0).addSubstitution("-city-", "Denver");
mail.setTemplateId("d-9f26c562e3d34eksfjksdkkj3242"); //dummy value i have that template id

SendGrid sg = new SendGrid(System.getenv("SENDGRID_API_KEY"));
Request request = new Request();
try {
  request.setMethod(Method.POST);
  request.setEndpoint("mail/send");
  request.setBody(mail.build());
  Response response = sg.api(request);
  System.out.println(response.getStatusCode());
  System.out.println(response.getBody());
  System.out.println(response.getHeaders());
} catch (IOException ex) {
  throw ex;
}

}
}

Hi,

Am not able to access any of the API from sendgrid

• GET https://api.sendgrid.com/v3/user/profile

• GET https://api.sendgrid.com/v3/api_keys

Getting Access forbidden issue please help me to resolve
Thanks in advance.

Still broken
https://api.sendgrid.com/v3/user/credits
{"errors":[{"field":null,"message":"access forbidden"}]}

Still broken now??? 403 even I created a full-access api key

Ya. May be time to move on here. Lots of competition out there.

We are getting 403 for https://api.sendgrid.com/v3/contactdb/list ...

Also getting 403 on the endpoint @acip included

*I have a full access API key created with the admin account

Hi folks I am getting a 403 while trying to use the email activity feed API like so

https://api.sendgrid.com/v3/messages?limit=10

The documentation says you have to purchase additional email activity history and I'm not sure if our instance has that but I see "email_activity.read" as one of the permissions (I also have a full access API key created with the admin account)

It seems this issue happens to FREE accounts. @acip @JClackett @Bug-Generator did you guys have a FREE account or a paid one? Just want to know to confirm.

@albertbenitez I have a paid account!

free (in trial atm)

On Mon, Sep 9, 2019 at 2:48 PM Jack Clackett notifications@github.com
wrote:

@albertbenitez https://github.com/albertbenitez I have a paid account!

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/sendgrid/sendgrid-csharp/issues/185?email_source=notifications&email_token=AAMSWIQ4MPPSTCXNUV5YU5DQIYZZBA5CNFSM4B2R4KAKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD6HIOFY#issuecomment-529434391,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAMSWIVEZZ7FZNEQFWF6URDQIYZZBANCNFSM4B2R4KAA
.

I have both a paid and a free account. I get the same issue in both

this is why i quit sendgrid forever, very weak technical support and bug fixing

OFFICIAL SENDGRID TICKET RESPONSE

I am afraid that all the accounts made through our resellers don't have access to marketing campaigns feature, therefore, this is why you are unable to upload contacts.

Is not limited because it's free, it's limited because it's made through one of the resellers that don't have access to this feature.

I don't understand that the ticket response means about the resellers. Did you guys send a ticket as well?

@albertbenitez i assume using integrations like heroku, where you sign up via heroku

My free account was made on the official sendgrid website

mine also! so not sure whats going on here..

Its quite unfortunate that after this long nothing concrete from sendgrid to fix this issue

I'm getting the same "access forbidden" error when trying to create a new contact via https://api.sendgrid.com/v3/contactdb/recipients

Is there any solution to this?

Same here

I guess it's time to move on to the competition folks, this thing is dead :)

bye bye sendgrid

I'm getting the same "access forbidden" error when trying to create a new contact via https://api.sendgrid.com/v3/contactdb/recipients

Is there any solution to this?

I had to use the V3 API found here: https://sendgrid.api-docs.io/v3.0/contacts/add-or-update-a-contact

It works perfectly using this version of the API.

Thanks for your comment @shanwixcode - seems like everything is outdated.

@shanwixcode after scratching my head on this for many hours i followed your link and after updating my code it works again.. Geez SendGrid, if you depricate api's at least make it clear in documentations and what nut. Technically its all still v3 which can't have breaking changes like this!

It's 2020 and Sendgrid still has documentation and examples on their website that are several years old, and their API gives no deprecation warnings. They also don't know the basics of versioning.

I think the problem is because they have two versions of marketing campaigns, a new one and a legacy one. I think calls to the legacy API are not allowed anymore, but calls to the new one work. I inferred this from trying out both legacy and new APIs and reading this: https://sendgrid.com/docs/ui/sending-email/migrating-from-legacy-marketing-campaigns/#choosing-a-new-marketing-campaigns-plan.

@marius-stanescu Yes, that is the issue. But why not call the new API "version 4" - now we have two versions labeled "version 3". And when googling issues, I usually find the help for the wrong API.

I found it very useful to use Postman and to load the API documentiation found here: https://api.stoplight.io/v1/versions/E2KbzZkqZQttfyqxp/export/oas.json

Sendgrid, have to say - really poor form overall with your entire API, worst experience on my end

Docs are out of order, everything that has documentation is deprecated, APIs all over the place

Can't do a simple get request either i'm stuck with the forbidden request for trying to get users from a contact

Oh PS your automation script seems to be broken too...sent out one email and stopped working after that

This level of incompetency for a $100 >million company is sad

they are worth more than 100 million dollars?? and they cant spend a day getting their API fixed?