Hi @Antoine12,
I checked the data about your project, all seems good in our side.
Could you install the last version of the agent (1.3.1), and try again. There will be some additional content in the 403 response. Could you copy/past here ?
On an other side do you use some custom/external middleware that could intercept the request and return a 403 response?
Thanks
Hi Valentin and thank you for answering me.
I just upgraded to 1.3.1 and now it shows a 500 as follows:
With this error in my logs:
Also this error in python manage.py runserver cli:
InsecureRequestWarning: Unverified HTTPS request is being made to host 'api.forestadmin.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
warnings.warn(
@Antoine12 perfect, I can investigate about the bug now.
The next answer should be the fix answer 
@Antoine12
Could you show me the request headers?
Hi @Antoine12,
So you don’t have an “Authorization” header in your requests ?
Can you say me if you have one cookie named forest_session_token ?
Thanks
I just hide it.
There is it. I also add a new response that I have and that could help.
Here is my cookie list:
I don’t see forest_session_token cookie inside
The cookie sent are not generated by our code.
Do you use a custom authentication middleware in your own code ?
Could you send me the authentication request and the authentication response body please ?
Hello @Antoine12,
The authentication normally goes in 3 steps:
- A first call to
/forest/authentication on your agent
- Then a call to
https://api.forestadmin.com/oidc/auth
- And finally a call to
/forest/authentication/callback on your agent
Could you please paste the body of the response to the url /forest/authentication/callback?
Indeed. That is not normal. Can you also share the content of the first response to /forest/authentication/callback please?
Thanks for the answers. We did not experience this behavior in the past, so I suppose that it should be related to a specificity of your project.
We’ll try to reproduce on our end. On your side, do you think you could be able to create a project with an empty DB showing the same issue? Maybe if you could it would speed up a lot the reproduction and fix of this issue.
It is possible to send us private messages if you don’t want to share sensitive data in the forum.
Also, can you share with me in private message the content of the generated token and the time you got the response, please? I’d like to check its validity.
I finally found the solution.
I changed my settings time from Europe/Paris to UTC
Now it works perfectly.
Thanks
2 Likes
@Antoine12
Nice,
Is it your only change ?
I don’t reproduce the bug by using another timezone than UTC.
Hi @Antoine12,
I fix this issue. You can download the version 1.3.2 of the package if you need to use another timezone than UTC
