Adding A Record with API Not Working

I'm attempting to add an "A" record with the API but always get a 403 Access Denied.   

What's  confusing me is I'm able to get the list of records successfully through the API. 

 

Are there additional permissions or settings required to send Put or Patch commands to the API?

 

I've tried sending to both URLs

 https://api.ote-godaddy.com/v1/domains/domain-name/records

and 

 https://api.godaddy.com/v1/domains/domain-name/records

 

Any help is greatly appreciated!!

 

Helper VI

Normally, these types of requests needs credentials because you don't just anybody to add an A record on your DNS zones... The credentials can usually be passed via OAuth, post data or via headers... Some APIs allow using tokens in the url...  It all depends in the API... Check their documentations 

~Jan Mykhail Hasselbring Web Administrator @ fullstackwebsolution.com

I'm posting this for the benefit of the community just in case someone else runs into this issue.

I got this response from api@godaddy.com and solved my problem.   Impressive support response.

 

 


Thank you for contacting API Support regarding the 403 Forbidden error you are receiving, as I understand, this only occurs for non-GET requests, so if you were POSTing, PATCHing, or PUTing. Would you happen to be using a RESTful application like Postman or RESTlet to make these requests? If you are, I think you are actually getting a 403 CORS Forbidden error.

I was able to add the specified 'testrecord' with your request.

1) make sure you are using Test keys in the Test environment (api.ote-godaddy.com) and Prod keys in the Production environment (api.godaddy.com)
2) make sure you are not mix matching keys and secrets, I'd go ahead and delete all keys and generate new ones
3) if you are using Postman, be sure to use the Native App for Postman and not the Chromium browser based app (the Chrome app is the one that gets the 403 CORS error, the Native app works just fine: https://www.getpostman.com/apps)
4) if you are still having an issue

add this custom header to your request:
{
"x-debug": "true"
}

make your request, get the error

then, inspect the response headers

Look for this header `X-Request-Id`

View solution in original post