Why do I get "Unauthorized" when requesting JSON data for an archive I can view in the browser?
Question
I have a FotoWeb archive that I can view in the browser when logged in as a certain user. Guests do not have access to this archive.
If I add .json to the URL of the archive or a sub folder, instead of seeing JSON data, I get "401 Unauthorized". Shouldn't this work? How to get the JSON data of the archive?
Answer
You are not using the correct request URL (API URL) of the archive. You have to get the correct API URL from the archive list as described here:
See also the section Difference between href and data URLs at the bottom of this article: http://learn.fotoware.com/02_FotoWeb_8.0/Developing_with_the_FotoWeb_API/01_The_FotoWeb_RESTful_API/Collection_representation
It is a common mistake to copy the URL from the browser and use it in an API request. This works only when using unauthenticated guest access in the API client or if Guest and the request user of the API client have exactly the same permissions on the archive (which also means that the archive is public, i.e., accessible by Guest).
You typically notice this error if request URLs are of the form /fotoweb/archives/…
. This is not necessarily wrong, but it is generally wrong for archives which are not accessible by Guest, which is a common and reasonable configuration on most sites.