403 Forbidden - Guild API

Miklo-11319 · November 17, 2024, 6:54am

Hey,

I’m attempting to request Guild information from the Defias-Pillager HC Classic server with the intent of sending that information to a Discord server webbook using the follow URL of which I believe is aligned with the Profile API Documentation

“Authorized” CURL request:

curl --dump-header - -H "Authorization: Bearer xxx" https://us.api.blizzard.com/data/wow/guild/defias-pillager/petri-on-god?namespace=profile-classic1x-us&locale=en_US&region=us

As per the documentation, I am providing:

The realmSlug (defias-pillager)
The guildSlug (petri-on-god)
The GET attributes (namespace, locale, region)

but alas I am returned this response:

HTTP/1.1 403 Forbidden
Date: Sun, 17 Nov 2024 06:28:16 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: accept-encoding
blizzard-token-expires: 2024-11-18T06:27:21.223Z
x-trace-traceid: 5659f74c-65f7-348b-857c-251eea0e9b7c
x-trace-spanid: 18074245-2328-6490-080f-fa164d7ca64f
x-trace-parentspanid: 18074245-2328-6460-080f-fa164d7ca64f
x-frame-options: SAMEORIGIN
X-Content-Type-Options: nosniff
server: blizzard

What I’ve tried:

Configuring a response to a different endpoint: Retrieving Realm information with the same access token.

curl --dump-header - -H "Authorization: Bearer xxx" https://us.api.blizzard.com/data/wow/realm/defias-pillager?namespace=dynamic-classic1x-us&locale=en_US

and I am returned this response:

HTTP/1.1 200 OK
Date: Sun, 17 Nov 2024 06:41:32 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Battlenet-Schema-Revision: 2
Last-Modified: Tue, 12 Nov 2024 15:46:44 GMT
Battlenet-Namespace: dynamic-classic1x-us
vary: accept-encoding
blizzard-token-expires: 2024-11-18T06:41:03.848Z
Cache-Control: public, max-age=86400
Battlenet-Schema: realm
x-trace-traceid: 3dc9a1c7-86d6-3fe7-bae9-ce0adfe6dcdf
x-trace-spanid: 18074245-2061-2740-a7d9-fa164d11b36f
x-trace-parentspanid: 18074245-2061-2710-a7d9-fa164d11b36f
x-frame-options: SAMEORIGIN
X-Content-Type-Options: nosniff
server: blizzard

{"_links":{"self":{"href":"https://us.api.blizzard.com/data/wow/realm/defias-pillager?namespace=dynamic-classic1x-us"}},"id":5126,"region":{"key":{"href":"https://us.api.blizzard.com/data/wow/region/81?namespace=dynamic-classic1x-us"},"name":"VANWOW Era North America","id":81},"connected_realm":{"href":"https://us.api.blizzard.com/data/wow/connected-realm/5126?namespace=dynamic-classic1x-us"},"name":"Defias Pillager","category":"Hardcore","locale":"enUS","timezone":"America/New_York","type":{"type":"NORMAL","name":"PvE"},"is_tournament":false,"slug":"defias-pillager"}

As AOTC seems to be getting Guild information, this seems to either be an incorrectly configured API call, or a token without valid authorization for this type of request (profile over dynamic)

How would I format this request, or how would I get an access token with access to this information?

Thank you!

Biddl-21377 · November 18, 2024, 8:58pm

It seems to be broken on era in general (since September at least). I can’t post links but there’s an open discussion on the WoW Classic Bug Report forum.

Astralarya-1129 · December 16, 2024, 8:17am

Updating to say that this is still broken. Please see the self contained repro here. Given that this functionality was working before the September 25th update and it is documented on the Battle.net API documentation, I believe this is a bug.

Try:

curl -i -H "Authorization: Bearer YOUR_AUTH_TOKEN" -H "Region: us" -H "Battlenet-Namespace: profile-classic1x-us" -X GET https://us.api.blizzard.com/data/wow/guild/whitemane/not-prepared

Result:

HTTP/1.1 403 Forbidden
Date: Tue, 05 Nov 2024 19:08:05 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: accept-encoding
blizzard-token-expires: 2024-11-06T10:01:27.832Z
x-trace-traceid: d309f9e7-1819-3e8d-8c0a-b236243a1253
x-trace-spanid: 1801b703-fe3a-34e6-e6e1-fa164d6d41f5
x-trace-parentspanid: 1801b703-fe3a-34b6-e6e1-fa164d6d41f5
x-frame-options: SAMEORIGIN
X-Content-Type-Options: nosniff
server: blizzard

{"code":403,"type":"BLZWEBAPI00000403","detail":"Forbidden"}

robr0-1312 · December 16, 2024, 12:39pm

Same problem. Please fix.

Ollyvia-1517 · December 17, 2024, 1:50am

These APIs are important to classic era. Our rrobin website relies on these APIs.

toilet-1642 · January 1, 2025, 12:13am

Thought I was going crazy when I was getting 403’s.

I wonder when they will fix this…

Domekologe-2110 · January 15, 2025, 8:00am

I dont think there will ever be a fix. I am waiting for a fix of the guild api for classic (cata) since months…

Ulminia-1676 · January 15, 2025, 4:40pm

i tryed whitemane/not-prepared and got a return its not a classic1x name space but normal classic-us
nameing changes as expansions are released

Domekologe-2110 · January 16, 2025, 8:28pm

Returns only works if the guild was “requested” already in the last time. I dont know why.
You can try it with:
Cataclysm (Classic)
EU
Server => Everlook
Guild: Krieger der alten Welt

I use:
eu
everlook
krieger-der-alten-welt
profile-classic-eu

Astralarya-1129 · January 16, 2025, 10:12pm

This is not the correct namespace. I would add a link to the Blizzard API documentation, but the forum won’t let me.

classic-us refers to Cataclysm Classic (Progression)

This ticket is about Classic Era, which uses the classic1x-us namespace

Ulminia-1676 · January 17, 2025, 6:16am

if your confused what one to use try both one will work thats the one you need for your guild when i tested Astralarya’s url it was not 1x(era) but progression

data/wow/guild/whitemane/not-prepared/roster?namespace=profile-classic-us - returns 3 members Allyscum,Crucbank,Ardicane

data/wow/guild/whitemane/not-prepared/roster?namespace=profile-classic1x-us - returns 403 so it does not exist

Astralarya-1129 · January 17, 2025, 9:16am

There is an Astralarya on Cataclysm, as well as a Not Prepared on Cataclysm. This is NOT about those. This is about Classic Era. The fact that the Cataclysm API is working is not relevant. Not Prepared on Classic Era has 617 members, not 3 members.

When you run data/wow/guild/whitemane/not-prepared/roster?namespace=profile-classic1x-us, it returns 403 which corresponds to unauthorized.

If you look for a guild that actually doesn’t exist, for example data/wow/guild/whitemane/nnot-preparedd/roster?namespace=profile-classic1x-us, it returns 404, which is the not found error.

So, it seems that the Guild API is partially working, in the sense that it at least returns 404 for not found and 403 if the guild exists. However, there is no way to get the API response. This used to work (yes, using the “classic1x-us” namespace)

Once again, I emphasize that this issue is NOT ABOUT CATACLYSM. This is about CLASSIC ERA which uses the classic1x namespace.

EDIT: link to related thread on the WoW Classic Bug Report forum (can’t post links but this is the path)
/en/wow/t/era-guild-and-guild-roster-api-no-longer-works/1969144/39

Ulminia-1676 · January 17, 2025, 3:36pm

ok i poked a cm about it see if i get a reply

Domekologe-2110 · January 18, 2025, 12:02pm

At first this isnt a ticket, this is a forum thread. Then the error occurs on whole Classic (it doesnt matter if its Cataclysm Classic or Classic Era). To open a new thread, for the same issue, in the same category is inefficient (at the end both are categorized as classic, they only use two namespaces within the same category).