{'message': 'forbidden.'} What am I doing wrong?

Midi · March 9, 2022, 5:17am

import requests
import json

endpoint = "https://data.sandbox.alpaca.markets/v2"
headers = json.loads(open("key.txt",'r').read())

symbol = "MSFT"
bar_url = endpoint + "/stocks/{}/bars".format(symbol)
params = {"start" : "2022-01-01",
          "limit" : 600,
          "timeframe" : "1Hour"}

r = requests.get(bar_url, headers = headers, params = params)

data = r.json()

I have also tried this with url

https://data.alpaca.markets/v2

Additionally I have regenerated my key several times and made sure the correct key was brought over.

Every time I get the error: {‘message’: ‘forbidden.’}
Can someone please tell me what im doing wrong here?

oleg.rakhmatulin · March 9, 2022, 9:54am

You have to provide the secret id/key in HTTP request headers. Read more information here. This info is placed into the Trading API section of the new documentation but the authentication process is the same for all REST APIs provided by Alpaca.

Midi · March 10, 2022, 4:06am

Hi Oleg, isn’t that what im doing? the key.txt file contains json with my key and ID which are assigned to the headers variable. If this is incorrect, can you show me in code how to fix this issue? I am new to alpacas api.

Thank you

key.txt

{
"APCA_API_KEY_ID" : "XXXXXXXXXXXXX",
"APCA_API_SECRET_KEY" : "XXXXXXXXXXXXXXXXXXXXXXX"
}

oleg.rakhmatulin · March 11, 2022, 1:57pm

I’m not a Python developer. Your code looks fine but I’m not sure how headers passed into the requests.get function. Why not just check how it works with the official Python SDK?

Midi · March 11, 2022, 6:30pm

So looked at it appears according to this it’s just expecting a dictionary
https://docs.python-requests.org/en/master/user/quickstart/

I updated my code to directly pass the key values to the headers parameter and im still getting the same error

import requests
import json

endpoint = "https://data.alpaca.markets/v2"
headers = json.loads(open("key.txt",'r').read())

symbol = "MSFT"
bar_url = endpoint + "/stocks/{}/bars".format(symbol)
params = {"start" : "2022-01-01",
          "limit" : 600,
          "timeframe" : "1Hour"}

r = requests.get(bar_url, headers = {'APCA_API_KEY_ID':'XXXXXXXX','APCA_API_SECRET_KEY':'XXXXXXXXX'}, params = params)

data = r.json()

How confident are you that it’s the headers?

oleg.rakhmatulin · March 12, 2022, 7:44am

You should use dashes instead of underscores in header names. Read the documentation carefully.

Midi · March 14, 2022, 1:41pm

I can’t believe it that worked. Thank you!

jonathan.j.heath · January 22, 2023, 10:18pm

I am getting this error code as well with the exact same code. I have dashes instead of underscores. What else could be wrong?

Topic		Replies	Views
Error: 403 - {"message": "forbidden."} Alpaca Trading	0	484	March 30, 2023
Client connection Forbidden Getting Started with Alpaca	0	523	November 13, 2022
403 response forbidden Alpaca Trading	4	1271	November 25, 2021
Cannot fetch bars Alpaca Market Data	6	172	May 28, 2024
Symbol_bars = api.get_bars() returns Forbidden for url Alpaca Trading	6	340	August 25, 2023

{'message': 'forbidden.'} What am I doing wrong?

Related topics