Why am I getting a 403 or 401 error when uploading content using Panther Analysis Tool (PAT)?
Last updated: December 3, 2024
Issue
When uploading a schema using the Panther Analysis Tool (PAT), I receive one of the following error messages:
403 Forbidden Error:
Unhandled exception: "403, message='Forbidden', url='....'403 Unauthorized Error:
aiohttp.client_exceptions.ClientResponseError: 401, message='Unauthorized', url='....'
Resolution
Resolving a 403 error
In your Panther Console, click on the gear icon (Settings) on the top right of your screen.
From the drop-down menu, click API Playground.
Click the GraphQL tab, and copy the value of the field API URL field.
Ensure you are using this API URL value in your PAT command. It should look something like the following:
panther_analysis_tool update-custom-schemas --api-token YOUR_API_TOKEN --api-host https://api.xxx.runpanther.net/public/graphql --path YOUR_SCHEMA_PATH
Resolving a 401 error
Ensure that your API token has the appropriate permissions to perform the intended actions. For example,
update-custom-schemasrequires your API key to have the permissionsView Log SourcesandManage Log Sources.If you need to create a new API token with the appropriate permissions, wait for at least a couple of minutes after creating the token to use it.
Cause:
403 Error: This typically occurs because of an incorrect API URL.
401 Error: This can happen for the following reasons:
The API token lacks the appropriate permissions for the action being performed.
Propagation delays can cause temporary invalidation of newly created tokens.