[SageX3 on-prem RestAPI Integration - query contract schema]

I guess it is the request url doesn't allow CORS request.

Because in normal web access, it works, but failed when you try to send the request by postman or other tools. 

[SageX3 on-prem RestAPI Integration - query contract schema]

Have you fixed it? 

It seems I have the same problem with you.

if the url have $xxx, it return BAD REQUEST, and forbidden info:

{"$diagnoses":[{"$severity":"error","$message":"Forbidden [x-9c41b01b73bb 2021-06-17T01:46:09.035Z]","$stackTrace":"Forbidden [x-9c41b01b73bb 2021-06-17T01:46:09.035Z]"}]}

[Forbidden post request]

when I send an post request in postman:

url: https://srvsyr01/api1/syracuse/collaboration/syracuse/userProfiles/$template/$workingCopies

or https://srvsyr01/trans/x3/erp/EXPLOIT/$sessions

I get the resuslt:

{"$diagnoses":[{"$severity":"error","$message":"Forbidden [x-9c41b01b73bb 2021-06-17T01:46:09.035Z]","$stackTrace":"Forbidden [x-9c41b01b73bb 2021-06-17T01:46:09.035Z]"}]}

}

How could I get the normal request result?