CodeIgniter REST API Library Ajax PUT throwing 403 Forbidden

i ended up finding out the 403 forbidden was because i was not providing an api key to generate keys..

Kind of abiguous as Phil's documentation doesn't state that an existing api key is required before you can generate keys..

I simply created a bogus key in the table in the db and referenced that when calling /key/index?X-API-KEY=boguskey

I have solved the problem of generating the api key.I'm using Phil Sturgeon's REST API server.Call the key controller using ajax call as such :

$("#submitGetApiKey").click(function(){    $.ajax({        url: "http://sitename.com/api/key/index?X-API-KEY=your_key_here",        crossDomain: true,  /* remove this if using the same domain*/        type: "PUT",        dataType: "jsonp",        error: function(XMLHttpRequest, textStatus, errorThrown){            alert(errorThrown);        },        success: function(data){            for (var i = keys.length - 1; i >= 0; i--) {                console.log(keys[i]);            };        }    }); });

Inside key controller:Search for function _generate_key() and check for $this->load->helper('security');. the security helper must be loaded for working of do_hash otherwise you will get 500 internal server error.

public function index_put(){    // Build a new key    $key = self::_generate_key();    // If no key level provided, give them a rubbish one    $level = $this->put('level') ? $this->put('level') : 1;    $ignore_limits = $this->put('ignore_limits') ? $this->put('ignore_limits') : 1;    // Insert the new key    if (self::_insert_key($key, array('level' => $level, 'ignore_limits' => $ignore_limits)))    {        $this->response(array('status' => 1, 'key' => $key), 201); // 201 = Created    }    else    {        $this->response(array('status' => 0, 'error' => 'Could not save the key.'), 500); // 500 = Internal Server Error    }}

Also, you may call http://sitename.com/api/keyindex?X-API-KEY=your_key_here in your browser's address bar by making a small change in your key controlleryou can replace the function name index_put with index_get.

Thanks

If you are calling this from a different domain, you may be running into some XSS issues. You might have to run it from your own server and call the function from it's own domain or possibly use the JSONP capability.

UPDATE: Are you able to see the transaction in Firebug using the NET Tab? Do you get JSON Back?Sometimes you have to add callback=? to the url request:http://dev.site1.com/api/key?callback=?

Update2: Are you able to bring the page up in the browser: (http://dev.mapitusa.com/api/key)If you get the same error, you should try giving 777 (full read/write) permissions to the site.