Summary: trying to update the user profile using POST REST call yields “Forbidden”.
Details:
I have the following code. id is the ID of the user.
FetchUser is another method that calls ListUsers with the ID so that only that user’s profile is returned.
I set a breakpoint at the last line to see what result I’m getting. It is always “Forbidden.” I can do this same update in Postman with no problems, so I know it’s something with my code.
Any ideas what I’m doing wrong?
public IActionResult UpdateUser(string id, string firstName, string lastName)
{
UserProfile userProfile;
FetchUser(id, out userProfile);
userProfile.FirstName = firstName;
userProfile.LastName = lastName;
HttpClient client = new HttpClient();
client.BaseAddress = new Uri(Startup.Configuration["Okta:Domain"]);
client.DefaultRequestHeaders.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
var PostTask = client.PostAsJsonAsync("/api/v1/users/" + id, userProfile);
PostTask.Wait();
HttpStatusCode code = PostTask.Result.StatusCode;
AdminModel model = new AdminModel();
CopyUserProfileToModel(userProfile, model);
return View(model);
}