I'm calling REST api of Contact ,Account and Case management for CRUD operation. I'm calling Creatio CRM REST from WSO2 EI. It is identical the Request which is send from the Postman or Rest Client.
But it gives 302 Status for WSO2 EI calling the Creatio REST while it gives 403 for Postman or Restclient If BPMCSRF header doesn't contain cookie value.
If the BPMCSRF header value contains correct cookie value from the Login request, Postman or Restclient gives 201/200 for success operation and WSO2 EI gets same 302 response. Login API call working fine from the WSO2 EI.
Sample Request from WSO2 EI
"POST /0/odata/Account HTTP/1.1[\r][\n]"
"Accept: application/json;odata=verbose[\r][\n]"
"X-Requested-With: XMLHttpRequest[\r][\n]"
"ForceUseSession: true[\r][\n]"
"Content-Type: application/json[\r][\n]"
"Content-Length: 228[\r][\n]"
"Host: 103594-crm-bundle.creatio.com[\r][\n]"
"Connection: Keep-Alive[\r][\n]"
"User-Agent: Synapse-PT-HttpComponents-NIO[\r][\n]"
"[\r][\n]"
"{"Name":"API Test","AccountId":"e6574af1-3e92-4099-958e-e798f52ee016","JobTitle":"Marketing manager","BirthDate":"0001-01-01T00:00:00Z","Phone":"","MobilePhone":"+1 213 566 34 22","Email":"test@gmail","Completeness":30,"Age":19}"
Sample Response from Creatio
"HTTP/1.1 302 Found[\r][\n]"
"Server: nginx/1.14.1[\r][\n]"
"Date: Thu, 16 Sep 2021 06:21:05 GMT[\r][\n]"
"Content-Type: text/html; charset=utf-8[\r][\n]"
"Content-Length: 170[\r][\n]"
"Connection: keep-alive[\r][\n]"
"Cache-Control: private[\r][\n]"
"Location: /Login/NuiLogin.aspx?ReturnUrl=%2f0%2fodata%2fAccount[\r][\n]"
"X-AspNet-Version: 4.0.30319[\r][\n]"
"X-Powered-By: ASP.NET[\r][\n]"
"X-Frame-Options: SAMEORIGIN[\r][\n]"
"X-Content-Type-Options: nosniff[\r][\n]"
"[\r][\n]"
"Object moved[\r][\n]"
"
Object moved to here.
[\r][\n]"
"
.