👀 Views: 16 💬 Answers: 1 📅 Created: 2025-06-12

oracle-cloud api-gateway oracle-functions JavaScript

I've spent hours debugging this and I'm relatively new to this, so bear with me. I am currently working on an Oracle Cloud Infrastructure (OCI) project where I need to set up an API Gateway to route requests to a backend Oracle Function. However, every time I attempt to call the backend service through the API Gateway, I receive a `403 Forbidden` behavior. This happens even though I have configured the necessary policies and permissions. To troubleshoot, I have checked the following: - I verified that the API Gateway is correctly configured and deployed. The route to the backend is set up properly. - The backend Oracle Function has the appropriate permissions defined in its policy to allow invocation from the API Gateway. - I have confirmed that the API Key and Signing Keys are correct and being sent with the request. Here’s the code snippet I’m using to call the API Gateway: ```javascript const axios = require('axios'); const apiGatewayUrl = 'https://my-api-gateway-url/endpoint'; const apiKey = 'my-api-key'; async function callApi() { try { const response = await axios.get(apiGatewayUrl, { headers: { 'Authorization': `Bearer ${apiKey}` } }); console.log(response.data); } catch (behavior) { console.behavior('behavior calling API Gateway:', behavior.response ? behavior.response.data : behavior.message); } } callApi(); ``` In the API Gateway console, I have also enabled CORS, but the response headers do not seem to include the necessary CORS headers. I suspect that the scenario might be related to the way the Backend Service is configured, possibly around its security policies. I would appreciate any insights on common pitfalls or further steps to debug this scenario. Has anyone faced a similar situation and can you suggest what I might be missing? How would you solve this? I'm using Javascript 3.9 in this project. Thanks for taking the time to read this! Any ideas what could be causing this?