Axios GET request to the discord API gives a 403 forbidden response, but works in Postman

Question

I am using axios to make a HTTP GET request to the discords API on my local environment.

I am using the below code:

axios.get('https://discord.com/api/channels/735303230694621228', {
    withCredentials: true,
    headers: {
      Authorization: 'Bot ' + botToken,
    },
  }).then((data) => {
    res = data.response
  })

The Bot is the owner of channel id: 735303230694621228 and has all the correct permissions.

Actual Result:

The preflight request (OPTIONS) gives a response of 200 with all the correct headers.

After the preflight, the GET request will happen and gives me the following response:

403 Forbidden

The browser will also give a CORS error, but I'm pretty sure that is because of the 403 response, as the 403 does not give all the correct CORS headers.

Expected result:

Status 200 OK

I try https://discord.com/api/channels/735303230694621228 with Postman with the same Bot token and it gives me a 200 response with the expected body.

Does anyone have any idea why I am getting a 403 when I use axios with the browser on my local enviroment, but I get a 200 response with postman?

Answer 1

Discord responds with a 403 for some User-Agent s on some API resources.

To test this, send a Postman request with your User-Agent header set to a value that matches a browser eg User-Agent: Mozilla/5.0

Sadly, the browser will override the User-Agent header in an axios.get() , even if you define one in your .get() 's config.

The above is why Postman ( User-Agent: PostmanRuntime/7.0.0 ) receives a 200 response, but your browser ( User-Agent: Mozilla/5.0 ) receives a 403 .

---

It's worth noting that the Discord API documentation does not explain this (as at August 2020) https://discord.com/developers/docs/resources/channel#get-channel