Edit survey through API

Hey all,

Editing a report via the Kobo API endpoint by authentication with the API Key only seems to work as long as I am also logged in as a user to the KoboToolbox web environment.

Many other API endpoints are accessible with the API Key only, and that used to be the case with the edit endpoint too in the past.

Does anyone know what I am missing?

My test form is here:
https://ee-eu.kobotoolbox.org/x/AoIhYvar

When using my API Key to post to this API endpoint:
https://eu.kobotoolbox.org/api/v2/assets/aR8XkRVtZD5GpsX8pkvzwv/data/553107085/enketo/edit/?return_url=false
the server does return a url, for example:
https://ee-eu.kobotoolbox.org/edit/rQUcb1BV?instance_id=ec9b11b8-4abd-442d-a98f-58034933341d&return_url=false

But sending that to a browser, e.g. Edge or Brave, gives this result:

Sometimes though, interestingly, the survey does load, but when I submit the form this error is shown:

Not allowed to post data to this data server.
Contact the survey administrator please. (403)

However, when I happen to be logged in to KoboToolbox, all works fine.

Much appreciating your help,
Bert

Welcome back to the community, @bert12! This post discussed previously should help you solve your issue:

Thank you @Kal_Lam for your continued support over the years! :+1:

But these related posts seem to deal with obtaining the url from the API, or with authenticating with the API, or with the format of the API request or with the duration of the validity of the API response.

In my case however I authenticate successfully with the API and I do receive a valid url back from the API and am able to automatically forward it to the browser within the time of validity.

My problem is that ONLY if I am also logged in to the web environment of Kobo, then the link that was returned from the API results in a correctly loading report that can be edited and succesfully re-submitted. But, if I am not logged in the web environment of Kobo, the link that was returned from the API in a browser shows the error from my message above.

Which is odd, since I already authenticated by API Key to obtain the edit url and also since my project is open to receive submissions without login.

To reproduce the issue, this little php script authenticates with the API in my project, gets the url to edit the report and forwards the url to the browser:
https://entrack.org/test/edit_test.php

Much appreciating your thoughts!

Hi,
@jnm, from your responses to other questions I think you have in-depth knowledge about this. Would be great if you can have a look.

Basically my issue is:
For editing a submission through the link given by the edit-endpoint of the API it seems like I have to authenticate twice: one time with the API to obtain the edit link, and a second time when opening the link in a browser.

The first authentication is always succesful, I receive the edit link back from the API and that url is in the exact same format as if I would edit a submission through the Kobo interface.
But then with sending that url to a browser it seems I need to authenticate again, as I get the error as shown in my post above.

Is there maybe a special authentication header that I should send along to the browser together with the edit url?