Response from Postman shows 200, But Android returns 403

I was trying to develop an android app using Volley, The api I used to communicate is working fine when I checked with POSTMAN and retrieves 200 .

But when I use the same API in my App its returns me 403 "Forbidden" <p〉You don't have permission to access /API/checkPassOtp on this server.〈/p〉

Please find the screenshot.
ScreeShot

I have tried multiple solution for this issue, But nothing worked for me.

Can anyone please help me.

Attaching volley code and error response

JSONObject jsonBody = new JSONObject();
try {
    jsonBody.put("otp", otp);
    Log.e("jsonBody", jsonBody.toString());
} catch (JSONException e) {
    e.printStackTrace();
}

JsonObjectRequest jsonObjReq = new JsonObjectRequest(Request.Method.POST, URL, jsonBody, new Response.Listener<JSONObject>() {
    @Override
    public void onResponse(JSONObject response) {
        // handle response data
        VolleyHelper.progressDialog.dismiss();
        Log.e("onResponse", response.toString());

    }
}, new Response.ErrorListener() {

    @Override
    public void onErrorResponse(VolleyError error) {
        VolleyHelper.progressDialog.dismiss();
        Toast.makeText(getApplicationContext(),error.toString(),Toast.LENGTH_SHORT).show();
        Log.e("onErrorResponse", error.toString());

    }

}) {
    @Override
    public Map<String, String> getHeaders() throws AuthFailureError {
        Map<String, String> params = new HashMap<String, String>();
        params.put("Content-Type", "application/json");
        return params;
    }
};


jsonObjReq.setRetryPolicy(new DefaultRetryPolicy(DefaultRetryPolicy.DEFAULT_TIMEOUT_MS * 2, DefaultRetryPolicy.DEFAULT_MAX_RETRIES, DefaultRetryPolicy.DEFAULT_BACKOFF_MULT));
Application.getInstance().addToRequestQueue(jsonObjReq, "app");
volleyHelper.showProgressDialogWithTitle(MainActivity.this);

Error response


Solution 1:

Try to use

"Accept", "application/json"

in your params (use both).

I have to use x-api-key when connecting with my company's webserver, but I'm not sure if you'll need it.