_thegoldenegg_
_thegoldenegg_13mo ago

PermissionDenied when trying to get a user using Zitadel dotnet SDK

Hi, I'm using Zitadel dotnet SDK to get a user, I used the PersonalAccessToken method as shown in the example, I gave the service user IAM Owner permission in the instance as well as Organization Owner in ZITADEL org, however I always get this error when calling the Method: Grpc.Core.RpcException: Status(StatusCode="PermissionDenied", Detail="Bad gRPC response. HTTP status code: 403")
1 Reply
_thegoldenegg_
_thegoldenegg_OP13mo ago
For more context, I'm using Zitadel via Nginx reverse proxy with external tls, here is my conf file: 
server {
    listen 80;
    listen [::]:80;
    server_name domain.com;

    location / {
        grpc_pass grpc://127.0.0.1:6545;
        grpc_set_header Host $host;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = domain.com) {
        return 301 https://$host$request_uri;
server {
    listen 80;
    listen [::]:80;
    server_name domain.com;

    location / {
        grpc_pass grpc://127.0.0.1:6545;
        grpc_set_header Host $host;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = domain.com) {
        return 301 https://$host$request_uri;
I've also verified that the website is using http2 protocol via devtools it shows h2 I found the solution, It was cloudflare that was blocking the grpc connection, I had to enable it in Network > enable Grpc, in cloudflare dashboard

Did you find this page helpful?