Getting Access is denied erro when trying to place an order

Hello, I am trying to place an order using a python script with the help of the REST API. I am getting this error.

Below is my request code.

import requests

headers = {
    'accept': 'application/json',
    'Authorization': 'Bearer <my_token_here>'

json_data = {
    'accountSpec': 'my_username',
    'accountId': 100001,
    'action': 'Buy',
    'symbol': 'MYMM1',
    'orderQty': 1,
    'orderType': 'Market',
    'isAutomated': True
}'', headers=headers, json=json_data)


This is the error which I get when I make a request. I have enabled all the permission for my test API account.

{"failureReason":"UnknownReason","failureText":"Access is denied"}

Sorry for all the edits. Can someone please let me out?


In this case, the first thing I’d check is your API Key permissions. You’ll need to make sure you have Contract Library set to Read, Positions set to Read, Account Information set to at least Read, and Orders set to Full Access. For development purposes, I’d just enable them all. You can always filter out what you don’t need before you transition to the Live API.

Thanks, for the help I was able to get it working using the correct Account id. But all my orders are getting rejected as I have checked from endpoint.

How can I get the reason for the order getting failed?

You can find the ExecutionReport entity associated with the order (/executionReport/deps?masterid=orderId), it should have a rejectReason field.

I’m having the same issues, I have a Full Permission API created. But not able to create an order on either demo or live endpoints.

I’m also having the same problem. I’m getting:

  s: 200,
  i: 4,
  d: { failureReason: 'UnknownReason', failureText: 'Access is denied' }

I’m using the demo endpoint. I have full permissions on my API key. I’m having no issues authorizing both websocket connections. I’m sure I’m using the correct websocket (I’m getting status code 200 on my responses). I’m getting the same error on the HTTP interface. I created a device UUID that is hardcoded but I’ve only run my application from the same device so far. The “accountSpec” field on my placeOrder request is using the value of the “name” field on the response from the “user/list” endpoint and the “accountId” uses the “id” field from the same response.
I can’t think of anything else I could do differently.