Error 401 Unauthorized

GET https://sullivan.bestt.fr/api/commandes?etat=EV&idBestt=0

IP
216.73.216.212
Profiled on
Token
05beaa

Request / Response

Request

GET Parameters

Key Value
etat 
"EV"
idBestt 
"0"

POST Parameters

No POST parameters

Uploaded Files

No files were uploaded

Request Attributes

Key Value
_api_operation 
ApiPlatform\Metadata\GetCollection {#680
  #parameters: null
  #shortName: "Commande"
  #class: "App\Entity\Commande"
  #description: null
  #urlGenerationStrategy: null
  #deprecationReason: null
  #normalizationContext: [
    "groups" => [
      "read"
      "comm:read"
      "com:client:read"
    ]
  ]
  #denormalizationContext: [
    "groups" => [
      "write"
    ]
  ]
  #collectDenormalizationErrors: null
  #validationContext: null
  #filters: [
    "annotated_app_entity_commande_api_platform_doctrine_orm_filter_search_filter"
    "annotated_app_entity_commande_api_platform_doctrine_orm_filter_boolean_filter"
  ]
  #mercure: null
  #messenger: null
  #input: null
  #output: null
  #order: null
  #fetchPartial: null
  #forceEager: false
  #paginationEnabled: null
  #paginationType: null
  #paginationItemsPerPage: null
  #paginationMaximumItemsPerPage: 30
  #paginationPartial: null
  #paginationClientEnabled: null
  #paginationClientItemsPerPage: null
  #paginationClientPartial: null
  #paginationFetchJoinCollection: null
  #paginationUseOutputWalkers: null
  #security: "is_granted('ROLE_AGENCE') or is_granted('ROLE_SUPERVISEUR')"
  #securityMessage: "Vous n'avez pas le droit d'accéder à cette ressource."
  #securityPostDenormalize: null
  #securityPostDenormalizeMessage: null
  #securityPostValidation: null
  #securityPostValidationMessage: null
  #provider: "ApiPlatform\Doctrine\Orm\State\CollectionProvider"
  #processor: "api_platform.doctrine.orm.state.persist_processor"
  #stateOptions: ApiPlatform\Doctrine\Orm\State\Options {#772 …}
  #rules: null
  #policy: null
  #middleware: null
  #queryParameterValidationEnabled: null
  #strictQueryParameterValidation: null
  #hideHydraOperation: null
  #extraProperties: [
    "user_defined_uri_template" => true
  ]
  #paginationViaCursor: null
  #read: null
  #deserialize: null
  #validate: null
  #write: null
  #serialize: null
  #priority: 0
  #name: "_api_/commandes_get_collection"
  #method: "GET"
  #uriTemplate: "/commandes"
  #types: null
  #formats: null
  #inputFormats: [
    "json" => [
      "application/json"
    ]
    "jsonld" => [
      "application/ld+json"
    ]
    "html" => [
      "text/html"
    ]
    "xml" => [
      "application/xml"
      "text/xml"
    ]
    "yaml" => [
      "application/x-yaml"
    ]
    "csv" => [
      "text/csv"
    ]
    "multipart" => [
      "multipart/form-data"
    ]
  ]
  #outputFormats: [
    "json" => [
      "application/json"
    ]
    "jsonld" => [
      "application/ld+json"
    ]
    "html" => [
      "text/html"
    ]
    "xml" => [
      "application/xml"
      "text/xml"
    ]
    "yaml" => [
      "application/x-yaml"
    ]
    "csv" => [
      "text/csv"
    ]
    "multipart" => [
      "multipart/form-data"
    ]
  ]
  #uriVariables: []
  #routePrefix: null
  #routeName: null
  #defaults: null
  #requirements: null
  #options: null
  #stateless: null
  #sunset: null
  #acceptPatch: null
  #status: null
  #host: null
  #schemes: null
  #condition: null
  #controller: null
  #headers: null
  #cacheHeaders: null
  #hydraContext: null
  #openapi: ApiPlatform\OpenApi\Model\Operation {#776 …}
  #exceptionToStatus: null
  #links: null
  #errors: null
  -itemUriTemplate: null
}
_api_operation_name 
"_api_/commandes_get_collection"
_api_resource_class 
"App\Entity\Commande"
_controller 
"api_platform.action.placeholder"
_firewall_context 
"security.firewall.map.context.api"
_format 
null
_route 
"_api_/commandes_get_collection"
_route_params 
[
  "_stateless" => null
  "_api_resource_class" => "App\Entity\Commande"
  "_api_operation_name" => "_api_/commandes_get_collection"
  "_format" => null
]
_stateless 
null
_stopwatch_token 
"71170a"
input_format 
null

Request Headers

Header Value
accept 
"*/*"
accept-encoding 
"gzip, br, zstd, deflate"
host 
"sullivan.bestt.fr"
user-agent 
"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)"
x-php-ob-level 
"1"

Request Content

Request content not available (it was retrieved as a resource).

Response

Response Headers

Header Value
cache-control 
"no-cache, private"
content-type 
"application/json"
date 
"Mon, 22 Dec 2025 11:04:08 GMT"
referrer-policy 
"no-referrer, strict-origin-when-cross-origin"
x-content-type-options 
"nosniff"
x-debug-token 
"05beaa"
x-frame-options 
"DENY"

Cookies

Request Cookies

No request cookies

Response Cookies

No response cookies

Session

Session Metadata

No session metadata

Session Attributes

No session attributes

Session Usage

0 Usages
Stateless check enabled

Session not used.

Flashes

Flashes

No flash messages were created.

Server Parameters

Server Parameters

Defined in .env

Key Value
AGENCY_CODE 
"ma-boulangerie"
APP_DEBUG 
"1"
APP_ENV 
"dev"
APP_SECRET 
"fa0f6bde4ef0646f28b9564a9b987de1"
BESTT_NET 
"37"
CANDIDATHEQUE_API_PASSWORD 
"queenLil7Vera69&&"
CANDIDATHEQUE_API_URL 
"https://candidatheque.com/api"
CANDIDATHEQUE_API_USERNAME 
"admin@candidatheque.com"
CORS_ALLOW_ORIGIN 
"^https?://(localhost|127\.0\.0\.1)(:[0-9]+)?$"
DATABASE_URL 
"mysql://sullivan:kBZBTpvrCZZfhs6rXxaz@localhost:3306/sullivan?serverVersion=mariadb-10.11.7&charset=UTF8"
ENC_DEC_KEY_AUTRE_DOC 
"ARwJke4t8xL9+tFWlYBgB9kf+hFi4H5ktyAlhATH59s="
ENC_DEC_KEY_CI1 
"lTdovjygMC5ffH/Kg8B4o1qvPOQsaWUDvNaaAajWH3A="
ENC_DEC_KEY_CI2 
"qjt7bWJdUkH8OG4byobSHpAPndj6uFWwn9+KR4d9caY="
ENC_DEC_KEY_CV 
"QYHc+3/I7IzXhFBT2Vb5kbXvEyMcnVGRE997SIN3098="
ENC_DEC_KEY_CVT 
"SDzqjHbVMMEAz8NZ/6tVrkkc4wClDcyplenTWgMT5zM="
ENC_DEC_KEY_PHOTO 
"3//J/g2MDC6VDhIg89S+7JuHOt9/uuR6/NTl9oFxu/g="
ENC_DEC_KEY_RQTH 
"k9d6hhuIoh0SCBDMTvtzB3iAJsRqpzoRl5rw8xyEv40="
JWT_PASSPHRASE 
"AlphaBeta"
JWT_PUBLIC_KEY 
"%kernel.project_dir%/config/jwt/public.pem"
JWT_SECRET_KEY 
"%kernel.project_dir%/config/jwt/private.pem"
MAILER_DSN 
"smtp://547d2854288ebf:95f3079a635487@sandbox.smtp.mailtrap.io:2525"
MESSENGER_TRANSPORT_DSN 
"doctrine://default"
PORTAL_API_KEY 
"ma-boulangerie-api-key-2c996fe8cb29d43397f7e2597b7af5b9"
PORTAL_BASE_URL 
"https://portail-test.bestt.fr"
SECURE_SCHEME 
"https"
VAPID_PRIVATE_KEY 
"RUK78S-2VmC79fLbZAB6Ny3EZiXVKxnRMMqU-V13bIE"
VAPID_PUBLIC_KEY 
"BB2-mADr3FDF_K_3Iwk8AmHzQmbL-c29t8IgH0dt3f16E2ELQP-avVpwJJ8rlUJWGEIQIn3MYNVG9N79RfwYTbo"
WKHTMLTOIMAGE_PATH 
"/usr/local/bin/wkhtmltoimage"
WKHTMLTOPDF_PATH 
"/usr/local/bin/wkhtmltopdf"

Defined as regular env variables

Key Value
CONTEXT_DOCUMENT_ROOT 
"/sites/sullivan/public"
CONTEXT_PREFIX 
""
DOCUMENT_ROOT 
"/sites/sullivan/public"
FCGI_ROLE 
"RESPONDER"
GATEWAY_INTERFACE 
"CGI/1.1"
HOME 
"/var/www"
HTTPS 
"on"
HTTP_ACCEPT 
"*/*"
HTTP_ACCEPT_ENCODING 
"gzip, br, zstd, deflate"
HTTP_HOST 
"sullivan.bestt.fr"
HTTP_USER_AGENT 
"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)"
PATH 
"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"
PHP_SELF 
"/index.php"
QUERY_STRING 
"etat=EV&idBestt=0"
REDIRECT_HTTPS 
"on"
REDIRECT_QUERY_STRING 
"etat=EV&idBestt=0"
REDIRECT_SSL_TLS_SNI 
"sullivan.bestt.fr"
REDIRECT_STATUS 
"200"
REDIRECT_UNIQUE_ID 
"aUklqF3PgkaUAhMSjTG7ggAAAFc"
REDIRECT_URL 
"/api/commandes"
REMOTE_ADDR 
"216.73.216.212"
REMOTE_PORT 
"45530"
REQUEST_METHOD 
"GET"
REQUEST_SCHEME 
"https"
REQUEST_TIME 
1766401448
REQUEST_TIME_FLOAT 
1766401448.4138
REQUEST_URI 
"/api/commandes?etat=EV&idBestt=0"
SCRIPT_FILENAME 
"/sites/sullivan/public/index.php"
SCRIPT_NAME 
"/index.php"
SERVER_ADDR 
"141.94.115.164"
SERVER_ADMIN 
"webmaster@localhost"
SERVER_NAME 
"sullivan.bestt.fr"
SERVER_PORT 
"443"
SERVER_PROTOCOL 
"HTTP/1.1"
SERVER_SIGNATURE 
"<address>Microsoft-IIS/6.0 Server at sullivan.bestt.fr Port 443</address>\n"
SERVER_SOFTWARE 
"Microsoft-IIS/6.0"
SSL_TLS_SNI 
"sullivan.bestt.fr"
SYMFONY_DOTENV_VARS 
"BESTT_NET,APP_ENV,APP_DEBUG,MAILER_DSN,SECURE_SCHEME,DATABASE_URL,CORS_ALLOW_ORIGIN,MESSENGER_TRANSPORT_DSN,CANDIDATHEQUE_API_URL,CANDIDATHEQUE_API_USERNAME,CANDIDATHEQUE_API_PASSWORD,WKHTMLTOPDF_PATH,WKHTMLTOIMAGE_PATH,APP_SECRET,JWT_SECRET_KEY,JWT_PUBLIC_KEY,JWT_PASSPHRASE,VAPID_PUBLIC_KEY,VAPID_PRIVATE_KEY,ENC_DEC_KEY_CI1,ENC_DEC_KEY_CI2,ENC_DEC_KEY_CVT,ENC_DEC_KEY_CV,ENC_DEC_KEY_PHOTO,ENC_DEC_KEY_AUTRE_DOC,ENC_DEC_KEY_RQTH,PORTAL_BASE_URL,AGENCY_CODE,PORTAL_API_KEY"
UNIQUE_ID 
"aUklqF3PgkaUAhMSjTG7ggAAAFc"
USER 
"www-data"
proxy-nokeepalive 
"1"