Retrieve the Configuration API issue

We are using Threekit Configurations API as per given documentations :
Documentation URL:-

We are following the below mentioned steps:

1.) When we are calling below mentioned API with bear token and body parameters:


After API call we are getting the response like:

    "id": "d185-45c6-9f66",
    "productId": "a03c-4f61-a143",
    "productVersion": "v1",
    "variant": null,
    "metadata": null,
    "createdAt": "2020-12-19T10:30:17.090Z",
    "shortId": "229RzzKH7",
    "orgId": "3ca4-4d9d-98fd",
    "thumbnail": null,
    "customerId": null,
    "scope": null,
    "identifier": null

2.) When we call below code with the value of above response. We are getting 403 forbidden error.

curl_setopt_array($curl, array(
  CURLOPT_URL => '',
  CURLOPT_POSTFIELDS => array('orgId' => 'orgId=\'3ca4-4d9d\'','productId' => 'a03c-4f61-a143','productVersion' => 'v1','shortId' => '229RzzKH7','files'=> new CURLFILE('/C:/Users/vikram/Pictures/AWCO/side-bar-1935-1940-1.jpg'),'variant' => '','metadata' => '','SKU' => '','customerId' => ''),
    'Authorization: Bearer {auth_token}'

Error response:

    "status": 403,
    "code": "forbidden",
    "message": "Forbidden"

Can you please give us any solution.!

We are trying to do this in WordPress, and even tested using Postman for API’s response. Attached is the screenshot with debug output.



In your POST data, you are specifying the orgId as ‘3ca4-4d9d’. This does not look like a valid orgId. orgId is a UUID, and would look like the following format: ‘8d58cad8-dbf1-4270-b552-c0f637c8171d’. This should be the id of an existing org on the platform (you can find the id of your org by going to{orgName}/settings/profile). The {auth_token} in the Authorization header should be a token that exists on that org.

Hope that helps,

1 Like


We are passing valid orgId as per the mentioned format but due to some security purpose we have shown short orgId in CURL code.

We are sharing the screenshot of curl code which we are using so please provide us any solution for 403 forbidden error.

Vikram Sharma

@vikram_s can you please confirm the type of token you are using? I believe I found the org you are working in via the ID in the code and I only see Public Tokens, if you are querying a server-side API you will need to create a private token.

Public Access Tokens

Public access tokens are designed to be used within a third-party website configurator embed. As these tokens will be embedded into a website, they will be viewable within the website’s served code. Consequently these tokens have the minimum permissions necessary to access an organization’s configurator, to save customer’s configurations, and to send analytics.

When creating a public access token, a list of domains must be supplied. This list determines which websites can use the token. When a website outside of this list tries to use the token, it will be stopped by the browser’s CORS Policy.

Private Access Tokens

In contrast to public access tokens, private access tokens are designed to authenticate when using the broader Threekit API. Private access tokens have the full permissions of the user who created them, within the token’s organization.


We have configured three kit on third party website and also tried with private token but getting the same error.

Vikram Sharma

Thanks for the extra details, let me look into this and I will follow up with you. I have added myself and created a token in the org for troubleshooting.

Hi Will,

Happy New Year.
I hope that you and your team must be back from the holidays. We are eagerly waiting for your response on the above question. We were able to fetch the attributes of the model from tje configurator using jQuery and exported the same in the PDF. Now we need to export the final product model image/screenshot in the PDF.

Kindly guide us.

Hi @vikram_s thanks for your patience while I was out of the office, happy new year to you! Can you please try one more thing and let me know if it resolves your issue?

When you are entering your org ID I see:
('orgId' => 'orgId=\'123-456-789''...)

Remove the second occurrence of orgId so the code looks more like:
('orgId' => '123-456-789'...)

Let me know if this does or does not resolve your issue.

Hello Will,

We have removed the second occurrence from orgId and tried again.We are getting same error.

@slava will reach out to troubleshoot further.


Hi @vikram_s,

The metadata parameter should be a JSON or a stringified JSON, empty string “” won’t work, you can use null instead.

for example, this won’t work:

"productId": "xxxx",  
"orgId": "xxx",  
"productVersion": "test config", 
"metadata": "" 

this works

"productId": "xxxx",  
"orgId": "xxx",  
"productVersion": "test config", 
"metadata": null 

and this works

"productId": "xxxx",  
"orgId": "xxx",  
"productVersion": "test config", 
"metadata": "{}" 

Can you try again and let us know if it works for you?


1 Like

You have the ability to take a snapshot anytime but in this case, it makes sense to save the configuration, take a snapshot (512x512), save it with the configuration, and then recall it for post order workflow.

  1. Request a render of that item + config:
  2. Save the configuration and include the rendered image:
  3. When you want to generate the PDF, recall that config’s image:

It’s called “thumbnail” but it’s not limited to traditional thumbnail size/resolution (edited)

Hello Zli,

We have tried with null. We are getting same issue.


Hi @vikram_s

Can you try Raw body data instead of the form-data? BTW we don’t accept files in this api



We are trying to get snapshot using (await player.snapshotAsync()) function and we getting response in base64.

After decode the string getting very small image. Kindly check attachment


When we are trying to call (await player.snapshotAsync()) on local domain.Getting error:

On local domain we are using same process.


Ok Zli

Thank you so much for taking the time to create this demo.

I will be check it based on our scenario and update you soon.

Hello Zli,

We have already tried the same process but not get any success. If you are suggesting to us. We will try it again.


Hi Zli and Will,

Can you please update about this. We have tried all the ways you have mentioned. We are stuck. If you need source code from our side, then we can share it with you, if that helps.


@zli is going to reach out to you through proper support channels to resolve this issue. I am going to lock this forum thread as you will get a member of our team to help. Please message me directly if you have any questions.