403 Forbidden error when issuing query


I’m not sure if this is the correct forum for this post so feel free to put me right if necessary.

I have a homegrown media application which uses MusicBrainz occasionally for CD metadata. I haven’t had any reason to access the database for a while but now when I try I get a 403 Forbidden response no matter what query I try.

The software I use to access MusicBrainz is my own and hasn’t changed for some time.

What might be the problem?


AFAIK a 403 should only happen if you try to access personal Information (e.g. your Tags, ratings or private collections) with the web service. In this case you have to provide your credentials in the request. But not sure what could have changed recently to make your application fail.

Can you give an example for a request failing?


Thanks for the quick response. Here’s the query.


The disc ID is for ‘In The Lonely Hour’ by Sam Smith.

I’ve done some more testing and looked at the request and response messages with a network monitor.

There is the single Get request and the response code is 403. Strangely though the HTTPPayloadLine message (which is in JSON format) says

“error”: "Your requests are being throttled by MusicBrainz because the application you are using has not identified itself. Please update your application, and see http://musicbrainz.org/doc/XML_Web_Service/Rate_Limiting for more information

There is no closing quotes on the line. I haven’t tries parsing it as JSON but suspect it would fail. Also the address doesn’t exist on the MusicBrainz site apparently.

I don’t see how throttling can be the problem. I sent in a single GET request and even when I am using my application normally it’s far below the throttling limits.

I’ve also tried it with various settings in the GET message headers with the same 403 result every time.

I have also tried the query with IE 10. Sometimes it works and returns xml, sometimes JSON and sometimes it responds with ‘service unavailable - your requests are exceeding the allowable rate limit’ again with just a single GET request.


The error code for rate limiting is 503. Are you sure you get a 403?

I also get a well-formed JSON response, with closing quotes and braces.


Please see the link provided in the error message, especially the section “Provide meaningful User-Agent strings”.

Your application is likely using a generic User-Agent set by the underlying HTTP Library or no User-Agent at all. Please set a meaningfull User-Agent Header that identifies your application.


I’ve tried setting a user agent. It made no difference. And it is definitely a 403.

Here are a couple of links to screenshots for the request and response. They come from Microsoft Network Monitor. The first is the request, the second is the response.




My user agent header was wrong (UserAgent - no hyphen). Once I corrected it I started getting data back.

My application was previously not implementing the user agent header so was anonymous. Has the requirement that a user agent be mandatory come in recently?


In general the handling of requests without user agent changed already quite a while back, see this blog post :). But it is quite possible that it maybe was not enforced as strictly and changed again recently due to the load issues on the server, but I don’t know any details.


Anyway, thanks for your help with this problem.