PAM Portal: Role activation fails with HTTP 406 due to missing contentType

[ccthis]

Fix: Add missing contentType to createPamRequest AJAX call

Problem

Role activation fails with HTTP 406 "Not Acceptable" errors in the PAM Portal sample due to missing contentType specification in the createPamRequest() function.

Root Cause

Modern jQuery versions default to sending JSON data when no contentType is specified, but the PAM REST API only accepts application/x-www-form-urlencoded format.

Solution

Add explicit contentType specification to the AJAX request in pamRestApi.js:

// Before (broken)
return $.ajax({
    url: BuildPamRestApiUrl('pamrequests'),
    type: 'POST',
    data: requestJson,
    xhrFields: { withCredentials: true }
})

// After (fixed)
return $.ajax({
    url: BuildPamRestApiUrl('pamrequests'),
    type: 'POST',
    data: requestJson,
    contentType: 'application/x-www-form-urlencoded',  // Add this line
    xhrFields: { withCredentials: true }
})

Files Changed

• Privileged-Access-Management-Portal/src/js/pamRestApi.js (line ~51 in createPamRequest function)

Testing

Before: HTTP 406 errors when activating roles
After: Successful role activation with HTTP 200 and proper response

Impact

• Fixes: Role activation functionality
• Security: Improves security (form-encoded vs JSON)
• Compatibility: No breaking changes, fully backward compatible

This is a minimal one-line fix that resolves a critical functionality issue in the sample.