question

rockman avatar image
rockman asked rockman commented

getting {"message":"401 Unauthorized"} trying to use the api

hello , i´m new to clover, i´m trying to make my first steps with a pos webapp but i got frustrated trying to test the api.

i get the code from https://www.clover.com/oauth/merchant...

that give me code=e783b87d-7a81-c688-2d76-b6af01a31704 to get the token https://www.clover.com/oauth/token?client_id=237GZNE9M0094&client_secret={appSecret}&code=e783b87d-7a81-c688-2d76-b6af01a31704

afther get the token i go to https://api.clover.com/v3/merchants/237GZNE9M0094/items?access_token=[redacted] {"message":"401 Unauthorized"} can you help , what i´m do bad?

2 comments
10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Brian Murray avatar image Brian Murray commented ·

Please do not post access tokens publicly. I've edited your message to remove it.

0 Likes 0 ·
rockman avatar image rockman commented ·

ok , thanks

0 Likes 0 ·

2 Answers

Brian Murray avatar image
Brian Murray Deactivated answered rockman commented

The access token you posted has no permissions associated with it. Please ask the merchant to give you the INVENTORY_R permission.

3 comments
10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

rockman avatar image rockman commented ·

Thanks , i create a new merchant now i can access data from the api via

https://www.clover.com/api_docs#!/mer...

works but if i try to do it via javascript

$.ajax({

beforeSend:function(xhr){ 

xhr.setRequestHeader("access_token","[token]");

}, url:conf.baseUrl+QueryString.merchantid+"&accesstoken=[token]",

        done:function(e){

            $("#output").html(e);

        },

        fail:function(e){

            console.log("Fail:",e);

        },

        complete:function(){

            console.log("complete");

        }

    });

still get {"message":"401 Unauthorized"}

0 Likes 0 ·
Bryanne Vega avatar image Bryanne Vega commented ·

Your request is wrong on the header.

It should be Authorization: Bearer {token}

Note: Authorization Bearer {token}

Some clients don't use the " : "

0 Likes 0 ·
rockman avatar image rockman commented ·

thanks Bryanne, but still dont work , this is my corrected code , i checked the token in https://api.clover.com/v3/access_toke... token here} and result valid, please tell me what can be wrong with this cause i´ve tried all what i know

    $.ajax({
        beforeSend:function(xhr){
            xhr.setRequestHeader('Authorization','Bearer (token)');
        },

        url:conf.baseUrl+QueryString.merchant_id,
        done:function(e){
            console.log(e);
            $("#output").html(e);
        },
        fail:function(e){
            console.log("Fail:",e);
        },
        complete:function(){
            console.log("complete");
        }
    });
0 Likes 0 ·
Bryanne Vega avatar image
Bryanne Vega answered Mike M commented

There are 3 things you need to verify

  • Verify the access on the app (Not required modules, rather the POST/GETS permissions below it)
  • Are you receiving a token or a code? Tokens can be used immediately for API access, codes on the other hands, need to be exchanged for a token. You can verify which you're using by going to your app and setting up the Web App to Token/Code.
    • Have you've changed the permissions in the app? You must uninstall and re-install your app, permissions changes are only applied when a new installation is in place, old installations will remain with their old permissions set.

Once you've verified, please comment back with results.

1 comment
10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Mike M avatar image Mike M commented ·

Great points Bryanne.

As an additional resource, you may use the following endpoint below to verify permissions of an access token. If the permission isn't there, then one of the points Bryanne mentioned wasn't successfully completed. (The most common error is forgetting to [re]install the app in order to properly generate a token) https://api.clover.com/v3/access_tokens/{access token here}

0 Likes 0 ·

Welcome to the
Clover Developer Community