question

flin2024 avatar image
flin2024 asked flin2024 answered

API-only integration

We're doing API-only integration


Working on V1/charges API with “401 Unauthorized” for weeks on Sandbox. Requests prior to charging are all working without authorization errors. Here are what we've done:


1. Got public key with private auth_token

curl --request GET \

--url 'https://apisandbox.dev.clover.com/pakms/apikey' \

--header 'Authorization: Bearer 7aXXXXX-XXXX-XXXXX-XXXX-XXXXXXXXbd7'

2. Requested card Token

curl --request POST \

--url 'https://token-sandbox.dev.clover.com/v1/tokens' \

--header 'accept: application/json' \

--header 'apikey: d615XXXXXXXXXXXXXXXXXc2b' \

--header 'content-type: application/json' \

--data '{"card":{"number":"6011361000006668","exp_month":"12",

"exp_year":"2030","cvv":"123","brand":"DISCOVER"}}'

3. Make a charge with public auth_token

curl --request POST \

--url 'https://scl.clover.com/v1/charges' \

--header 'accept: application/json' \

--header 'authorization: Bearer f7XXXXXX-XXXX-XXXX-XXXX-XXXXXXXX6b7' \

--header 'content-type: application/json' \

--data '{"amount":1800,"currency":"usd","source":"clv_XXXXXXXXXXXXXXXXXXXXXX"}'

Got:

{

"message": "401 Unauthorized"

}


No further error messages to help identify the cause. Did online searching and reviewed related Clover documents. Any help would be appreciated.

REST API
10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

3 Answers

·
parquet76 avatar image
parquet76 answered

You need to use the private, not public token when making the charge request.

10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

flin2024 avatar image
flin2024 answered parquet76 commented

@parquet76@gmail.com Thank you for your help. I did this with a private token:

curl --request POST \

--url 'https://scl.clover.com/v1/charges' \

--header 'accept: application/json' \

--header 'authorization: Bearer d6157eb4-XXXX-XXXX-XXXX-2d1c10e30f87' \

--header 'content-type: application/json' \

--header 'x-forwarded-for: {client_ip}' \

--data '{"amount":1800,"currency":"usd","source":"clv_1XXXXXXXXXXXXXXXXXXXXX"}'

But, I still got

{

"message": "401 Unauthorized"

}

No more error messages can be used to debug.

1 comment
10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

parquet76 avatar image parquet76 commented ·
That is a production endpoint, are you using a production token? Production tokens will not work in sandbox nor will sandbox tokens work in production.
0 Likes 0 ·
flin2024 avatar image
flin2024 answered

@parquet76 Thank you! It's work. I followed the Clover documents and copied/pasted them but didn't notice the difference in URI between sandbox and production. Hope the Clover document can post the sample codes as a whole at the end of the document.

10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Welcome to the
Clover Developer Community