Production app review - 401 unauthorized HTTP error
Hey Clover community, we are currently in the process of having our application reviewed by Clover. However, we ran into an issue with the client experiencing a 401 unauthorized HTTP error being returned from the Clover API. Our application is sending the correct client ID, client secret, and a one-time authorization code for an access token. The Clover API is successfully returning an access token.
A subsequent GET request to
https://api.clover.com/v3/merchants/<merchantID>/employees/<employeeID> is returning a 401 unauthorized error, even with the access token passed in the Authorization header.This is only occurring against the production API during app approval; interestingly enough, it works in the sandbox environment. More information on how to debug this further would be much appreciated!
Here are some troubleshooting steps to follow when experiencing a 401 error:
Base URL/ Environment is correct in API endpoint
Merchant ID is correct in API endpoint
App Secret used to fetch token in OAuth endpoint is correct
App Id (Client Id) used to fetch token in OAuth endpoint is correct
App is installed on the merchant
Required permissions are enabled in the app
API Token is valid & has required permissions
Make sure the Token has not been expired.
Make sure the Token which is being used in your app was fetched by said app
Tokens obtained through OAuth have only the Permissions which were enabled at the time the Merchant installed the app. Any permissions enabled after installation will not go into effect until the Merchant uninstalls and then reinstalls the app. Subsequent tokens will have the newly added permission.
Additionally here is a medium article you may find helpful to your development as well:
If you have implemented all of the troubleshooting steps, have reviewed the medium post, and are still experiencing this issue please let us know.