401unauthorized - new developer

Question

This question was closed Jun 12, 2020 at 08:38 PM by David Marginian for the following reason: The question is answered, right answer was accepted

question

tombialy asked Apr 24, '20 David Marginian Deactivated edited Jun 12, '20

401unauthorized - new developer

I have very recently created a development account. I managed to get implement oauth20 to get the API token.

However, when I try to use with even on basic API calls, I am getting 401 unauthorized error. I see that even if I try the API examples. Here is the curl example with obfuscated token.

Does it have to do with me being new developer and still going through the review process?

curl -v "https://api.clover.com/v3/merchants/H1ZX51YNH76Q1" --header "Authorization: Bearer 8xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxd"

....

* Connection #0 to host api.clover.com left intact

{"message":"401 Unauthorized"}* Closing connection 0

~/g

API Token Auth

10 |2000

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Welcome to the
Clover Developer Community

Answer 1 · 2020-04-24T22:10:17Z

David Marginian Deactivated answered Apr 24, '20 tombialy commented Apr 25, '20

api.clover.com is a production URL, but the merchant in the request you posted above is a sandbox merchant. Sandbox != Production, they are separate environments. For sandbox you should be using:

https://apisandbox.dev.clover.com

Please see our documenation: https://docs.clover.com/clover-platform/docs/making-rest-api-calls.

6

10 |2000

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

tombialy commented · Apr 25, 2020 at 12:41 AM

Good catch. Thanks.

However, after switching to sandbox, I am still having the same issue if I use https://apisandbox.dev.clover.com or even https://sandbox.dev.clover.com

Here are examples:

curl -v --request GET \

--url 'https://apisandbox.dev.clover.com/v3/merchants/H1ZX51YNH76Q1?access_token=xxxx' \

--header 'accept: application/json'

curl -v --request GET \

--url 'https://sandbox.dev.clover.com/v3/merchants/H1ZX51YNH76Q1?access_token=xxxx' \

--header 'accept: application/json'

Note: Unnecessary use of -X or --request, GET is already inferred.

....

* Connection #0 to host sandbox.dev.clover.com left intact

{"message":"401 Unauthorized"}* Closing connection 0

0 ·

David Marginian ♦♦ tombialy commented · Apr 25, 2020 at 12:50 AM

Providing such verbose request tracing is not necessary. Either your permissions are off or you don't have a valid token, it's as simple as that. Please explain exactly how you obtained the token. What steps did you follow?

0 ·

tombialy commented · Apr 25, 2020 at 01:36 AM

Thanks for looking into this. Here are steps I am taking:

Step 1:

Redirecting to:

2020-04-24 21:27:11 DEBUG OAuthCloverInitServlet:58 - Redirecting to: https://sandbox.dev.clover.com/oauth/authorize?response_type=code&client_id=TRTD84Q0SQ69W&redirect_uri=https%3A%2F%2Fqtek.ddns.net%2Frest%2Foauth%2Fclv%2Foauth_callback

Step 2:

After receiving callback with code. I send it along with secret (obfuscated below):

Cmd=[GET https://sandbox.dev.clover.com/oauth/token?client_id=TRTD84Q0SQ69W&client_secret=5xxxxxxxxxxxa&code=e02329b7-30c4-ea9d-6995-973c1bf80957 HTTP/1.1]

This returns access token:

{

"access_token" : "15823253-xxxxxxxx-1b9db955a2bc"

}

Step 3:

Which than I use

Cmd=[GET https://sandbox.dev.clover.com/v3/merchants/H1ZX51YNH76Q1 HTTP/1.1]

Header key=[Authorization] val=[Bearer 15823253-xxxxxxxx-1b9db955a2bc]

Which than produces 401

Got reply:{

"message" : "401 Unauthorized"

}

0 ·

David Marginian ♦♦ tombialy commented · Apr 25, 2020 at 02:07 AM

Are you certain that when you installed the app to the merchant that it had the appropriate permissions? I see that it does now, but if it didn't at the time of install you will need to uninstall and reinstall the app.

0 ·

tombialy commented · Apr 25, 2020 at 02:13 AM

That is very good point. Initially, it indeed did not have all permissions. I changed it later when i was trying to debug the access problem. I will reinstall my app.

0 ·

David Marginian ♦♦ tombialy commented · Apr 25, 2020 at 02:19 AM

The merchant accepts the permissions of your app at the time the app is installed, and the token reflects the permissions at that time.

0 ·

question

401unauthorized - new developer

1 Answer

Welcome to the
Clover Developer Community

question details

question

401unauthorized - new developer

1 Answer

Welcome to theClover Developer Community

question details

Related Questions

Welcome to the
Clover Developer Community