401 Unauthorized for accessing customer api
I was able to get the admin token using the below url against the created admin user
http://username:password@localhost.com/index.php/rest/V1/integration/admin/token
The username and password is for browser authentication which you can see before the url which is defined in .htaccess and .htpassword. The original username and password is given in the body
{
"username":"admin",
"password":"admin123"
}
But when I get customers by passing the token it says 401 unauthorized.
Below is the request
http://username:password@localhost.com/index.php/rest/V1/customers
and token is passed as "Authorization: Bearer abcdefghi" in request header
How to fix this issue?
magento2 magento-2.1 api rest-api
add a comment |
I was able to get the admin token using the below url against the created admin user
http://username:password@localhost.com/index.php/rest/V1/integration/admin/token
The username and password is for browser authentication which you can see before the url which is defined in .htaccess and .htpassword. The original username and password is given in the body
{
"username":"admin",
"password":"admin123"
}
But when I get customers by passing the token it says 401 unauthorized.
Below is the request
http://username:password@localhost.com/index.php/rest/V1/customers
and token is passed as "Authorization: Bearer abcdefghi" in request header
How to fix this issue?
magento2 magento-2.1 api rest-api
add a comment |
I was able to get the admin token using the below url against the created admin user
http://username:password@localhost.com/index.php/rest/V1/integration/admin/token
The username and password is for browser authentication which you can see before the url which is defined in .htaccess and .htpassword. The original username and password is given in the body
{
"username":"admin",
"password":"admin123"
}
But when I get customers by passing the token it says 401 unauthorized.
Below is the request
http://username:password@localhost.com/index.php/rest/V1/customers
and token is passed as "Authorization: Bearer abcdefghi" in request header
How to fix this issue?
magento2 magento-2.1 api rest-api
I was able to get the admin token using the below url against the created admin user
http://username:password@localhost.com/index.php/rest/V1/integration/admin/token
The username and password is for browser authentication which you can see before the url which is defined in .htaccess and .htpassword. The original username and password is given in the body
{
"username":"admin",
"password":"admin123"
}
But when I get customers by passing the token it says 401 unauthorized.
Below is the request
http://username:password@localhost.com/index.php/rest/V1/customers
and token is passed as "Authorization: Bearer abcdefghi" in request header
How to fix this issue?
magento2 magento-2.1 api rest-api
magento2 magento-2.1 api rest-api
edited yesterday
Aditya Shah
3,6202834
3,6202834
asked May 21 '18 at 6:32
JN_newbieJN_newbie
1278
1278
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
In magento web-API when you pass user name and password then it genrates token for that specific customer (Which is only valid for 1 hour - configurable from admin)
http://magento.host/index.php/rest/V1/integration/customer/token?username=test.user@test.com&password=test@123
webapi.xml code
<route url="/V1/customers/me" method="GET">
<service class="MagentoCustomerApiCustomerRepositoryInterface" method="getById"/>
<resources>
<resource ref="self"/>
</resources>
<data>
<parameter name="customerId" force="true">%customer_id%</parameter>
</data>
</route>
which returns token.
After genrating token, when we pass that token in header.
Authorization :: Bearer <Token Value>
http://magento.host/index.php/rest/V1/customers/me
Which returns customer detailes.
The above case i explained is working fine for webAPI in magento2 which i tested in POSTMAN.
And yeah your URL action should be "POST"
– Aditya Shah
May 21 '18 at 10:21
I have created one admin user and new role with which will be "web api role" with access rights to customers and categories. I have assigned the "web api role" to admin user. It means that this admin user can only access the customers and categories. Now I have successfully generate the token. But when I use that token to fetch the customers. It says 401 unauthorized. I have gone some many resources, I understand the concept but don't know why it is keep on giving 401 unauthorized
– JN_newbie
May 21 '18 at 10:43
Okay, just for testing purpose please give all access role to that user and check whether it's giving a same error.
– Aditya Shah
May 21 '18 at 10:50
and did you checked the action of the URL ?
– Aditya Shah
May 21 '18 at 10:51
It was "GET" before now it is "POST" and still 401. Let me try be giving all access roles
– JN_newbie
May 21 '18 at 11:02
|
show 3 more comments
Please pass username and password correctly
for customers API:
rest/V1/customer/token
Actually the username and password before url is for browser authentication which is defined in .htaccess. The original admin username and password was provided in body to get the token. Now to fetch the customers I think we will pass that token in header and simple call the url.
– JN_newbie
May 21 '18 at 7:02
There is one more thing I have created this new admin api user in production mode with specific role to access customers and categories. Do I need to do something to reflect the change?
– JN_newbie
May 21 '18 at 7:15
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "479"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f226787%2f401-unauthorized-for-accessing-customer-api%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
In magento web-API when you pass user name and password then it genrates token for that specific customer (Which is only valid for 1 hour - configurable from admin)
http://magento.host/index.php/rest/V1/integration/customer/token?username=test.user@test.com&password=test@123
webapi.xml code
<route url="/V1/customers/me" method="GET">
<service class="MagentoCustomerApiCustomerRepositoryInterface" method="getById"/>
<resources>
<resource ref="self"/>
</resources>
<data>
<parameter name="customerId" force="true">%customer_id%</parameter>
</data>
</route>
which returns token.
After genrating token, when we pass that token in header.
Authorization :: Bearer <Token Value>
http://magento.host/index.php/rest/V1/customers/me
Which returns customer detailes.
The above case i explained is working fine for webAPI in magento2 which i tested in POSTMAN.
And yeah your URL action should be "POST"
– Aditya Shah
May 21 '18 at 10:21
I have created one admin user and new role with which will be "web api role" with access rights to customers and categories. I have assigned the "web api role" to admin user. It means that this admin user can only access the customers and categories. Now I have successfully generate the token. But when I use that token to fetch the customers. It says 401 unauthorized. I have gone some many resources, I understand the concept but don't know why it is keep on giving 401 unauthorized
– JN_newbie
May 21 '18 at 10:43
Okay, just for testing purpose please give all access role to that user and check whether it's giving a same error.
– Aditya Shah
May 21 '18 at 10:50
and did you checked the action of the URL ?
– Aditya Shah
May 21 '18 at 10:51
It was "GET" before now it is "POST" and still 401. Let me try be giving all access roles
– JN_newbie
May 21 '18 at 11:02
|
show 3 more comments
In magento web-API when you pass user name and password then it genrates token for that specific customer (Which is only valid for 1 hour - configurable from admin)
http://magento.host/index.php/rest/V1/integration/customer/token?username=test.user@test.com&password=test@123
webapi.xml code
<route url="/V1/customers/me" method="GET">
<service class="MagentoCustomerApiCustomerRepositoryInterface" method="getById"/>
<resources>
<resource ref="self"/>
</resources>
<data>
<parameter name="customerId" force="true">%customer_id%</parameter>
</data>
</route>
which returns token.
After genrating token, when we pass that token in header.
Authorization :: Bearer <Token Value>
http://magento.host/index.php/rest/V1/customers/me
Which returns customer detailes.
The above case i explained is working fine for webAPI in magento2 which i tested in POSTMAN.
And yeah your URL action should be "POST"
– Aditya Shah
May 21 '18 at 10:21
I have created one admin user and new role with which will be "web api role" with access rights to customers and categories. I have assigned the "web api role" to admin user. It means that this admin user can only access the customers and categories. Now I have successfully generate the token. But when I use that token to fetch the customers. It says 401 unauthorized. I have gone some many resources, I understand the concept but don't know why it is keep on giving 401 unauthorized
– JN_newbie
May 21 '18 at 10:43
Okay, just for testing purpose please give all access role to that user and check whether it's giving a same error.
– Aditya Shah
May 21 '18 at 10:50
and did you checked the action of the URL ?
– Aditya Shah
May 21 '18 at 10:51
It was "GET" before now it is "POST" and still 401. Let me try be giving all access roles
– JN_newbie
May 21 '18 at 11:02
|
show 3 more comments
In magento web-API when you pass user name and password then it genrates token for that specific customer (Which is only valid for 1 hour - configurable from admin)
http://magento.host/index.php/rest/V1/integration/customer/token?username=test.user@test.com&password=test@123
webapi.xml code
<route url="/V1/customers/me" method="GET">
<service class="MagentoCustomerApiCustomerRepositoryInterface" method="getById"/>
<resources>
<resource ref="self"/>
</resources>
<data>
<parameter name="customerId" force="true">%customer_id%</parameter>
</data>
</route>
which returns token.
After genrating token, when we pass that token in header.
Authorization :: Bearer <Token Value>
http://magento.host/index.php/rest/V1/customers/me
Which returns customer detailes.
The above case i explained is working fine for webAPI in magento2 which i tested in POSTMAN.
In magento web-API when you pass user name and password then it genrates token for that specific customer (Which is only valid for 1 hour - configurable from admin)
http://magento.host/index.php/rest/V1/integration/customer/token?username=test.user@test.com&password=test@123
webapi.xml code
<route url="/V1/customers/me" method="GET">
<service class="MagentoCustomerApiCustomerRepositoryInterface" method="getById"/>
<resources>
<resource ref="self"/>
</resources>
<data>
<parameter name="customerId" force="true">%customer_id%</parameter>
</data>
</route>
which returns token.
After genrating token, when we pass that token in header.
Authorization :: Bearer <Token Value>
http://magento.host/index.php/rest/V1/customers/me
Which returns customer detailes.
The above case i explained is working fine for webAPI in magento2 which i tested in POSTMAN.
answered May 21 '18 at 10:16
Aditya ShahAditya Shah
3,6202834
3,6202834
And yeah your URL action should be "POST"
– Aditya Shah
May 21 '18 at 10:21
I have created one admin user and new role with which will be "web api role" with access rights to customers and categories. I have assigned the "web api role" to admin user. It means that this admin user can only access the customers and categories. Now I have successfully generate the token. But when I use that token to fetch the customers. It says 401 unauthorized. I have gone some many resources, I understand the concept but don't know why it is keep on giving 401 unauthorized
– JN_newbie
May 21 '18 at 10:43
Okay, just for testing purpose please give all access role to that user and check whether it's giving a same error.
– Aditya Shah
May 21 '18 at 10:50
and did you checked the action of the URL ?
– Aditya Shah
May 21 '18 at 10:51
It was "GET" before now it is "POST" and still 401. Let me try be giving all access roles
– JN_newbie
May 21 '18 at 11:02
|
show 3 more comments
And yeah your URL action should be "POST"
– Aditya Shah
May 21 '18 at 10:21
I have created one admin user and new role with which will be "web api role" with access rights to customers and categories. I have assigned the "web api role" to admin user. It means that this admin user can only access the customers and categories. Now I have successfully generate the token. But when I use that token to fetch the customers. It says 401 unauthorized. I have gone some many resources, I understand the concept but don't know why it is keep on giving 401 unauthorized
– JN_newbie
May 21 '18 at 10:43
Okay, just for testing purpose please give all access role to that user and check whether it's giving a same error.
– Aditya Shah
May 21 '18 at 10:50
and did you checked the action of the URL ?
– Aditya Shah
May 21 '18 at 10:51
It was "GET" before now it is "POST" and still 401. Let me try be giving all access roles
– JN_newbie
May 21 '18 at 11:02
And yeah your URL action should be "POST"
– Aditya Shah
May 21 '18 at 10:21
And yeah your URL action should be "POST"
– Aditya Shah
May 21 '18 at 10:21
I have created one admin user and new role with which will be "web api role" with access rights to customers and categories. I have assigned the "web api role" to admin user. It means that this admin user can only access the customers and categories. Now I have successfully generate the token. But when I use that token to fetch the customers. It says 401 unauthorized. I have gone some many resources, I understand the concept but don't know why it is keep on giving 401 unauthorized
– JN_newbie
May 21 '18 at 10:43
I have created one admin user and new role with which will be "web api role" with access rights to customers and categories. I have assigned the "web api role" to admin user. It means that this admin user can only access the customers and categories. Now I have successfully generate the token. But when I use that token to fetch the customers. It says 401 unauthorized. I have gone some many resources, I understand the concept but don't know why it is keep on giving 401 unauthorized
– JN_newbie
May 21 '18 at 10:43
Okay, just for testing purpose please give all access role to that user and check whether it's giving a same error.
– Aditya Shah
May 21 '18 at 10:50
Okay, just for testing purpose please give all access role to that user and check whether it's giving a same error.
– Aditya Shah
May 21 '18 at 10:50
and did you checked the action of the URL ?
– Aditya Shah
May 21 '18 at 10:51
and did you checked the action of the URL ?
– Aditya Shah
May 21 '18 at 10:51
It was "GET" before now it is "POST" and still 401. Let me try be giving all access roles
– JN_newbie
May 21 '18 at 11:02
It was "GET" before now it is "POST" and still 401. Let me try be giving all access roles
– JN_newbie
May 21 '18 at 11:02
|
show 3 more comments
Please pass username and password correctly
for customers API:
rest/V1/customer/token
Actually the username and password before url is for browser authentication which is defined in .htaccess. The original admin username and password was provided in body to get the token. Now to fetch the customers I think we will pass that token in header and simple call the url.
– JN_newbie
May 21 '18 at 7:02
There is one more thing I have created this new admin api user in production mode with specific role to access customers and categories. Do I need to do something to reflect the change?
– JN_newbie
May 21 '18 at 7:15
add a comment |
Please pass username and password correctly
for customers API:
rest/V1/customer/token
Actually the username and password before url is for browser authentication which is defined in .htaccess. The original admin username and password was provided in body to get the token. Now to fetch the customers I think we will pass that token in header and simple call the url.
– JN_newbie
May 21 '18 at 7:02
There is one more thing I have created this new admin api user in production mode with specific role to access customers and categories. Do I need to do something to reflect the change?
– JN_newbie
May 21 '18 at 7:15
add a comment |
Please pass username and password correctly
for customers API:
rest/V1/customer/token
Please pass username and password correctly
for customers API:
rest/V1/customer/token
answered May 21 '18 at 6:43
VishnunathVishnunath
4209
4209
Actually the username and password before url is for browser authentication which is defined in .htaccess. The original admin username and password was provided in body to get the token. Now to fetch the customers I think we will pass that token in header and simple call the url.
– JN_newbie
May 21 '18 at 7:02
There is one more thing I have created this new admin api user in production mode with specific role to access customers and categories. Do I need to do something to reflect the change?
– JN_newbie
May 21 '18 at 7:15
add a comment |
Actually the username and password before url is for browser authentication which is defined in .htaccess. The original admin username and password was provided in body to get the token. Now to fetch the customers I think we will pass that token in header and simple call the url.
– JN_newbie
May 21 '18 at 7:02
There is one more thing I have created this new admin api user in production mode with specific role to access customers and categories. Do I need to do something to reflect the change?
– JN_newbie
May 21 '18 at 7:15
Actually the username and password before url is for browser authentication which is defined in .htaccess. The original admin username and password was provided in body to get the token. Now to fetch the customers I think we will pass that token in header and simple call the url.
– JN_newbie
May 21 '18 at 7:02
Actually the username and password before url is for browser authentication which is defined in .htaccess. The original admin username and password was provided in body to get the token. Now to fetch the customers I think we will pass that token in header and simple call the url.
– JN_newbie
May 21 '18 at 7:02
There is one more thing I have created this new admin api user in production mode with specific role to access customers and categories. Do I need to do something to reflect the change?
– JN_newbie
May 21 '18 at 7:15
There is one more thing I have created this new admin api user in production mode with specific role to access customers and categories. Do I need to do something to reflect the change?
– JN_newbie
May 21 '18 at 7:15
add a comment |
Thanks for contributing an answer to Magento Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f226787%2f401-unauthorized-for-accessing-customer-api%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown