401 Unauthorized for accessing customer api












1














I was able to get the admin token using the below url against the created admin user
http://username:password@localhost.com/index.php/rest/V1/integration/admin/token



The username and password is for browser authentication which you can see before the url which is defined in .htaccess and .htpassword. The original username and password is given in the body



{
"username":"admin",
"password":"admin123"
}


But when I get customers by passing the token it says 401 unauthorized.
Below is the request



http://username:password@localhost.com/index.php/rest/V1/customers
and token is passed as "Authorization: Bearer abcdefghi" in request header



How to fix this issue?










share|improve this question





























    1














    I was able to get the admin token using the below url against the created admin user
    http://username:password@localhost.com/index.php/rest/V1/integration/admin/token



    The username and password is for browser authentication which you can see before the url which is defined in .htaccess and .htpassword. The original username and password is given in the body



    {
    "username":"admin",
    "password":"admin123"
    }


    But when I get customers by passing the token it says 401 unauthorized.
    Below is the request



    http://username:password@localhost.com/index.php/rest/V1/customers
    and token is passed as "Authorization: Bearer abcdefghi" in request header



    How to fix this issue?










    share|improve this question



























      1












      1








      1







      I was able to get the admin token using the below url against the created admin user
      http://username:password@localhost.com/index.php/rest/V1/integration/admin/token



      The username and password is for browser authentication which you can see before the url which is defined in .htaccess and .htpassword. The original username and password is given in the body



      {
      "username":"admin",
      "password":"admin123"
      }


      But when I get customers by passing the token it says 401 unauthorized.
      Below is the request



      http://username:password@localhost.com/index.php/rest/V1/customers
      and token is passed as "Authorization: Bearer abcdefghi" in request header



      How to fix this issue?










      share|improve this question















      I was able to get the admin token using the below url against the created admin user
      http://username:password@localhost.com/index.php/rest/V1/integration/admin/token



      The username and password is for browser authentication which you can see before the url which is defined in .htaccess and .htpassword. The original username and password is given in the body



      {
      "username":"admin",
      "password":"admin123"
      }


      But when I get customers by passing the token it says 401 unauthorized.
      Below is the request



      http://username:password@localhost.com/index.php/rest/V1/customers
      and token is passed as "Authorization: Bearer abcdefghi" in request header



      How to fix this issue?







      magento2 magento-2.1 api rest-api






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited yesterday









      Aditya Shah

      3,6202834




      3,6202834










      asked May 21 '18 at 6:32









      JN_newbieJN_newbie

      1278




      1278






















          2 Answers
          2






          active

          oldest

          votes


















          4














          In magento web-API when you pass user name and password then it genrates token for that specific customer (Which is only valid for 1 hour - configurable from admin)




          http://magento.host/index.php/rest/V1/integration/customer/token?username=test.user@test.com&password=test@123




          webapi.xml code



          <route url="/V1/customers/me" method="GET">
          <service class="MagentoCustomerApiCustomerRepositoryInterface" method="getById"/>
          <resources>
          <resource ref="self"/>
          </resources>
          <data>
          <parameter name="customerId" force="true">%customer_id%</parameter>
          </data>
          </route>


          which returns token.



          After genrating token, when we pass that token in header.



          Authorization :: Bearer <Token Value>

          http://magento.host/index.php/rest/V1/customers/me


          Which returns customer detailes.



          The above case i explained is working fine for webAPI in magento2 which i tested in POSTMAN.






          share|improve this answer





















          • And yeah your URL action should be "POST"
            – Aditya Shah
            May 21 '18 at 10:21










          • I have created one admin user and new role with which will be "web api role" with access rights to customers and categories. I have assigned the "web api role" to admin user. It means that this admin user can only access the customers and categories. Now I have successfully generate the token. But when I use that token to fetch the customers. It says 401 unauthorized. I have gone some many resources, I understand the concept but don't know why it is keep on giving 401 unauthorized
            – JN_newbie
            May 21 '18 at 10:43










          • Okay, just for testing purpose please give all access role to that user and check whether it's giving a same error.
            – Aditya Shah
            May 21 '18 at 10:50










          • and did you checked the action of the URL ?
            – Aditya Shah
            May 21 '18 at 10:51










          • It was "GET" before now it is "POST" and still 401. Let me try be giving all access roles
            – JN_newbie
            May 21 '18 at 11:02



















          0














          Please pass username and password correctly



          for customers API:
          rest/V1/customer/token






          share|improve this answer





















          • Actually the username and password before url is for browser authentication which is defined in .htaccess. The original admin username and password was provided in body to get the token. Now to fetch the customers I think we will pass that token in header and simple call the url.
            – JN_newbie
            May 21 '18 at 7:02










          • There is one more thing I have created this new admin api user in production mode with specific role to access customers and categories. Do I need to do something to reflect the change?
            – JN_newbie
            May 21 '18 at 7:15











          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "479"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: false,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f226787%2f401-unauthorized-for-accessing-customer-api%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          2 Answers
          2






          active

          oldest

          votes








          2 Answers
          2






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          4














          In magento web-API when you pass user name and password then it genrates token for that specific customer (Which is only valid for 1 hour - configurable from admin)




          http://magento.host/index.php/rest/V1/integration/customer/token?username=test.user@test.com&password=test@123




          webapi.xml code



          <route url="/V1/customers/me" method="GET">
          <service class="MagentoCustomerApiCustomerRepositoryInterface" method="getById"/>
          <resources>
          <resource ref="self"/>
          </resources>
          <data>
          <parameter name="customerId" force="true">%customer_id%</parameter>
          </data>
          </route>


          which returns token.



          After genrating token, when we pass that token in header.



          Authorization :: Bearer <Token Value>

          http://magento.host/index.php/rest/V1/customers/me


          Which returns customer detailes.



          The above case i explained is working fine for webAPI in magento2 which i tested in POSTMAN.






          share|improve this answer





















          • And yeah your URL action should be "POST"
            – Aditya Shah
            May 21 '18 at 10:21










          • I have created one admin user and new role with which will be "web api role" with access rights to customers and categories. I have assigned the "web api role" to admin user. It means that this admin user can only access the customers and categories. Now I have successfully generate the token. But when I use that token to fetch the customers. It says 401 unauthorized. I have gone some many resources, I understand the concept but don't know why it is keep on giving 401 unauthorized
            – JN_newbie
            May 21 '18 at 10:43










          • Okay, just for testing purpose please give all access role to that user and check whether it's giving a same error.
            – Aditya Shah
            May 21 '18 at 10:50










          • and did you checked the action of the URL ?
            – Aditya Shah
            May 21 '18 at 10:51










          • It was "GET" before now it is "POST" and still 401. Let me try be giving all access roles
            – JN_newbie
            May 21 '18 at 11:02
















          4














          In magento web-API when you pass user name and password then it genrates token for that specific customer (Which is only valid for 1 hour - configurable from admin)




          http://magento.host/index.php/rest/V1/integration/customer/token?username=test.user@test.com&password=test@123




          webapi.xml code



          <route url="/V1/customers/me" method="GET">
          <service class="MagentoCustomerApiCustomerRepositoryInterface" method="getById"/>
          <resources>
          <resource ref="self"/>
          </resources>
          <data>
          <parameter name="customerId" force="true">%customer_id%</parameter>
          </data>
          </route>


          which returns token.



          After genrating token, when we pass that token in header.



          Authorization :: Bearer <Token Value>

          http://magento.host/index.php/rest/V1/customers/me


          Which returns customer detailes.



          The above case i explained is working fine for webAPI in magento2 which i tested in POSTMAN.






          share|improve this answer





















          • And yeah your URL action should be "POST"
            – Aditya Shah
            May 21 '18 at 10:21










          • I have created one admin user and new role with which will be "web api role" with access rights to customers and categories. I have assigned the "web api role" to admin user. It means that this admin user can only access the customers and categories. Now I have successfully generate the token. But when I use that token to fetch the customers. It says 401 unauthorized. I have gone some many resources, I understand the concept but don't know why it is keep on giving 401 unauthorized
            – JN_newbie
            May 21 '18 at 10:43










          • Okay, just for testing purpose please give all access role to that user and check whether it's giving a same error.
            – Aditya Shah
            May 21 '18 at 10:50










          • and did you checked the action of the URL ?
            – Aditya Shah
            May 21 '18 at 10:51










          • It was "GET" before now it is "POST" and still 401. Let me try be giving all access roles
            – JN_newbie
            May 21 '18 at 11:02














          4












          4








          4






          In magento web-API when you pass user name and password then it genrates token for that specific customer (Which is only valid for 1 hour - configurable from admin)




          http://magento.host/index.php/rest/V1/integration/customer/token?username=test.user@test.com&password=test@123




          webapi.xml code



          <route url="/V1/customers/me" method="GET">
          <service class="MagentoCustomerApiCustomerRepositoryInterface" method="getById"/>
          <resources>
          <resource ref="self"/>
          </resources>
          <data>
          <parameter name="customerId" force="true">%customer_id%</parameter>
          </data>
          </route>


          which returns token.



          After genrating token, when we pass that token in header.



          Authorization :: Bearer <Token Value>

          http://magento.host/index.php/rest/V1/customers/me


          Which returns customer detailes.



          The above case i explained is working fine for webAPI in magento2 which i tested in POSTMAN.






          share|improve this answer












          In magento web-API when you pass user name and password then it genrates token for that specific customer (Which is only valid for 1 hour - configurable from admin)




          http://magento.host/index.php/rest/V1/integration/customer/token?username=test.user@test.com&password=test@123




          webapi.xml code



          <route url="/V1/customers/me" method="GET">
          <service class="MagentoCustomerApiCustomerRepositoryInterface" method="getById"/>
          <resources>
          <resource ref="self"/>
          </resources>
          <data>
          <parameter name="customerId" force="true">%customer_id%</parameter>
          </data>
          </route>


          which returns token.



          After genrating token, when we pass that token in header.



          Authorization :: Bearer <Token Value>

          http://magento.host/index.php/rest/V1/customers/me


          Which returns customer detailes.



          The above case i explained is working fine for webAPI in magento2 which i tested in POSTMAN.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered May 21 '18 at 10:16









          Aditya ShahAditya Shah

          3,6202834




          3,6202834












          • And yeah your URL action should be "POST"
            – Aditya Shah
            May 21 '18 at 10:21










          • I have created one admin user and new role with which will be "web api role" with access rights to customers and categories. I have assigned the "web api role" to admin user. It means that this admin user can only access the customers and categories. Now I have successfully generate the token. But when I use that token to fetch the customers. It says 401 unauthorized. I have gone some many resources, I understand the concept but don't know why it is keep on giving 401 unauthorized
            – JN_newbie
            May 21 '18 at 10:43










          • Okay, just for testing purpose please give all access role to that user and check whether it's giving a same error.
            – Aditya Shah
            May 21 '18 at 10:50










          • and did you checked the action of the URL ?
            – Aditya Shah
            May 21 '18 at 10:51










          • It was "GET" before now it is "POST" and still 401. Let me try be giving all access roles
            – JN_newbie
            May 21 '18 at 11:02


















          • And yeah your URL action should be "POST"
            – Aditya Shah
            May 21 '18 at 10:21










          • I have created one admin user and new role with which will be "web api role" with access rights to customers and categories. I have assigned the "web api role" to admin user. It means that this admin user can only access the customers and categories. Now I have successfully generate the token. But when I use that token to fetch the customers. It says 401 unauthorized. I have gone some many resources, I understand the concept but don't know why it is keep on giving 401 unauthorized
            – JN_newbie
            May 21 '18 at 10:43










          • Okay, just for testing purpose please give all access role to that user and check whether it's giving a same error.
            – Aditya Shah
            May 21 '18 at 10:50










          • and did you checked the action of the URL ?
            – Aditya Shah
            May 21 '18 at 10:51










          • It was "GET" before now it is "POST" and still 401. Let me try be giving all access roles
            – JN_newbie
            May 21 '18 at 11:02
















          And yeah your URL action should be "POST"
          – Aditya Shah
          May 21 '18 at 10:21




          And yeah your URL action should be "POST"
          – Aditya Shah
          May 21 '18 at 10:21












          I have created one admin user and new role with which will be "web api role" with access rights to customers and categories. I have assigned the "web api role" to admin user. It means that this admin user can only access the customers and categories. Now I have successfully generate the token. But when I use that token to fetch the customers. It says 401 unauthorized. I have gone some many resources, I understand the concept but don't know why it is keep on giving 401 unauthorized
          – JN_newbie
          May 21 '18 at 10:43




          I have created one admin user and new role with which will be "web api role" with access rights to customers and categories. I have assigned the "web api role" to admin user. It means that this admin user can only access the customers and categories. Now I have successfully generate the token. But when I use that token to fetch the customers. It says 401 unauthorized. I have gone some many resources, I understand the concept but don't know why it is keep on giving 401 unauthorized
          – JN_newbie
          May 21 '18 at 10:43












          Okay, just for testing purpose please give all access role to that user and check whether it's giving a same error.
          – Aditya Shah
          May 21 '18 at 10:50




          Okay, just for testing purpose please give all access role to that user and check whether it's giving a same error.
          – Aditya Shah
          May 21 '18 at 10:50












          and did you checked the action of the URL ?
          – Aditya Shah
          May 21 '18 at 10:51




          and did you checked the action of the URL ?
          – Aditya Shah
          May 21 '18 at 10:51












          It was "GET" before now it is "POST" and still 401. Let me try be giving all access roles
          – JN_newbie
          May 21 '18 at 11:02




          It was "GET" before now it is "POST" and still 401. Let me try be giving all access roles
          – JN_newbie
          May 21 '18 at 11:02













          0














          Please pass username and password correctly



          for customers API:
          rest/V1/customer/token






          share|improve this answer





















          • Actually the username and password before url is for browser authentication which is defined in .htaccess. The original admin username and password was provided in body to get the token. Now to fetch the customers I think we will pass that token in header and simple call the url.
            – JN_newbie
            May 21 '18 at 7:02










          • There is one more thing I have created this new admin api user in production mode with specific role to access customers and categories. Do I need to do something to reflect the change?
            – JN_newbie
            May 21 '18 at 7:15
















          0














          Please pass username and password correctly



          for customers API:
          rest/V1/customer/token






          share|improve this answer





















          • Actually the username and password before url is for browser authentication which is defined in .htaccess. The original admin username and password was provided in body to get the token. Now to fetch the customers I think we will pass that token in header and simple call the url.
            – JN_newbie
            May 21 '18 at 7:02










          • There is one more thing I have created this new admin api user in production mode with specific role to access customers and categories. Do I need to do something to reflect the change?
            – JN_newbie
            May 21 '18 at 7:15














          0












          0








          0






          Please pass username and password correctly



          for customers API:
          rest/V1/customer/token






          share|improve this answer












          Please pass username and password correctly



          for customers API:
          rest/V1/customer/token







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered May 21 '18 at 6:43









          VishnunathVishnunath

          4209




          4209












          • Actually the username and password before url is for browser authentication which is defined in .htaccess. The original admin username and password was provided in body to get the token. Now to fetch the customers I think we will pass that token in header and simple call the url.
            – JN_newbie
            May 21 '18 at 7:02










          • There is one more thing I have created this new admin api user in production mode with specific role to access customers and categories. Do I need to do something to reflect the change?
            – JN_newbie
            May 21 '18 at 7:15


















          • Actually the username and password before url is for browser authentication which is defined in .htaccess. The original admin username and password was provided in body to get the token. Now to fetch the customers I think we will pass that token in header and simple call the url.
            – JN_newbie
            May 21 '18 at 7:02










          • There is one more thing I have created this new admin api user in production mode with specific role to access customers and categories. Do I need to do something to reflect the change?
            – JN_newbie
            May 21 '18 at 7:15
















          Actually the username and password before url is for browser authentication which is defined in .htaccess. The original admin username and password was provided in body to get the token. Now to fetch the customers I think we will pass that token in header and simple call the url.
          – JN_newbie
          May 21 '18 at 7:02




          Actually the username and password before url is for browser authentication which is defined in .htaccess. The original admin username and password was provided in body to get the token. Now to fetch the customers I think we will pass that token in header and simple call the url.
          – JN_newbie
          May 21 '18 at 7:02












          There is one more thing I have created this new admin api user in production mode with specific role to access customers and categories. Do I need to do something to reflect the change?
          – JN_newbie
          May 21 '18 at 7:15




          There is one more thing I have created this new admin api user in production mode with specific role to access customers and categories. Do I need to do something to reflect the change?
          – JN_newbie
          May 21 '18 at 7:15


















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Magento Stack Exchange!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.





          Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


          Please pay close attention to the following guidance:


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f226787%2f401-unauthorized-for-accessing-customer-api%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          1300-talet

          1300-talet

          Display a custom attribute below product name in the front-end Magento 1.9.3.8