Status 401 Postman

javascript
postman

#1

Hi guys,

I am totally new in moltin api. I created one sample product and I wanna try features of moltin in Postman. so I tried to fetch all products using Postman

I was reading in this article about moltin and postman
In Postman, firstly, I updated the environment variables of moltin (added my client_id and client_secret), then I chose Authorisation type: Bearer Token. The documentation says I should add Authentication. I didn’t know exactly where I should add the Authorisation token. So I found one in the reference api, which I add but I get bad request. I tried also to remove Authorisation but it did not work.

In Postman, I tried to Post https://api.moltin.com/oauth/access_token, but I am always getting:

{
“errors”: [
{
“status”: 400,
“title”: “Bad Request”
}
]
}

I attached some snapshots at https://imgur.com/a/Ooouv
Can you just point where is the missing part?


#2

Hi @khaled1

If you look inside the Authentication folder and run the Implicit POST request, you will successfully get back a access_token.

Then inside within any subsequent requests you will want to make sure you have your Authorization header untouched. You’ll want to make sure authToken is updated insice your moltin environment, so requests pass along the token correctly.

Once you have done this, open up any implicit request type, in this case Get all products and you should see inside Headers you have Authorization reading from the moltin environment.

I hope this helps :smile:

Feel free to ask anything else, I’d love to help you get started with moltin :tada:


#3

Thank you very much. It really helps :smiley:
Great and quick support


#4

Just wanna make sure about one thing more. Is auth_token valid only for 60 min? I mean after 60 min, do I have to generate a new auth_token to pass it as a header to api calls?


#5

Hi @khaled1 :wave:

That’s right. Our JS SDK will take take of authenticating should the token be expired, so you may wish to build in to your app if you’re not using JS something that can silently handle authentication and update your token for further requests.

I hope this helps :smile:


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.