Start a new topic

Postman/Insomnia REST API access

Hi,


When I use Insomnia to access my Chat Bot I get an 'Not Authorized' message. I'm not sure what is going wrong?


I have the Bearer Token with my Bot Token, Header Content-Type application/json.


GET https://api.nativechat.com/v1/bots/<BOT ID>/conversations


Timeline:


* Preparing request to https://api.nativechat.com/v1/bots/<BOT ID>/conversations

* Using libcurl/7.57.0-DEV OpenSSL/1.0.2o zlib/1.2.11 libssh2/1.7.0_DEV

* Current time is 2019-09-19T09:22:42.973Z

* Disable timeout

* Enable automatic URL encoding

* Enable SSL validation

* Enable cookie sending with jar of 1 cookie

* Found bundle for host api.nativechat.com: 0x2bd2980c600 [can pipeline]

* Re-using existing connection! (#1) with host api.nativechat.com

* Connected to api.nativechat.com (54.210.170.86) port 443 (#1)

 

> GET /v1/bots/<BOT ID>/conversations HTTP/1.1

> Host: api.nativechat.com

> User-Agent: insomnia/6.5.4

> Content-Type: application/json

> Authorization: Bearer <TOKEN ID>

> Accept: */*

> Content-Length: 0

 

< HTTP/1.1 403 Forbidden

< Date: Thu, 19 Sep 2019 09:22:42 GMT

< Content-Type: text/html; charset=utf-8

< Content-Length: 14

< Connection: keep-alive

< Server: nginx/1.10.3 (Ubuntu)

< X-Powered-By: Express

< ETag: W/"e-T72BIhQ9RAItcd1mlVXIjJ79Psc"

 

* HTTP error before end of send, stop sending

 

 

 

* Received 14 B chunk

* Closing connection 1

* TLSv1.2 (OUT), TLS alert, Client hello (1):



Hi Alan,


I see that you are using:

Authorization: Bearer <TOKEN ID>


whereas it should be:

Authorization: Bot-Server-Access-Token <TOKEN ID>


Please see the documentation for details - https://docs.nativechat.com/docs/1.0/administrative/api-reference.html


Regards

Martin Apostolov

Hi Martin,


I still receive a Not Authorized message. Here is my log:


 Preparing request to https://api.nativechat.com/v1/bots/<BOT ID>/conversations 

* Using libcurl/7.57.0-DEV OpenSSL/1.0.2o zlib/1.2.11 libssh2/1.7.0_DEV 

* Current time is 2019-09-25T08:29:30.323Z 

* Disable timeout 

* Enable automatic URL encoding 

* Enable SSL validation 

* Enable cookie sending with jar of 1 cookie 

* Hostname in DNS cache was stale, zapped 

*   Trying 52.204.28.218... 

* TCP_NODELAY set 

* Connected to api.nativechat.com (52.204.28.218) port 443 (#3) 

* ALPN, offering http/1.1 

* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH 

* successfully set certificate verify locations: 

*   CAfile: C:\Users\awday\AppData\Local\Temp\insomnia_6.6.2\2017-09-20.pem 

*   CApath: none 

* TLSv1.2 (OUT), TLS header, Certificate Status (22): 

* TLSv1.2 (OUT), TLS handshake, Client hello (1): 

* TLSv1.2 (IN), TLS handshake, Server hello (2): 

* TLSv1.2 (IN), TLS handshake, Certificate (11): 

* TLSv1.2 (IN), TLS handshake, Server key exchange (12): 

* TLSv1.2 (IN), TLS handshake, Server finished (14): 

* TLSv1.2 (OUT), TLS handshake, Client key exchange (16): 

* TLSv1.2 (OUT), TLS change cipher, Client hello (1): 

* TLSv1.2 (OUT), TLS handshake, Finished (20): 

* TLSv1.2 (IN), TLS change cipher, Client hello (1): 

* TLSv1.2 (IN), TLS handshake, Finished (20): 

* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256 

* ALPN, server accepted to use http/1.1 

* Server certificate: 

*  subject: CN=nativechat.com 

*  start date: Apr 26 00:00:00 2019 GMT 

*  expire date: May 26 12:00:00 2020 GMT 

*  subjectAltName: host "api.nativechat.com" matched cert's "*.nativechat.com" 

*  issuer: C=US; O=Amazon; OU=Server CA 1B; CN=Amazon 

*  SSL certificate verify ok. 

 

> GET /v1/bots/<BOT ID>/conversations HTTP/1.1 

> Host: api.nativechat.com 

> User-Agent: insomnia/6.6.2 

> Content-Type: application/json 

> Authorization: Bot-Server-Access-Token  <Token ID> 

> Accept: */* 

> Content-Length: 0 

 

< HTTP/1.1 403 Forbidden 

< Date: Wed, 25 Sep 2019 08:29:33 GMT 

< Content-Type: text/html; charset=utf-8 

< Content-Length: 14 

< Connection: keep-alive 

< Server: nginx/1.10.3 (Ubuntu) 

< X-Powered-By: Express 

< ETag: W/"e-T72BIhQ9RAItcd1mlVXIjJ79Psc" 

 

* HTTP error before end of send, stop sending 

 

 

 

* Received 14 B chunk 

* Closing connection 3 

* TLSv1.2 (OUT), TLS alert, Client hello (1):

Hi Alan,

I have reviewed the server logs for recent 403 errors and there are some where double space characters after Bot-Server-Access-Token is used. Please make sure you are setting only once space.


Regards

Martin Apostolov

Thanks Martin. The prefix had a space. Alan

Login or Signup to post a comment