Start a new topic

Why setting authtoken to authorization header field for any api request returns error 401 unauthoriz

this is my request header

{

"Accept-Language" = "en;q=1, fr;q=0.9, de;q=0.8, zh-Hans;q=0.7, zh-Hant;q=0.6, ja;q=0.5";

Authorization = "Token token=\"bf1eaaeb-724b-4abc-8d27-842059853efb.a8kfJVsjBflYJqZk3aJ6xmXWqoqEYijXv708/Zf5/2s=\"";

"Content-Type" = "application/json; charset=utf-8";

"User-Agent" = "Ta3rifah/1.0 (iPhone Simulator; iOS 7.1; Scale/2.00)";

}



and i always get this error

{"error":"InvalidCredentials","description":"Invalid credentials. Please retry your request with correct credentials","debug":"No credentials found or missing/malformed header"}

I was working with rest API for Kinvey iOS SDK. What I found that there is error in generated @"Authorization" header has wrong value.



For test purpose just make hard coding as given below (data would be different in your case)



NSString* authHeader = [NSString stringWithFormat:@"Basic %@", AUTH_DATA];

[request addValue:authHeader forHTTPHeaderField:@"Authorization"];





where AUTH_DATA=#@"a3wkX2JrMjJuV2cew3ozYm65tDBjOTM4YTI0MmE4Ym34TBiZGY5NjVhYTdiOA=="



I copied AUTH_DATA from Kinvey API console.

We don't provide support for 3rd party SDKs. Check out the documentation for AFNetworking https://github.com/AFNetworking/AFNetworking for how to supply an authorization header.
Thanks
This looks like an iOS question... I will move your question to that category, so that our iOS developer can address it.
i don't set "Token" by myself i just write this code

manager = [AFHTTPRequestOperationManager manager];

[manager setRequestSerializer:[AFHTTPRequestSerializer serializer]];

manager.requestSerializer = [AFJSONRequestSerializer serializer];

[manager.requestSerializer setAuthorizationHeaderFieldWithToken:[[[KCSUser activeUser] getValueForAttribute:@"_kmd"] objectForKey:@"authtoken"]];



how to set Kinvey authtoken ??
As seen in the guide (http://devcenter.kinvey.com/rest/guides/security#sessionauthentication), the Authorization header should contain the word `Kinvey` followed by your auth token:



`Kinvey your-auth-token`



For example:



`Authorization: Kinvey 0a8368d7-cbb8-473d-8fec-a1f7f50b764b.X0KQYoRCFEdyBW9WIP`
Login or Signup to post a comment