+ Start a Discussion
Murali Mohan MandadiMurali Mohan Mandadi 

Getting 401--Unauthorized Error While trying to connect the third party application using Password Authentication Named credentials

We are trying to replace custom settings with Named credentials in one of our application. So we are trying to move all custom settings data into named credentials and trying to connect the third party application using Per User (Identity Type) Password Authentication (Authentication Protocol) Named credential, getting the 401-Unauthorized error.

Named Credentials Created:
Identity Type - Per User
Authentication Protocol - Password Authentication

Code Snippet executed in Anonymous window:
String method = 'POST';
String IMPLCaseId = 'IM-25147';
String RelatedIMPLCaseId;
String groupNumber = 'A1723';

GCwGetBPIDRequest.QQGroupInfo qqgroupInfo = new GCwGetBPIDRequest.QQGroupInfo(IMPLCaseId, RelatedIMPLCaseId, groupNumber);
GCwGetBPIDRequest getBPIDReq = new GCwGetBPIDRequest();
getBPIDReq.ServiceType = 'IMPL';
getBPIDReq.SFDCUserName = [select Id, Name, username from User where Id = :UserInfo.getUserId()].Name;
getBPIDReq.SubType = 'GetBPID';
getBPIDReq.Implementation = qqgroupInfo;

System.debug(' getBPIDReq### ' + getBPIDReq);

HttpRequest req = new HttpRequest();
HttpResponse res = new HttpResponse();
req.setEndpoint('callout:API_Pega_Callout_PegaUser1/PRRestService/P2EREST/Account/ProcessServiceRequest');
req.setMethod('POST');

req.setBody(getBPIDReq.generate());
req.setTimeOut(120000);

system.debug('req.getEndpoint ---------------> ' + req.getEndpoint());
system.debug('req.getHeader ---------------> ' + req.getHeader('Authorization'));
system.debug('HTTP REQUEST BODY ---------------> ' + req.getBody());

Http http = new Http();
res = http.send(req);
system.debug('HTTP RESPONSE BODY ---------------> ' + res.getBody());

Getting the Below Error:
Error 401--Unauthorized:
The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.46) containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field (section 14.8). If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials. If the 401 response contains

What could be the possible reason for this? 
Any help would be appreciated.
Krishna.AvvaKrishna.Avva
Hi Murali,

Did you try to do a call out from SOAP/POstman? 

Regards,
Krishna Avva
Murali Mohan MandadiMurali Mohan Mandadi
Hi Krishna,

It is working as expected when using postman or callout with basic authencation. But while using named credentials, authentication header is not generating and hence getting the 401 error.

Thanks,
Murali  
Murali Mohan MandadiMurali Mohan Mandadi
Resolved the above issue by using the below merge fields in header.
req.setHeader('Authorization', 'BASIC {!$Credential.AuthorizationHeaderValue}');
Neeharika U 12Neeharika U 12
Hi Murali! Thanks a lot for posting your solution as well, this was very helpful. I don't understand why Salesforce wouldn't mention it in their documentation for Named Credential. They just mention the callout and send request.