function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
ben.bben.b 

401 Unauthorized error

Does anyone know if http error  401 unauthorized is returned in Chapper API only if OAuth token if NOT set? Or is it also if sessionId not valid?

 

The reason I ask is I was getting Invaild session id error if  access_token was but when using C# to upload a file with Authorization header set to "OAuth " + token., I am getting this Http 401.  I just want to make sure is only for http level error of missing header and not invalid session id..  

 

 

 

ChrisOctagonChrisOctagon

I don't fully understand your question. You just need to pass in the opaque access token in the header. Which OAuth2 flow are you using?
ben.bben.b

ChrisOctagon,

 

Thanks for reply and help.

 

I figured it out - well at least the authentication piece in C#.  The problem was using an expired sessionId.

 

What confused me was that in other apps I have written (not C#) previously (including just a couple days ago), when session id was invalid, error would not be an http error (ie 401) but what looked like an application level error from SF web app ( in xml). I think it was something like  "invalid sessionid". I wonder if api ahs changed recently to return http 401 instead since I have not seen this before. 

 

Anyway, sorted that out (but stil have another problem - I'll probably post that seperately). 

 

But to answer your question regarding the flow. Got access_token by passing key, secret, callbackurl and code retrieved from url query string after authenticating.

 

Thanks again.

 

 
ChrisOctagonChrisOctagon

"Got access_token by passing key, secret, callbackurl and code retrieved from url query string after authenticating." Oh ok, you are using the web server flow then.

 

Where are you using a "session id"? Where is that coming from?

 

The Chatter API in production has not changed in the last few days.
ben.bben.b

Well that is term documentation uses like here for description of access_token


"Session ID that you can use for making Chatter API
requests. This session ID cannot be used in the user interface.
Treat this like a user's session and diligently protect it"

 

Also I think I found source of my confusion in documentation around error message in response body vs response code:

 

For http 401:

"The session ID or OAuth token used has expired or is invalid. The response body contains the
message and errorCode"  

 

You can also see the error if you query a resource (say feed-items) from a browser if unauthenticated.

 

Like this:

 

<Errors>
<Error>
<errorCode>INVALID_SESSION_ID</errorCode>
<message>Session expired or invalid</message>
</Error>
</Errors>

 

C# throws exception before can get the response body.   So nothing in API changed, just in the language I was using which handles 401 differently. So Operator error.

 

Thanks. . 

 
ChrisOctagonChrisOctagon

ahhhh ok, thanks for clearing that up :)
AASTHA JAIN 21AASTHA JAIN 21
Hello,

You can set endpoint as : objAuthenticationInfo.instance_url

 req1.setEndpoint( objAuthenticationInfo.instance_url + '/services/data/v47.0/query/?q=SELECT+name+from+VendorProductList__c' );

Thanks !