WinHttp 5.1 oauth2 authentication Add Bearer Token to the header

mbugua699

Hi all,

I want to use WinHttp.SetRequestHeader('Authorization', "Bearer xyzACCESS_Token[952 Characters]_xyz") to send access token, but I get Message 401(Unauthorized).
The token expiry is 150s so there is enough time to send it. The examples available on forum are using Basic Authentification but I cannot use basic
in my scenario.

The length of the access token is 952.

Am using AUTOMATION 'Microsoft WinHTTP Services, version 5.1'.WinHttpRequest

Could there be anything am missing or is there a different approach to send the Bearer token?


My code :


WinHttp.Open('POST', url, FALSE);

WinHttp.SetRequestHeader('Accept', 'application/json');
WinHttp.SetRequestHeader('Accept-Language', 'en_US');
WinHttp.SetRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
WinHttp.SetRequestHeader('Authorization', AccessToken);

WinHttp.Send(NodeText.nodeValue);//sending Json

wait

I was working on this the other day, Not sure about the WinHTTP services, I used System.Net.Http

My approach was the following

LOCAL CallRESTWebService(BaseUrl : Text;Method : Text;RestMethod : Text;HttpContent : DotNet "System.Net.Http.HttpContent";VAR HttpResponseMessage : DotNet "System.Net.Http.HttpResponseMessage")
HttpClient := HttpClient.HttpClient();
HttpClient.DefaultRequestHeaders.Authorization := AuthenticationHeaderValue.AuthenticationHeaderValue('Bearer',GetToken);

MediaTypeWithQualityHeaderValue := MediaTypeWithQualityHeaderValue.MediaTypeWithQualityHeaderValue('application/json');
HttpClient.DefaultRequestHeaders.Accept.Add(MediaTypeWithQualityHeaderValue);

CASE RestMethod OF
  'GET' : HttpResponseMessage := HttpClient.GetAsync(Method).Result;
  'POST' : HttpResponseMessage := HttpClient.PostAsync(Method,HttpContent).Result;
  'PUT' : HttpResponseMessage := HttpClient.PutAsync(Method,HttpContent).Result;
  'DELETE' : HttpResponseMessage := HttpClient.DeleteAsync(Method).Result;
END;

HttpResponseMessage.EnsureSuccessStatusCode();

Works for me

BlackTiger

Your method should work.
Try to use "Uri" method instead of headers. Include "access_token=XXXXXXXXXXXXXXXXXXXX" in your request address - "https://your-address.com/something?access_token=XXXXXXXXXX&something_else=1"

ftornero

Hello @mbugua699,

Just a question in the line below the variable AccessToken is 'Bearer ' + the acces token, right ?

WinHttp.SetRequestHeader('Authorization', AccessToken);

Regards.

wait

I was working on this the other day, Not sure about the WinHTTP services, I used System.Net.Http

My approach was the following

LOCAL CallRESTWebService(BaseUrl : Text;Method : Text;RestMethod : Text;HttpContent : DotNet "System.Net.Http.HttpContent";VAR HttpResponseMessage : DotNet "System.Net.Http.HttpResponseMessage")
HttpClient := HttpClient.HttpClient();
HttpClient.DefaultRequestHeaders.Authorization := AuthenticationHeaderValue.AuthenticationHeaderValue('Bearer',GetToken);

MediaTypeWithQualityHeaderValue := MediaTypeWithQualityHeaderValue.MediaTypeWithQualityHeaderValue('application/json');
HttpClient.DefaultRequestHeaders.Accept.Add(MediaTypeWithQualityHeaderValue);

CASE RestMethod OF
  'GET' : HttpResponseMessage := HttpClient.GetAsync(Method).Result;
  'POST' : HttpResponseMessage := HttpClient.PostAsync(Method,HttpContent).Result;
  'PUT' : HttpResponseMessage := HttpClient.PutAsync(Method,HttpContent).Result;
  'DELETE' : HttpResponseMessage := HttpClient.DeleteAsync(Method).Result;
END;

HttpResponseMessage.EnsureSuccessStatusCode();

Works for me

wait

I also see that you have Content-Type x-www-form-urlencoded, I ran into some problems getting the Bearer Token, don't know if this helps you.

https://forum.mibuso.com/discussion/75345/generic-list-and-x-www-form-urlencoded-rest-api#latest

mbugua699

@ftornero Yes the variable AccessToken := "Bearer + the acces token" . I have used @wait method and was able to send the Bearer token. @BlackTiger thanks for reply, but I tried to add it to the url header but it did not work, maybe due to the specific api server.