To Make an API Call with an Oauth Token

How to pass an (OAuth) access token in an API call?

Thanks @Maxcot for the confirmation. Following on from my initial comment about the Authorization element being a request header rather than query param, there's another niggle.

In the printed headers

>>> Headers: {'Content-Type': 'application/json', 'Authorization': 'Bearer:aaaaa3LRm6frS4FwZvB3ZMZwdKVNMCEBpBvlFwbT'}

there's an error. The Authorization header must be formed like this:

Authorization: Bearer $yourBearerToken

so you're mostly right but have an extraneous :. Using your example token text, the header should be

Authorization: Bearer aaaaa3LRm6frS4FwZvB3ZMZwdKVNMCEBpBvlFwbT

If you were exporting this as a shell variable, it would be

export AUTH="Authorization: Bearer aaaaa3LRm6frS4FwZvB3ZMZwdKVNMCEBpBvlFwbT"

but since you're using this in Python, the headers are

headers = {
    "Content-type": "application/json",
    "Authorization": "Bearer aaaaa3LRm6frS4FwZvB3ZMZwdKVNMCEBpBvlFwbT"
}

Make an API call with variable token with OAuth 2.0

I've resolved my problem by changing method to POST.
I had an error in the script.
So, new script looks like that:

let tokenUrl = 'tokenUrl';
let clientId = 'clientId';
let clientSecret = 'secret';
let scope = 'scope'

let getTokenRequest = {
    method: 'POST',
    url: tokenUrl,
    auth: {
        type: "basic",
        basic: [
            { key: "username", value: clientId },
            { key: "password", value: clientSecret }
        ]
    },
    body: {
        mode: 'formdata',
        formdata: [
            { key: 'grant_type', value: 'client_credentials' },
            { key: 'scope', value: scope }
        ]
    }
};

pm.sendRequest(getTokenRequest, (err, response) => {
    let jsonResponse = response.json(),
        newAccessToken = jsonResponse.access_token;

    console.log({ err, jsonResponse, newAccessToken })

    pm.environment.set('accessToken', newAccessToken);
    pm.variables.set('accessToken', newAccessToken);
});

To make an API call with an oAuth token

#!/usr/bin/env ruby
require 'rubygems'
require 'oauth'
require 'json'

You need to get your access_token (OAuth::AccessToken).

# Initialisation based on string values:
consumer_key = 'AVff2raXvhMUxFnif06g'
consumer_secret = 'u0zg77R1bQqbzutAusJYmTxqeUpWVt7U2TjWlzbVZkA'
access_token = 'R1bQqbzYm0zg77tAusJzbVZkAVt7U2T'
access_token_secret = 'sVbVZkAt7U2TjWlJYmTxqR1bQqbzutAuWzeUpu0zg77'

@consumer = OAuth::Consumer.new(consumer_key, consumer_secret, {:site=>'http://my.site'})
accesstoken = OAuth::AccessToken.new(@consumer, access_token, access_token_secret)

Once you have your OAuth::AccessToken object, you do :

json_response = accesstoken.get('/photos.xml')
# or
json_response = accesstoken.post(url, params_hash)

etc.

The response is a json object. To read it, you can do :

response = JSON.parse(json_response.body)
# which is a hash
# you just access content like
id = response["id"]

Requesting an API call that requires an oauth token in python

In the post_data() function, you can add your generated token to the headers

headers = {'Content-type': 'application/json','Authorization': 'token ***'}

*** is your generated token

REST API & oAuth - How to make call with token and secret?

The REST request will have the full OAuth header in the Authorization Header and the URL will be the URL of the resource you are requesting. The token and secret are used by that OAuth code to generate the header.

---

Related Topics