@danny-dainton
I am currently testing the API for a product called polar.
worked fine but
The endpoint did not work.
I thought I had the required parameters and such, so I contacted the product source and received the following reply.
Otherwise your request looks good but when you request the token you should include "grant_type=authorization_code&code=<AUTHORIZATION_ CODE_GOES_HERE>&redirect_uri=<YOUR_REDIRECT_URI>" as plain/raw text in the body of your post request.
I tried again after seeing this, but it still does not work.
(It is an invalid_request.)
Here is what I tried
Turn off “Encode URL automatically” from “Setting” menu.
Set Body to “raw” and “Text” and add grant_type=authorization_code&… Enter “grant_type=authorization_code&…”.
Set “Body” to “form-data” and enter the grant_type, code, etc.
Please advise me what to try other than the above.
Within the documentation, you have examples detailed on the right.
If you select the option for “Shell”, you will get a example request using cURL which you can copy and paste into Postman to generate a new request.
curl -X POST https://polarremote.com/v2/oauth2/token \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'Accept: application/json' \
-H 'Authorization: Basic dGhpc2RvZXNudDpkb2FueXRoaW6s' \
--data-urlencode "grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA"
This request looks like the following.
Body…
Headers…
You can also use the Authorization helpers (the authorization tab) to automatically generate an authorization code and the corresponding token (and add the authorization data to the header).
The authorization code grant type requires browser interaction to mimic completely and this is what the authorization helpers are there for.
Thank you for your support.
I am trying based on the answers you gave me, but it is still not working.
I did indeed generate a request by pasting the shell and rewrote the necessary information, but I still got the same invalid_request error.
Incidentally, I got the same invalid_request when I hit it with shell instead of postman.
I’m wondering if I’m doing something fundamentally wrong, so I’m contacting polar’s product support in parallel.
If there is anything else I can try on postman, I would appreciate your advice.
I would be very happy to hear from anyone who has actually developed using polar products…
How are you generating the authorization code?
I would recommend that you try the OAuth option within the authentication helper, select Authorization code as the grant type, fill in all of the details and this should do both parts of the authentication workflow. (Getting the authorization code and then translating it for the token). The first part will require browser interaction.
On a side note, 400 bad request errors are normally due to the request being incorrectly formatted. Rather than an authentication error caused by an invalid code which should be a different error code.
The documentation is fairly typical and doesn’t look that complicated. The only two places you need to enter your data is the Authorization value in the header and the code in the body. (So I can’t see why it would generate a 400 bad request instead of an authentication error).
There is a bit in the documentation about the redirect_uri. This must be specified if redirect_uri was passed to authorization endpoint (hence the question around how you generated the authorization code).
Make sure that you haven’t duplicated the authorization (as I can see that you have the body set but you also have something in the authorization tab).
From the documentation…
If error occurs during request, result JSON object will be
- error (string) = Error type identifier, with following possible values:
- invalid_request: The request is missing a required parameter, includes an unsupported parameter value (other than grant type), repeats a parameter, includes multiple credentials, utilizes more than one mechanism for authenticating the client, or is otherwise malformed.
Finally, check the console log for the request. You can check the headers and body, and ensure that it looks correct. Hasn’t got duplicate headers, etc.
