Welcome to the Onshape forum! Ask questions and join in the discussions about everything Onshape.
First time visiting? Here are some places to start:- Looking for a certain topic? Check out the categories filter or use Search (upper right).
- Need support? Ask a question to our Community Support category.
- Please submit support tickets for bugs but you can request improvements in the Product Feedback category.
- Be respectful, on topic and if you see a problem, Flag it.
If you would like to contact our Community Manager personally, feel free to send a private message or an email.
OAuth: 401 error when attempting to get a token
james_mann066
Member Posts: 2 ✭
in General
I'm in the process of handling the OAuth page lifecycle for an app in Onshape. I am using the guide called "Using OAuth 2.0 with Onshape" on the Developer Portal. I'm testing the page lifecycle in a crude manner via the OnshapeWindowsSample project from GitHub.
I've registered the application and setup the response page to be at localhost. Thats all good.
I direct the user to a URL from which they log in and I get back a "code" in the querystring. Thats also good.
But then I attempt to create a http form request containing some data plus the authorisation code from above. This is where I am getting a 401 error: "The remote server returned an error: (401) Unauthorized."
I'm getting this error using the exact code provided by Onshape on GitHub so I'm a little confused why I'm getting this error.
Any ideas?
I've registered the application and setup the response page to be at localhost. Thats all good.
I direct the user to a URL from which they log in and I get back a "code" in the querystring. Thats also good.
But then I attempt to create a http form request containing some data plus the authorisation code from above. This is where I am getting a 401 error: "The remote server returned an error: (401) Unauthorized."
I'm getting this error using the exact code provided by Onshape on GitHub so I'm a little confused why I'm getting this error.
Any ideas?
Tagged:
0
Comments
The body of the form needs to contain the client ID, client secret, authorization_code (the code you get in the query string you mentioned) - additionally if you specified a redirect URL it needs to be included in the POST body too.
Each of the parameters in the POST body need to be URL encoded - this especially important for the Client ID and secret since either or both may contain multiple trailing '=' characters which must be converted to '%3D' and must be in the POST body. You should only encode the individual values in the form - encoding the entire form will cause all the '=' characters to be replaced, including those required to separate form values & form keys.
I've seen some higher level HTML/HTTP frameworks do the URL encoding of form values for you automagically. Which can mean that the form contents get double-encoded, which will also cause failures. Being familiar with the details of any helper framework you're using is a good thing :-)
Lastly - if you want to email 'api-support@onshape.com' we can provide you with some more personalized support.