https://community.qlik.com/t5/Integration-Extension-APIs/401-Unauthorized-Code-quot-AUTH-1-quot-when-calling-login-jwt/m-p/2428695#M20160 <DIV class="p-rich_text_section">Hi everyone.</DIV> <DIV class="p-rich_text_section">&nbsp;</DIV> <DIV class="p-rich_text_section">I'm getting a 401 - Unauthorized response with code "AUTH-1" when calling the<SPAN>&nbsp;</SPAN><CODE class="c-mrkdwn__code" data-stringify-type="code">/login/jwt-session</CODE><SPAN>&nbsp;</SPAN>endpoint from a local session proxy built with express modeled after the<SPAN>&nbsp;</SPAN><A class="c-link" href="https://qlik.dev/authenticate/jwt/jwt-proxy/quickstart-qlik-jwt-proxy/" target="_blank" rel="noopener noreferrer" data-stringify-link="https://qlik.dev/authenticate/jwt/jwt-proxy/quickstart-qlik-jwt-proxy/" data-sk="tooltip_parent">Implement a Qlik Cloud session cookie proxy</A>&nbsp;example:</DIV> <DIV class="p-rich_text_section"><LI-CODE lang="javascript">const resp = await fetch(`https://${tenantUri}/login/jwt-session`, { method: 'POST', headers: { Authorization: `Bearer ${token}`, }, })</LI-CODE></DIV> <DIV class="p-rich_text_section">That error is unexpected because:</DIV> <OL class="p-rich_text_list p-rich_text_list__ordered" data-stringify-type="ordered-list" data-indent="0" data-border="0"> <LI data-stringify-indent="0" data-stringify-border="0">The same setup was working earlier this week</LI> <LI data-stringify-indent="0" data-stringify-border="0">I don't get the "details" field on the response, all I get is:<SPAN>&nbsp;</SPAN><CODE class="c-mrkdwn__code" data-stringify-type="code">{"errors":[{"title":"Unauthorized","code":"AUTH-1","status":"401"}],"traceId":"bfd31bd2cb66b875ef9a975bb1ca91bc"}</CODE></LI> <LI data-stringify-indent="0" data-stringify-border="0">If I copy the exact same token and use it on Postman, the call is successful</LI> </OL> <DIV class="p-rich_text_section">I'm kinda stumped trying to fix this, since I can't find what "code":"AUTH-1" means anywhere and I also don't know what to do with that traceId. Anyone has any ideas to help with debugging?</DIV> Fri, 08 Mar 2024 11:44:11 GMT pperdigo 2024-03-08T11:44:11Z https://community.qlik.com/t5/Integration-Extension-APIs/401-Unauthorized-Code-quot-AUTH-1-quot-when-calling-login-jwt/m-p/2428695#M20160 <DIV class="p-rich_text_section">Hi everyone.</DIV> <DIV class="p-rich_text_section">&nbsp;</DIV> <DIV class="p-rich_text_section">I'm getting a 401 - Unauthorized response with code "AUTH-1" when calling the<SPAN>&nbsp;</SPAN><CODE class="c-mrkdwn__code" data-stringify-type="code">/login/jwt-session</CODE><SPAN>&nbsp;</SPAN>endpoint from a local session proxy built with express modeled after the<SPAN>&nbsp;</SPAN><A class="c-link" href="https://qlik.dev/authenticate/jwt/jwt-proxy/quickstart-qlik-jwt-proxy/" target="_blank" rel="noopener noreferrer" data-stringify-link="https://qlik.dev/authenticate/jwt/jwt-proxy/quickstart-qlik-jwt-proxy/" data-sk="tooltip_parent">Implement a Qlik Cloud session cookie proxy</A>&nbsp;example:</DIV> <DIV class="p-rich_text_section"><LI-CODE lang="javascript">const resp = await fetch(`https://${tenantUri}/login/jwt-session`, { method: 'POST', headers: { Authorization: `Bearer ${token}`, }, })</LI-CODE></DIV> <DIV class="p-rich_text_section">That error is unexpected because:</DIV> <OL class="p-rich_text_list p-rich_text_list__ordered" data-stringify-type="ordered-list" data-indent="0" data-border="0"> <LI data-stringify-indent="0" data-stringify-border="0">The same setup was working earlier this week</LI> <LI data-stringify-indent="0" data-stringify-border="0">I don't get the "details" field on the response, all I get is:<SPAN>&nbsp;</SPAN><CODE class="c-mrkdwn__code" data-stringify-type="code">{"errors":[{"title":"Unauthorized","code":"AUTH-1","status":"401"}],"traceId":"bfd31bd2cb66b875ef9a975bb1ca91bc"}</CODE></LI> <LI data-stringify-indent="0" data-stringify-border="0">If I copy the exact same token and use it on Postman, the call is successful</LI> </OL> <DIV class="p-rich_text_section">I'm kinda stumped trying to fix this, since I can't find what "code":"AUTH-1" means anywhere and I also don't know what to do with that traceId. Anyone has any ideas to help with debugging?</DIV> Fri, 08 Mar 2024 11:44:11 GMT https://community.qlik.com/t5/Integration-Extension-APIs/401-Unauthorized-Code-quot-AUTH-1-quot-when-calling-login-jwt/m-p/2428695#M20160 pperdigo 2024-03-08T11:44:11Z https://community.qlik.com/t5/Integration-Extension-APIs/401-Unauthorized-Code-quot-AUTH-1-quot-when-calling-login-jwt/m-p/2431155#M20213 <P>Hey&nbsp;<a href="https://community.qlik.com/t5/user/viewprofilepage/user-id/177413">@pperdigo</a>&nbsp;, compare request headers from your code and Postman, maybe you are missing something. If it works from Postman, should work from your code as well.</P> Fri, 15 Mar 2024 08:30:07 GMT https://community.qlik.com/t5/Integration-Extension-APIs/401-Unauthorized-Code-quot-AUTH-1-quot-when-calling-login-jwt/m-p/2431155#M20213 alex_colombo 2024-03-15T08:30:07Z https://community.qlik.com/t5/Integration-Extension-APIs/401-Unauthorized-Code-quot-AUTH-1-quot-when-calling-login-jwt/m-p/2441313#M20362 <P>Hi Alex! Thanks for the reply</P> <P>If I remender correctly, the headers were matching. Another weird thing I noticed after making this post is that if I ran the code from another device, the error wouldn't happen.</P> <P>And as it turns out, a few days later, the code started working again on my main workstation and hasn't returned, so I just chalked it up to some browser weirdness.</P> Mon, 15 Apr 2024 14:14:03 GMT https://community.qlik.com/t5/Integration-Extension-APIs/401-Unauthorized-Code-quot-AUTH-1-quot-when-calling-login-jwt/m-p/2441313#M20362 pperdigo 2024-04-15T14:14:03Z