POST Request: HTTPError: 401 Client Error: Unauthorized for url

reio · 1 August 2021 23:04

Recently I get this error while running a python script to test POST API Request.

Error: HTTPError: 401 Client Error: Unauthorized for URL:

The weird thing here is that It is working well with the same mechanism for GET API Requests.

I double-checked my credentials to make sure they are not the cause. I can access the same POST API via SWAGGER & Postman and executing them successfully.

I also debugged the following script, and I see that It fails when It reaches the “POST On Session” code line.

*** Settings ***
Library RequestsLibrary
Library Collections
Library Selenium2Library

Library String

Library OperatingSystem
Library SSHLibrary
Library JSONLibrary
Resource …/TestCases/Authentication.robot

*** Variables ***
${base_url} https://test.com

*** Test Cases ***

TC0002_POST_test
[Tags] post
Create Session    test    ${base_url}    verify=true
${RequestBody}=     create dictionary       testSku="string"    testCode="string"
${RequestHeader}=   create dictionary       Content-Type=application/json
${resp}=      POST On Session     test        /catalog/product/lookup/     data=${RequestBody}    headers=${RequestHeader}

Should Be Equal As Strings    ${resp.status_code}    200

damies13 · 1 August 2021 23:40

Hi Ahmed,

Since you have working examples with SWAGGER & Postman, I suggest you grab the request body and headers from your successful example and compare that to the request body and headers generated by RequestsLibrary, when you find a difference you’ll be in the track to figuring out the solution. It could be a missing/incorrect/extra header, or it could be something in the request body.

Hope this helps,

Dave.

reio · 2 August 2021 03:28

The issue’s still happening. I tried to compare them, and I found no difference between them. That’s too weird.

damies13 · 2 August 2021 04:26

Hi,

Are you able to post them here? I could have a look as sometimes it’s not obvious.

I need a working and a not working example to see the difference.

Also is there any response body, 401 is usually a not authorised, but I didn’t see any username password being entered anywhere, it may not need to be on this specific post request as long as it’s in the session, but it seems you are creating the session and then immediately doing a post request, do you need to do a login request first? or do you need to pass the authorisation credentials in the headers? or some other way?

Check with you SWAGGER & Postman examples and see how they are doing the authentication.

Dave.

damies13 · 2 August 2021 04:29

perhaps what you need instead of Create Session is Create Ntlm Session

reio · 2 August 2021 05:18

Request body & Header:

Response body & Header:

Swagger Request Body:

{
  "catalogLookup": [
    {
      "partnerSku": "string",
      "pskuCode": "string"
    }
  ]
}

Script Code Body:

${RequestBody}=     create dictionary       partnerSku="string"    pskuCode="string"

I have a doubt now that my body dictionary is not right and not matched the swagger request body.

For headers, I only check for Content-Type:

Script Code Header

${RequestHeader}=   create dictionary       Content-Type=application/json

reio · 2 August 2021 05:23

For Authentication:

I created another resource and imported it into the SETTINGS successfully.

*** Settings ***
Resource    ../TestCases/Authentication.robot

and then called it inside the test case to be run firstly

*** Test Cases ***

TC0002_POST_test

    ${cookies}=     State Machine Authentication Service API
    create session      testsession    ${base_url}    verify=true      proxies=https     cookies=${cookies}

I am not sure if I am using the “proxies=https” successfully or not, but I thought it may be the reason, so I inserted it.

damies13 · 2 August 2021 05:30

I would leave the proxies= bit out unless you know you need to go through a proxy server

FYI a proxy server address should look something like this: https://proxyserver:port/

but the documentation says that the proxies option requires a dictionary object, containing the proxy servers, not sure how that need to be formatted, but what you put there will defiantly not work.

damies13 · 2 August 2021 05:32

Do you have a user name and password that’s been provided to you for this end point?

You may just need the auth option on Create Session

auth List of username & password for HTTP Basic Auth

reio · 2 August 2021 05:32

I think we don’t need to deal with the proxies for now. I will remove it from the code.

damies13 · 2 August 2021 05:34

In you postman example is there anything on the authorization tab?

and are you able to show the request headers for either postman or swagger? you only showed the response headers.

damies13 · 2 August 2021 05:38

I expect you’ll need something like this:

${myauth}= 	Create List 	username 	password
create session      testsession    ${base_url}    verify=true      auth=${myauth}     cookies=${cookies}

lucagiove · 7 August 2021 19:33

try to use json= parameter instead of data

Nelson56 · 1 November 2021 04:55

Thanks for post, Really helpful and thankful for MyBalanceNow.

Topic		Replies	Views
Marked Expected Fail as Passed Test Case Robot Framework	30	3637	17 March 2023
Test passes with 'post request' but not 'POST On Session' RequestsLibrary	11	10108	2 June 2022
Automate post api by uploading (xlsx or csv or xml file) via robotFramework RequestsLibrary	2	839	7 September 2023
HTTPError: 500 Server Error: Internal Server Error for url Robot Framework	9	900	28 October 2023
When sending a post it returns error 400 bad request for url Robot Framework	13	403	10 May 2024

POST Request: HTTPError: 401 Client Error: Unauthorized for url

Related topics