The example on the page lists Authorisation as: Basic bXlfYXBpX2tleTo=
So on that note, ‘Basic’ is the token_type, but where do I get the access_token from??? When I try and enter my api key here, I get an error every single time:
0 error
Failure while contacting API. Some possible causes are connection problems or cross-origin resource sharing protection. Please check javascript domains registered against APIKey / OAuth2 registration.
If access_token was clickable I’d be able to follow it to a definition like any sane person would do, but no, that makes too much sense.
Apologies about the tone of this but I am incredibly frustrated at what should be a very simple task…
The access_token is your key followed by a colon (essentially key:password where there is no password), so the entire thing is
Basic yourAPIkey:
This is hinted at here and there, but it’s really not clear in the documentation and it’s (the colon) is still explicitly absent in the examples.
That said I have never been able to get any of the website tools for the document API to work and have only ever got the same resource sharing error you’ve pasted here. Have they ever worked for anyone?
Unfortunately the “try it out” function on the developer site for document metadata and document retrievals is broken, and needs to be resolved. Once fixed you will not be required to enter the authorization field as this is provided by the API key selected.
Apologies for the error on this page and will look to resolve as soon as possible.
With regards to retrieving documents and authorisation the attached post maybe of interest.
Is the ‘try it out’ function on the developer site for document metadata and document retrievals still broken? it seems to still behave as described above on 9th March 2016.
The issue is still on the backlog and has yet to be resolved. Apologies this is taking so long to resolve but we have a number of higher priority fixes and features we are working through. Rest assured it’s not been forgotten.
Thanks very much for confirming what I suspected, Mark. In the interim, though, could someone not mark the pages that don’t work, so people don’t waste time thinking they are doing something wrong?
I would assume that. I just found this thread after 1/2 day trying different approaches for testing the document-API. When is this issue going to be looked into, realistically?
Could someone please confirm whether I can retrieve documents using the Fetch Document API functionality. I am aware that the test functionality in the website is broken.
Second the above question. Whatever I try while fetching a document using Documents API, all I get is status code 500. Maybe the documentation was not updated and we need to do a different request? Please help with this.
@rhariharan Yes, it does work as we use this API all the time.
I’ll just go with the most likely causes @reybravin - if you’ve got more detailed info post it. This issue mostly appears due to the way people (or rather - the framework / library / REST software they’re using) send the API key.
If you go through the authorization docs step-by-step (ideally using something really simple for debugging like e.g. cUrl) it should be clear. There were still some issues with other parts of the documentation last time I looked (e.g. the “test” facility being broken for one) but this part worked for me.
For an example of someone fixing this work through the information in the following thread (ignore that they’re using Postman). Hopefully that’ll also fix things for you:
…and (when you check) the error is actually coming from Amazon. This may occur since CH actually send you a redirect to Amazon (who hold the data) and at that point if you send them your API key and http basic header they’ll get confused. See the following thread:
Detail about this 500 error.
Aside from not expecting a 500 error for a password issue the stumbling blocks seem to be:
“API key” is actually the user-ID part of the http basic authorization and there is no password part. So the “username and password” you send which http basic wants like this:
username:password
…is actually:
MY_API_KEY:
The other trap is if you’re building the http header yourself (e.g. not when using cUrl, many libraries etc.) you need to encode the whole “username:password” using Base64.