API Key is not working

[jimbobbennett]

Not sure if this is the right repo for this - I generated an API token following the docs, and I'm still getting unauthorized when I call the API.

[nickytonline]

Hmmm, my coworker @brandonroberts did a quick the and the token generated works with https://api.opensauced.pizza/#/Authentication%20service/checkAuthSession

[jpmcb]

This is working for me:

curl -X 'GET' \
  'https://api.opensauced.pizza/v2/auth/session' \
  -H 'accept: application/json' \
  -H 'Authorization: Bearer <redacted>'

where I grabbed my token from the hot.opensauced.pizza "Print auth token" method.

A few things to note:

• these JWT expire after short period of time (like 20 minutes) as they are only session tokens and do not automatically refresh from manual use via curl, postman, or another 3rd party API client. So, if this is a stale token, I'd try getting a new one and using that.
• Did your 3rd party application include Bearer in the authorization header? It'd be helpful to see the raw query it attempted to make (where your token is redacted).

[jimbobbennett]

Well found the issue...

It seems if I generate the token with Safari, it's not valid and I get a 401. If I use Edge it works.

Looks like Safari is truncating the API Key in the console output. There's a .<something> on the end of the key that Safari is losing.

Maybe something to add to the docs? I'll close this issue for now, thanks @nickytonline and @jpmcb

[nickytonline]

I'll go ahead and create an issue for that. Thanks @jimbobbennett!