I have to make an API call. In documentation there is an example URL that I have to use to pass parameters including authorization and it looks like this:
https://.com/create/shipment_?username=your_username_here?password=your_password_here?address=street1?package=t-shirtbox
But since API uses post method I can`t do it over http. I have to make an actual post request.
I have tried curl:
$url = https://.com/create/shipment_?username=your_username_here?password=your_password_here?address=street1?package=t-shirtbox
$username = 'username';
$password = 'password';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$output = curl_exec($ch);
$info = curl_getinfo($ch);
$httpCode = curl_getinfo($ch , CURLINFO_HTTP_CODE);
$response = curl_exec($ch);
if ($response === false) $response = curl_error($ch);
curl_close($ch);
I get back response:
Unauthorized. This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.
I have tried php and the result is the same.
$options = array(
'http' => array(
'method' => 'POST',
'header'=> "Content-Type: application/json
" .
"Accept: application/json
".
"Authorization: Basic ". base64_encode("username:password") ."
".
"GEOClient: account/123456
".
"Content-Length: 0"
)
);
$context = stream_context_create($options);
$result = file_get_contents($url, false, $context);
response is Unauthorized.
Support team says that Username and password they gave me for that account are valid.
I also used tools like postman and SOAP UI to test that URL but response is also unauthorized.
What would be the approach to execute such a request and what would be the right way to pass in username, password and all the rest of the data such as address etc.
Thanks!
If you can't call the API like postman, you need to determine to the other party whether the account & password needs to be encrypted and whether the other party has set IP restrictions.
I found a solution. It appears that the client has sent me a wrong link. That much for several hours of wrapping my head around this.