I am issuing a request via chrome:
[org]/api/data/v8.1/accounts?$select=name,accountid&$top=3
and I get a reasonable response:
{
"@odata.context":"[org]/api/data/v8.1/$metadata#accounts(name,accountid)","value":[
{
"@odata.etag":"W/\"769209\"","name":"Telco","accountid":"c6ed63e0-9664-e411-940d-00155d104b35"
},{
"@odata.etag":"W/\"752021\"","name":"Fourth Coffee","accountid":"d1eefc0a-3ebc-e611-80be-24be051ac8a1"
},{
"@odata.etag":"W/\"768036\"","name":"Fourth Coffee","accountid":"3cbb8d24-20bd-e611-80c0-24be051ac8a1"
}
]
}
However, when attempting to do the same GET through postman, I am getting a 401 unauthorized!
I've tried with no headers at all, as well as basic auth:
Authorization:Basic Y2hybGFiXxxxxxxxxxxxxxcmQxMjM=
What am I doing wrong? Is there something I need to change within CRM to allow me to do GETs from postman?
The following are headers that Chrome uses (got this from DevTools):
Make sure that the URL is typed correctly. Verify the API documentation of the service you are trying to reach and make sure you have selected the right authorization type in Postman. Visit the service provider's page and look for a Sign in link. Enter your credentials and then try the page again.
The 401 (Unauthorized) status code indicates that the request has not been applied because it lacks valid authentication credentials for the target resource.
Step 1 − Click on the three dots beside the Collection name in Postman and select the option Edit. Step 2 − The EDIT COLLECTION pop-up comes up. Move to the Authorization tab and then select any option from the TYPE dropdown. Click on Update.
First, login into CRM and leave the tab sitting there.
Go into POSTMan
Enable the Interceptor (see image)
Enter the URL and hit SEND, just like that. POSTMan will take care of cookies and headers on its own, and you'll see the results.
If you logout from CRM, POSTMan will obviously no longer be able to issue the requests and will return 401 instead.
It seems like the server you are calling requires RFC 4559 (https://www.rfc-editor.org/rfc/rfc4559) authentication. More details here: https://en.wikipedia.org/wiki/SPNEGO.
The way it works in the case of a GET request from the browser:
I am not aware of a tool that will let you do this (simulate a browser) if you are trying to automate requests against the server (which is probably an internal/intranet company site). Your best course of action may be some form of scripting (like VBS) which will use IE via COM and possibly handle this authentication for you (I have not done this, so not sure if it will indeed work).
You are trying to access from the postman chrome extension or through the postman( windows based) installed application on your system.Try to fetch the data from chrome extension.
I used the following steps and it was ok. Follow the steps, below:
Extention
Interceptor
ExtentionExtention
Sync
Interceptor
In my case in .NET project i had two different authentication schemes in my Startup.cs
. I removed the older one and added its auth services and it worked.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With