Postman with Production Environment

Cody_Eddings · November 16, 2022, 8:31pm

I’m trying to use Postman to trigger some API calls in our Dwolla Prod environment, but I keep getting 401 Unauthorized responses on every endpoint:

{
    "code": "InvalidCredentials",
    "message": "Missing or invalid Authorization header."
}

I’m simply trying to generate a bearer token with the https://api.dwolla.com/token endpoint by using the client_id and client_secret from the Dwolla prod dashboard, but alas I still get 401s.

Alternatively, i’ve also tried to set the client_id and client_secret as environment variables instead of using them as params in the Basic Auth fields but no matter what I still get 401s.

The same approach works fine when I use the Dwolla Sandbox env, but it breaks for production. What am I doing wrong?

spencer · November 17, 2022, 2:31pm

Hi @Cody_Eddings , I’m not seeing a green dot on the body tab so I’m wondering if one is not set for this request. Here’s an example of what mine looks like:

I would try hardcoding your production client id and client secret in the username and password field to see if that works.

Cody_Eddings · December 6, 2022, 8:01pm

Turns out I was missing the body for the request.

With Content-Type: application/x-www-form-urlencoded header, the request is sent to the token endpoint with grant_type=client_credentials in the body of the request.