cancel
Showing results for 
Search instead for 
Did you mean: 

Missing header

SOLVED
Highlighted
New Contributor

Missing header

When submitting a request with an Authorization header, it seems to be stripped out when it is received.  Message returned is "Bad Request: The authorization header is null or empty or isn't bearer. Please contact support."  Developers verify that the header is missing, not that the token is null or empty.

 

Request works fine in Postman, just not Ready API.  This broke when the service was moved to Azure. 

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Community Hero

Re: Missing header

Hey @jodydowling,

So the request doesnt even include the Authorization header, not that the value is blank, right?

Well thats a new one on me.

Can you clarify the authorisation scheme being used in your request? Basic auth? OAuth?
When you use (for example) basic auth, the Auth header is dynamically created based on (if i can remember correctly) a base64 encode of the username and password. If for some reason the Authorization header isnt being generated or the value isnt being generated you can hard code the Authorization header (along with the value) to force the presence of the missing Auth header in your request.

When you add the header, make sure you spell it correctly or it wont work.
The reason im saying this is that (im british and you spell Authorization as Authorisation...however, the headers spelling is US english....spelled with the 'z'

Ok, thats it. Force the presence of the header by actually adding an Authorization header and you should be golden!

Nice one,

Rich
if this helped answer the post, could you please mark it as 'solved'? Also if you consider whether the title of your post is relevant? Perhaps if the post is solved, it might make sense to update the Subject header field of the post to something more descriptive? This will help people when searching for problems. Ta

View solution in original post

3 REPLIES 3
Highlighted
Community Hero

Re: Missing header

Hey @jodydowling,

So the request doesnt even include the Authorization header, not that the value is blank, right?

Well thats a new one on me.

Can you clarify the authorisation scheme being used in your request? Basic auth? OAuth?
When you use (for example) basic auth, the Auth header is dynamically created based on (if i can remember correctly) a base64 encode of the username and password. If for some reason the Authorization header isnt being generated or the value isnt being generated you can hard code the Authorization header (along with the value) to force the presence of the missing Auth header in your request.

When you add the header, make sure you spell it correctly or it wont work.
The reason im saying this is that (im british and you spell Authorization as Authorisation...however, the headers spelling is US english....spelled with the 'z'

Ok, thats it. Force the presence of the header by actually adding an Authorization header and you should be golden!

Nice one,

Rich
if this helped answer the post, could you please mark it as 'solved'? Also if you consider whether the title of your post is relevant? Perhaps if the post is solved, it might make sense to update the Subject header field of the post to something more descriptive? This will help people when searching for problems. Ta

View solution in original post

Highlighted
Community Manager

Re: Missing header

Thanks a lot for the valuable input here Richie🙂

 

Hi @jodydowling! Does this advice help?


Sonya Mihaljova
Community and Education Specialist

Did my reply answer your question? Give Kudos or Accept it as a Solution to help others. ⬇️⬇️⬇️
Highlighted
New Contributor

Re: Missing header

I manually add the header and it appears in the Raw Request, however, I still get the message.  As noted in my original inquiry, this works fine in Postman and worked previously in Ready API.  It broke when the service was moved to AZURE.  I suspect that some security function is stripping out the header, but was looking to see if anyone else has experienced any issues after the services moved to the cloud.

 

POST https://cplxxxxuture.abc.com/v3/ABCManagement.svc HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: text/xml;charset=UTF-8
SOAPAction: "GetABCMetaData"
Authorization: Bearer eyJhbGciOiJSUzI1UrkpgYaXznJhPNPCEfbnsLJiJYwg
ClientID: A42F5
Content-Length: 937
Host: cpltrainfuture.fnf.com
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.5.2 (Java/12.0.1)

New Here?
Join us and watch the welcome video:
Announcements
Top Kudoed Authors