Forum Discussion

jodydowling's avatar
jodydowling
New Contributor
5 years ago

Missing header

When submitting a request with an Authorization header, it seems to be stripped out when it is received.  Message returned is "Bad Request: The authorization header is null or empty or isn't bearer. Please contact support."  Developers verify that the header is missing, not that the token is null or empty.

 

Request works fine in Postman, just not Ready API.  This broke when the service was moved to Azure. 

 

  • richie's avatar
    richie
    5 years ago
    Hey jodydowling,

    So the request doesnt even include the Authorization header, not that the value is blank, right?

    Well thats a new one on me.

    Can you clarify the authorisation scheme being used in your request? Basic auth? OAuth?
    When you use (for example) basic auth, the Auth header is dynamically created based on (if i can remember correctly) a base64 encode of the username and password. If for some reason the Authorization header isnt being generated or the value isnt being generated you can hard code the Authorization header (along with the value) to force the presence of the missing Auth header in your request.

    When you add the header, make sure you spell it correctly or it wont work.
    The reason im saying this is that (im british and you spell Authorization as Authorisation...however, the headers spelling is US english....spelled with the 'z'

    Ok, thats it. Force the presence of the header by actually adding an Authorization header and you should be golden!

    Nice one,

    Rich
  • richie's avatar
    richie
    Community Hero
    5 years ago
    Hey jodydowling,

    So the request doesnt even include the Authorization header, not that the value is blank, right?

    Well thats a new one on me.

    Can you clarify the authorisation scheme being used in your request? Basic auth? OAuth?
    When you use (for example) basic auth, the Auth header is dynamically created based on (if i can remember correctly) a base64 encode of the username and password. If for some reason the Authorization header isnt being generated or the value isnt being generated you can hard code the Authorization header (along with the value) to force the presence of the missing Auth header in your request.

    When you add the header, make sure you spell it correctly or it wont work.
    The reason im saying this is that (im british and you spell Authorization as Authorisation...however, the headers spelling is US english....spelled with the 'z'

    Ok, thats it. Force the presence of the header by actually adding an Authorization header and you should be golden!

    Nice one,

    Rich
    • sonya_m's avatar
      sonya_m
      SmartBear Alumni (Retired)
      5 years ago

      Thanks a lot for the valuable input here Richie🙂

       

      Hi jodydowling! Does this advice help?

      • jodydowling's avatar
        jodydowling
        New Contributor
        5 years ago

        I manually add the header and it appears in the Raw Request, however, I still get the message.  As noted in my original inquiry, this works fine in Postman and worked previously in Ready API.  It broke when the service was moved to AZURE.  I suspect that some security function is stripping out the header, but was looking to see if anyone else has experienced any issues after the services moved to the cloud.

         

        POST https://cplxxxxuture.abc.com/v3/ABCManagement.svc HTTP/1.1
        Accept-Encoding: gzip,deflate
        Content-Type: text/xml;charset=UTF-8
        SOAPAction: "GetABCMetaData"
        Authorization: Bearer eyJhbGciOiJSUzI1UrkpgYaXznJhPNPCEfbnsLJiJYwg
        ClientID: A42F5
        Content-Length: 937
        Host: cpltrainfuture.fnf.com
        Connection: Keep-Alive
        User-Agent: Apache-HttpClient/4.5.2 (Java/12.0.1)