500 Error on /api/v1/locks (oauth) [SOLVED]


#1

Trying to use the access token via the Authorization header. the following curl statement gets me an “Oops, something went wrong” HTML page and a 500 status code.

curl -H “Authorization: Bearer my_token” -v https://api.lockitron.com/v1/locks

Using the exact same access_token via GET parameter works fine.


#2

@royvandewater okay, I need to look into the authorization header; although we mention that in the docs I’m unsure whether we’ve supported authorization by headers for a while; I recommend GET with the access_token in the query string in the meantime.


#3

We just had another developer ask about this and I’ve finally gotten to the bottom of it. There is something off with the naming of the token. As such, the solution to use header authentication is as follows:

curl -H “Authorization: OAuth $my_token” -v https://api.lockitron.com/v2/locks

By the way, we highly recommend moving away from the v1 API as we’re looking to deprecate it soon.


Using cURL with Lockitron API
#4

Yeah it looks like even though the token is provided with bearer as the strategy, it does not use that strategy.


#5

@wtf_shawn correct; it’s a bearer strategy but wires were crossed and you need to state OAuth instead. Will investigate, but will likely need to retain the OAuth “hack” for older clients.