How to use the API from a development environment

I am developing my app from a localhost on my computer. I have an issue getting the authorization token. When I try to get the authorization code in step 5 of: I get a network error : net::ERR_HTTP2_PROTOCOL_ERROR. I think this is because of the lack of an ssl certificate.

How can I use the API to develop on my localhost?

Can you share some of the code you’re using? One thing to try would be doing it all manually via curl or postman or something to rule out your code.

      fetch( `${code}`, {
        method: 'POST',
        headers: {
          'Content-Type': 'application/x-www-form-urlencoded',
          'Host': '',
          'Authorization': 'Basic fdakjfhdksfhdsufhdsiufhadifofafds'

Code is the code returned in the url. I made up the auth-key.

I would try seeing if you can get an access token manually by doing the requests. That would determine if the issue is with your code or not.

Also what is the exact error you’re getting? I.e. what is in the response body of the request?

This is the error I get where usually a status code is shown.

If I omit the authorization header I do get a response ( {"error":"invalid_client","error_description":"Missing or invalid client credentials."})

This is the next step I would take, then we can go from there.

You don’t need an ssl certificate.

ESI never initiates a connection to your server, it only responds to it.
As long as your client can talk to your server, it’s fine.

If you don’t have a certificate, just make sure that the return url that you set in your application doesn’t have https in it.

It works with postman. I used the generated code from postman ( in angular9 ) and I keep getting the same error.

this.route.queryParamMap.subscribe( params => {
let code = params.get('code');
// postman code
var myHeaders = new Headers();
myHeaders.append("Content-Type", "application/x-www-form-urlencoded");
myHeaders.append("Host", "");
myHeaders.append("Authorization", "Basic NThmYjljMGEwMWM5NGI1ODhkNmUzYzVlMTQ4NjYyYjQ6eVRUUzFGRTBjR2dwRjhEZEN1MWhMSE5YNk5RMFIwdUtZTzBNZkpCZw==");
myHeaders.append("Content-Type", "application/x-www-form-urlencoded");

var urlencoded = new URLSearchParams();
urlencoded.append("grant_type", "authorization_code");
urlencoded.append("code", code);

fetch("", {
  method: 'POST',
  headers: myHeaders,
  body: urlencoded,
  redirect: 'follow'
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
// end postman code

In firefox I get a more useful message: ‘Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at (Reason: CORS request did not succeed).’


This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.