Discogs API : Can't get anything else than "401 You must authenticate to access this resource."

Question

I did the Oauth flow like the docs says and got the oauth_token and the oauth_token_secret, then from my nodejs server I tried this request :

request.get({
headers: {
    "User-Agent": "FooBarApp/3.0",
    "Authorization": {
        oauth_token:"my token",
        oauth_token_secret: "my secret token",
        "OAuth oauth_consumer_key":"mykey",
        "oauth_nonce":Date.now(),
        "oauth_signature":"mypass&",
        "oauth_signature_method":"PLAINTEXT",
        "oauth_timestamp":Date.now(),
        "oauth_verifier":"users_verifier"
    },
    "Content-Type": "application/x-www-form-urlencoded"
},
url: "https://api.discogs.com/oauth/identity"

I also tried to remove all parameters in "authorization" except my two tokens but nohting work. Any clues ?

Answer 1

The documentation is wrong and Discogs is probably too lazy to update it. I've tried to send corrections for the docs to the technical team but it's a dead end.

Their authentication mechanism IS NOT OAuth 1.0 Revision A compliant even tho they advertise otherwise.

In the meantime, here are the headers you need to make an authenticated request:

const request = require('request');

const options = {
  url: 'https://api.discogs.com/oauth/identity',
  headers: {
    'Content-Type': 'application/x-www-form-urlencoded',
    'Authorization': 'OAuth oauth_consumer_key="YOUR_CONSUMER_KEY", oauth_nonce="' + Date.now() + '", oauth_token="OAUTH_TOKEN_RECEIVED_FROM_STEP_4", oauth_signature="YOUR_CONSUMER_SECRET&OAUTH_TOKEN_SECRET_RECEIVED_FROM_STEP_4", oauth_signature_method="PLAINTEXT", oauth_timestamp="' + Date.now() + '"',
    'User-Agent': 'YOUR_USER_AGENT/1.0'
  }
};

request(options, (err, res, body) => {
  if (!err && res.statusCode == 200) {
    console.log(JSON.parse(body));
  }
});

Good luck !