2

New to SmartSheet API. I tried to use the example in the API document to access API using my access token

curl -s https://api.smartsheet.com/2.0/users/me -H "Authorization: Bearer some-token"

I received an error code 1004.

{
  "errorCode" : 1004,
  "message" : "You are not authorized to perform this action.",
  "refId" : "1qtv5vlwgoxn4"
}

How to resolve this error?

bPratik
  • 6,894
  • 4
  • 36
  • 67
Mark
  • 31
  • 2

2 Answers2

1

Did you alter the token value when you posted here, or is the curl command you've posted exactly what you're submitting? The token you've posted in the above curl command appears to be invalid -- if I submit the same curl command as you've included in your post, I receive a 1002 error (Your Access Token is invalid.).

curl -s https://api.smartsheet.com/2.0/users/me -H "Authorization: Bearer ll352u9jujauoqz4gstvsae05"

{
  "errorCode" : 1002,
  "message" : "Your Access Token is invalid.",
  "refId" : "q7ee6vxts37o"
}

I'd suggest that you do the following:

  1. Using the Smartsheet UI, revoke the token that you reference in the curl command within your post. Also, FYI -- you should never share your token in a public forum (e.g., posting here in Stack Overflow or anywhere else where others will see it) -- b/c anyone can use your token via API to read/edit/delete any Smartsheet data you've got access to.

  2. Create a new token, and try the curl command again using the new token. If I cc/paste your exact curl command but use my token in place of the one your post specifies, it successfully returns the requested info -- so your curl command is valid as it's currently structured, it's just that your token value seems to be invalid.

EDIT

Re-reading your post, I now understand that the token in your post is the one that's used in the example in the API docs. That's not a valid access token. You'll need to create your own API access token (via the Smartsheet UI, as described here: https://smartsheet-platform.github.io/api-docs/#raw-token-requests), then use that token in your curl request.

Kim Brandl
  • 13,125
  • 2
  • 16
  • 21
  • Thanks, Kim. I did use the token in the API documentation example in the post. When I used the token from the example, I got the same 1002 error code. But when I used my my token from the "raw-token-request", I received the 1004 error code. Is there any account level setting that I need to set to allow API access on my account? – Mark May 27 '20 at 06:05
1

I just found the answer to my question. It turns out that the word "Bearer" is required in that Authorization header. Only the access token needs to be replaced with the generated token from https://smartsheet-platform.github.io/api-docs/#raw-token-requests.

Thanks, Kim, for your help.

Mark
  • 31
  • 2