0

I need to make an API call with http-kit in Clojure where it uses API-Key as authorization. That is, in Postman, you would usually have the option to add an api-key, api-value and the option to add it to header or query-params.

I know the following would be the way to go in case of basic-auth:

{:url "<api-url>"
 :method :post
 :headers {"Content-Type" "application/json"}
 :basic-auth [<username> <password>]
 :body <body>)}

But a similar variation isn't working with api-key version. So far, I have tried:

{:basic-auth [<api-key> <api-value>]}

{:query-params {<api-key> <api-value>}}

{:query-params {:key <api-key>, :value <api-value>}}

{:headers {"Content-Type" "application/json"
           <api-key> <api-value>}

{:api-key [<api-key> <api-value>]}

{:api-key {<api-key> <api-value>}

and other variations, but it doesn't seem to be working.

(Note: The authorization works on postman but I couldn't test the full api call there because the body is too long and too complex to copy, and the authorization isn't working from the application.)

Dipti
  • 85
  • 2
  • 9
  • 1
    "But it doesn't seem to be working" - what errors do you get? what is the response? since you are wild-guessing with the api-key, and assuming that this is the actual proble: please also add what the documentation of your remote says about how to submit this. – cfrick Apr 01 '21 at 09:24
  • @cfrick The api documentation says that the Authorization is done by api-key with the key-value pair. I get a `401` status with some of those combinations, and a type error resulting in Null Pointer Exception with the others. – Dipti Apr 01 '21 at 09:39
  • But where is the other side looking for that? You have tried header and query-params. Is the endpoint you try to contact documented in the public, can you link it? – cfrick Apr 01 '21 at 10:06
  • @cfrick Sure, here is the link to the documentation: https://documenter.getpostman.com/view/9780542/TVmHDetH#e4296d1e-58f4-4f6d-873f-04fd8a69c872 The demo doesn't have the api-key included in the request though, and it doesn't explicitly mention where it expects it either. (The content is in Spanish but Google Translate works fine). – Dipti Apr 01 '21 at 10:11
  • Yeah, the documentation seems pretty useless. My guess would be `{:headers { "CONSULTAR"}}` then. – cfrick Apr 01 '21 at 10:45

1 Answers1

1

If you submit a POST request in Postman with the API Key auth to a non-existent endpoint, the request will fail but you can still inspect the headers that were attempted in the request using the Console. I used placeholder values and the request headers looks like this:

MYAPIKEY: MYAPIVALUE
Content-Type: application/json
User-Agent: PostmanRuntime/7.26.10
Accept: */*
Postman-Token: 0494818d-5401-4baa-8ef7-bfce46c7196e
Host: localhost:5001
Accept-Encoding: gzip, deflate, br
Connection: keep-alive

This makes me think that with your request in http-kit needs at least a few of those headers (typically you'll need at least Content-type, Accept and your custom API key/value pair).

Denis Fuenzalida
  • 3,271
  • 1
  • 17
  • 22
  • I changed the header to include the `Accept` value to be the following, but that didn't work either. `:headers {"Accept" "*/*", "Content-Type" "application/json", }` – Dipti Apr 01 '21 at 07:40