Hello, hope you’re doing well! I’m trying to set up the Unity game engine to connect to my campaign to download a list of everyone pledging so that I can set up some custom logic in my application
I’m trying to use WWW to make the GET request as follows:
However, I keep getting a 401 unauthorized error. I’m using the access token from the Clients & API keys page, and have tried refreshing it several times, but no dice
You can help rule out whether or not the issue has been caused by your code or by the access token by testing the access token’s validity using the following terminal command (replace access-token with your access token).
curl -X GET https://api.patreon.com/oauth2/api/current_user -H 'Authorization: Bearer access-token'
I expect the issue is with your code, presumably the headers are not being set properly. You can debug this by using a Request Bin (like this one):
Replace the Patreon URL in your code with the RequestBin URL
Run the code so that it makes a request
Refresh the RequestBin webpage: check the data received by the server, if the request was made correctly you should see the following under headers:
Authorization: Bearer access-token
You should keep in mind though that your Creator's Access Token should be kept secret, you should not include that value in anything you deliver to consumers, because they can then extract that token by sniffing traffic and use the token to access the personal details of everybody who is a patron of your campaign. Furthermore, if your access token is reset for some reason (intentionally or accidentally) then the Patreon integration in your game will break.
You should create an intermediary web service that is responsible for talking to the Patreon API, which provides the data your game needs without exposing your Creator's Access Token.
Hey thanks so much for your response!
Totally agree about not passing the Creator Access Token to the finished product, this is just for an editor script I’m writing myself - anything on the client side will use a web service
So I refreshed the access token and tried using curl, and got the same error:
I then tried the RequestBin (really cool tool btw!) from the Unity script, and it does seem to be passing the header correctly although it’s possible the WWW class is not setting a different header that is needed - here is the request with all the headers
Looking at the screenshot of your curl request it seems that you may have a new line character in your access token, your access token should be a continuous string with only alphanumeric, dash and underscore characters. Copy your access token into a text editor first and remove any new lines.
Thanks for the fast response! I went ahead and tried that and got the same issue, perhaps it appeared that way because I blocked out most of the access token in paint?
Here’s how it appears without the block out (I changed my access token after posting this):
If you look in your screenshot you can see the following:
curl: (6) Could not resolve host: Bearer
curl: (6) Could not resolve host: [...]
This indicates there’s something wrong with your command, because curl is interpreting your command as something other than what we’re intending (a single request to the current_user endpoint).
The issue is either your ' characters are wrong (try replacing them with an actual ' by typing it on your keyboard) or your access token contains invalid characters (almost certainly this). You can use a tool like this one to break down the characters in the string.
