Issue with Header Auth token

Hans_Blaauw · January 17, 2024, 1:07pm

Issue with header Auth

I’m getting unauthorized after a while

I have serious issues using Bearer tokens with N8N. When I make calls to the APIs with Postman it works great and even with Zapier and Make.com it works. For some reason N8N does something different.

I have tried using Header Auth with Authorization Bearer in the name and then value in the token but nothing works. My token field is always a password field and I have the feeling this is an issue in N8N.

I also ignored Header Auth and uses sending headers but I have exactly the same problem.

Sharing the workflow does not make sense, I only test the http node.

n8n · January 17, 2024, 1:07pm

It looks like your topic is missing some important information. Could you provide the following if applicable.

n8n version:
Database (default: SQLite):
n8n EXECUTIONS_PROCESS setting (default: own, main):
Running n8n via (Docker, npm, n8n cloud, desktop app):
Operating system:

Jon · January 17, 2024, 4:48pm

Hey @Hans_Blaauw,

Welcome to the community

What are you connecting to and is there any more information in the error you see? It sounds like the token you are using needs to be refreshed at some point but without more details I am not sure.

Hans_Blaauw · January 18, 2024, 9:03am

Hi,

We connect to a specific supplier API (cannot provide access) and it works great with Postman. Refreshing is for sure not the issue, we know the mechanism and it works in all other tools and we use the correct token for 100%.

I tested with Postman, Make.com, Zapier and Activepieces and it all works.

Maybe there is an issue with GET and tokens? Using the same API but another method and Post does seem to work. Not by using Header Auth but using Sending headers. With GET it always fails.

I’m using “Authorization” as name and then paste in Bearer in the value field which basically shows as a password field. My feeling says something is wrong there.

Cheers.

Jon · January 19, 2024, 9:37am

Hey @Hans_Blaauw,

Typically if it works once it should always work but if the token never changes it is a bit odd. I have done some testing with sending an Authorization header to webhook.site to see if we are sending the correct data and it looks to be fine.

Which version of n8n are you using at the moment as I know we changed the version of Axios we use and there could be something odd becuase of that.

Hans_Blaauw · January 19, 2024, 10:11am

In N8N the same procedure gives me the 504 error.

We use Gravitee for API management.

So Postman, Make and Zapier are confirmed to work.

Jon · January 19, 2024, 10:54am

Hey @Hans_Blaauw,

So sending to webhook.site have a 504 error? That shouldn’t happen. Which version of n8n are you using?

Hans_Blaauw · January 19, 2024, 2:38pm

Currently running on 1.22.6

Overall it does not seem to be an issue with the API but something in the combination of N8N and the Gravitee APi. Tested several other tools and it all worked.

My problem is I cannot share API details, the supplier does not allow me and this is very secure data.

Jon · January 19, 2024, 3:24pm

Can you try updating to 1.25.0 and see if that helps? I am also curious about the webhook.site test as that shouldn’t have errored.

Does the other system you are connecting to have logs that can show what data was received?

Hans_Blaauw · January 19, 2024, 3:38pm

Jon,

I appreciate your quick feedback. I’m working to get some logs from Gravitee. Will try to update to 1.25.0.

Hans_Blaauw · January 19, 2024, 3:46pm

Update to 1.25.0 but no luck. For some reason N8N does not like that APi which works in all other workflow automation tools.

It’s hard to debug because I cannot share details. I think it has nothing to do with the returned data but more with how N8N handles the request.

Even used importing a cURL which works out of the box but not with N8N.

Cheers.

BramKn · January 19, 2024, 3:51pm

Hi @Hans_Blaauw

Did I read it correctly that you put “Authorization Bearer” in the header name?
This is incorrect Bearer should be infront of the value like this

Jon · January 19, 2024, 4:32pm

You can check the request by sending it to something like webhook.site which will show you the headers we are sending. I have not yet found an API that we will work with for a few requests then stop.

Unless there is more information we can get hold of it is hard to say what is going on. Is Gravitee the system you are connecting to with the API or does that have another role in this?

Hans_Blaauw · January 19, 2024, 5:43pm

I do it exactly that way, not putting Bearer in the Name. I already do this kind of stuff for years

Hans_Blaauw · January 19, 2024, 5:44pm

Just to correct, this has never worked in N8N. We have done workarounds but want to get it working in N8N to have all in one system.

Gravitee is the API management layer of the supplier.

Will test a few more things otherwise we will create a script and call that with N8N as a workaround.

Hans_Blaauw · January 20, 2024, 7:55am

Hi guys,

I discovered it, a very stupid mistake by me. Something went wrong in a kind of hidden loop and that refused the connection.

N8N is great and this was cetainly my mistake. Repetitive blindness

system · April 19, 2024, 7:56am

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.