function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
mustafatop10mustafatop10 

Invalid API key or access token (unrecognized login or wrong password)

I must make a http request to Shopify in Salesforce. I used following url format as endpoint url for setEndpoint method

HttpRequest req= new HttpRequest(); 
req.setEndpoint('https://apikey:password@hostname/admin/resource.xml'); 
req.setMethod('GET'); 

I get following log:

CALLOUT_RESPONSE|[18]|System.HttpResponse[Status=Unauthorized, StatusCode=401]

And I get return value from body of HttpResponse:

<?xml version="1.0" encoding="UTF-8"?> <hash> <errors>[API] Invalid API key or access token (unrecognized login or wrong password)</errors> </hash>

Also I have tried to following structure but I haven't been succesful.

Blob headerValue = Blob.valueOf(apikey+ ':' + password);
String authorizationHeader = 'BASIC ' +
EncodingUtil.base64Encode(headerValue);
req.setHeader('Authorization', authorizationHeader);

And also following url works properly in any browser

apikey:password@hostname/admin/resource.xml

What should I do for HttpResponse status code be 200.

Jeff MayJeff May

Assuming you've defined your Remote Site Settings properly in SFDC, the other most frequent problem is that the https has not been enabled at that endpoint.

mustafatopmustafatop
I have defined remote site for shopify.
jeevan dhruvsoftjeevan dhruvsoft
Hi Mustafa,
did you got a solution for this.?
i too facing the same issue. Can you please on this.
JAY_PJAY_P
Hey mustafatop.
make sure your username and password has access for api callout and handling thing make sure you r passing correct user name as well as correct passowrd and endpoint is right.
Thank You
Sarah DickinsonSarah Dickinson
Hi,

I am having the same issue, were you able to solve it?

Thanks!
Sarah
Sarah DickinsonSarah Dickinson
Hi,

I was able to fix the issue for me. Looks like we need to add a Authorization header even if the endpoint contains the apikey and password.
After adding the following to the HTTPRequest it started working.
Blob headerValue = Blob.valueOf(SHOPIFY_API_KEY+':'+SHOPIFY_API_PASSWORD);
String authorizationHeader = 'Basic ' + EncodingUtil.base64Encode(headerValue);
req.setHeader('Authorization', authorizationHeader);

As a sidenote, I also noticed that once we add the Authorization header, it does not seem to be necessary to have the apikey and password in the Endpoint URL. You should be able to use https://hostname/admin/orders.json instead of https://apikey:password@hostname/admin/orders.json

Hope that helps.
Sarah