0

I am having issues in accessing contact from Xero. I keep getting an error - AuthorizationUnsuccessful

Below please find the code I am using to send my request as well as the response I am getting:

'scopes' => ( 'openid', 'email', 'profile', 'offline_access', 'accounting.settings', 'accounting.contacts' ) in my xero config file

Request passing in Postman

    <?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => "https://api.xero.com/api.xro/2.0/Contacts",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => array(
"accept: application/json",
"authorization: Bearer eyJh.......N6mbaw",
"cache-control: no-cache",
"postman-token: 51048d11-4f31-ba27-16c7-48739f14c6f0",
"xero-tenant-id: e8672ad4-ea92-4698-87aa-a69f5b049265"
),
));
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
?>

Response:
{
"Type": null,
"Title": "Unauthorized",
"Status": 401,
"Detail": "AuthorizationUnsuccessful",
"Instance": "14ae9993-dc1b-4d8d-a4c0-15b2c343f337",
"Extensions": {}
}

Your assistance would be greatly appreciated.

Akshay
  • 1

1 Answers1

0

In your headers, I don't think there is no need for postman-token, so it should look like,

CURLOPT_HTTPHEADER => array(
"Accept: application/json",
"Authorization: Bearer eyJh.......N6mbaw",
"Cache-control: no-cache",
"Xero-tenant-id: e8672ad4-ea92-4698-87aa-a69f5b049265"
)

Note the capital first letters.

The other option, easier & more organised one is to use guzzle, as you are using laravel(if > 5.1), you have guzzle already in laravel or can use HTTP Client even.

Using Guzzle You can use Guzzle to handle curl requests,

use GuzzleHttp\Client;
use GuzzleHttp\Exception\RequestException;


public function yourFunction()
{
    try {
        $client = new Client();
        $guzzleResponse = $client->get(
                'https://api.xero.com/api.xro/2.0/Contacts', [
                'headers' => [
                    "Accept" => "application/json",
                    "Authorization" => "Bearer eyJh.......N6mbaw",
                    "Cache-control" => "no-cache",
                    "Xero-tenant-id" => "e8672ad4-ea92-4698-87aa-a69f5b049265"
                ],
                'allow_redirects' => [
                    'max' => 10,
                ],
                'connect_timeout' => 30
            ]);
        if ($guzzleResponse->getStatusCode() == 200) {
            $response = json_decode($guzzleResponse->getBody(),true);
        }
        
    } catch (RequestException $e) {
        // you can catch here 400 response errors and 500 response errors
        // see this https://stackoverflow.com/questions/25040436/guzzle-handle-400-bad-request/25040600
    } catch(Exception $e){
        //other errors 
    }
}

You can refer more about guzzle from guzzle docs

bhucho
  • 3,903
  • 3
  • 16
  • 34