I am facing an issue where I am getting a 401 response with message 'Invalid or expired session, please login again' when I hit the /users/me API. This is happening even if I am sending the bearer token which was genereate from the /login API.
Here is the request:
curl -X GET \
http://localhost:8065/api/v4/users/me \
-H 'Authorization: Bearer 4p7ip3wuujby7cfmeqb7718fhc' \
-H 'Postman-Token: eac220fa-9208-427b-b76f-f048ba28908a' \
-H 'cache-control: no-cache'
The token you receive after login is a temporary token. It will expire after some time. You have two options to overcome that:
Login again and get a fresh token.
Use Personal Access Token which is a valid token and also it does not expire unless you revoke it by intention.
If you want to use Personal Access Token first you need to enable it in the config file. Set EnableUserAccessTokens to true. Then reset your server to apply the config. After that, use the specific endpoint to create a Personal Access Token for your account. Pay attention that, by default, only System Admins have permissions to create a personal access token.