I'm trying to get a list of owners/locks using the Tapkey REST api in Python. I verified the oauth credentials are correct, as I am getting an actual token.
import requests
tapkey_api_url = "https://my.tapkey.com"
tapkey_api_version = "/api/v1"
tapkey_auth_server = "https://login.tapkey.com"
tapkey_client_id = "xxx" #redacted
tapkey_client_secret = "yyy" #redacted
def get_access_token(url, client_id, client_secret):
response = requests.post(
url,
data={"grant_type": "client_credentials", "scope": "read:owneraccounts read:owneraccount:permissions"},
auth=(client_id, client_secret),
)
token_json = response.json()
return token_json["access_token"]
token = get_access_token(f"{tapkey_auth_server}/connect/token", tapkey_client_id, tapkey_client_secret)
print(f"Received token: {token}")
owners_url = f"{tapkey_api_url}{tapkey_api_version}/Owners"
print(owners_url)
response = requests.get(owners_url, headers={"Authorization": f"access_token {token}"})
print(response)
Output:
Received token: <redacted>
https://my.tapkey.com/api/v1/Owners
<Response [401]>
I'm passing the correct scopes, those scopes are enabled in the oauth settings in the Tapkey admin portal, and I am given a token. I cannot think of a single reason why I am getting an unauthorized error.
Edit: to be clear, the service-account e-mail address was added as an administrator to my account.
The issue seems to be related to how the authorization token is being passed in the header of your GET request to the Tapkey API. The authorization header usually requires the word Bearer before the actual token. In your code, you're using access_token instead, which is likely causing the unauthorized error.
Here's the corrected line for setting the authorization header:
response = requests.get(owners_url, headers={"Authorization": f"Bearer {token}"})
This change should correctly pass the token and resolve the 401 Unauthorized error you're encountering.