For the past 2-3 days , my code which was working previously , is. now showing GET Request failed with status: 401 Unauthorized
But the Postman API is working correctly for the same api keys with same body
I want to ask is there something that has been changed recently in header or anything else that i should be aware of ?
Hey @supernova,
I’m not aware of any changes on our side but let’s try to understand what’s going on there and why it stopped working. Can you please share the first 5 chars of your API key?
4f625
this is the api key 's first 5 char
Hey @supernova
I can see that there is some issue with signing the authorization JWT on your end. Something specifically to the URI value is not functioning correctly.
I cannot see the JWT on my end so if you could please share the entire HTTP request including the URL you’re calling and the headers (the Authorization one is the important one here) it will assist to troubleshoot.
claim struct paramteters
Claims { uri: “/v1/vault/accounts/1/ETH_TEST5/addresses_paginated”, nonce: “ca847cf2-a9dd-48c7-b158-4f0af9a842d0”, iat: 1722424714, exp: 1722424744, sub: “4f6252ee-8cb8-47d6-aefb-f2fb9db65b85”, body_hash: “e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855” }
Signed jwt
“eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJ1cmkiOiIvdjEvdmF1bHQvYWNjb3VudHMvMS9FVEhfVEVTVDUvYWRkcmVzc2VzX3BhZ2luYXRlZCIsIm5vbmNlIjoiY2E4NDdjZjItYTlkZC00OGM3LWIxNTgtNGYwYWY5YTg0MmQwIiwiaWF0IjoxNzIyNDI0NzE0LCJleHAiOjE3MjI0MjQ3NDQsInN1YiI6IjRmNjI1MmVlLThjYjgtNDdkNi1hZWZiLWYyZmI5ZGI2NWI4NSIsImJvZHlIYXNoIjoiZTNiMGM0NDI5OGZjMWMxNDlhZmJmNGM4OTk2ZmI5MjQyN2FlNDFlNDY0OWI5MzRjYTQ5NTk5MWI3ODUyYjg1NSJ9.l5q37VdQagivIdDi1C8Iv_x4MoEDIg8zIKncURa7bswXHLhHOs7jGbyUyphNhN35pmO7WkdBI9UNRfkfyDzUv_WWr_rS_wGzX1MCUDGNXBCurt5fioqEzmmbPvcT1m8k7TL02SFBxj0x9rb5pGViyS-cS-olgKD-jJUzADw0HUeUUymuiZoyklTtbz01AvKho_nahGp217QKozb4_2sxgltgznSrKBMtym_QyDTpc08Nm5XrGb5IEjAp8qaWDLEVPeCajqT5njQw1mTBlEHTD-tpa-nYyOzsxYils0Qdmp7yh8-cptQtwsmuKmnvDBRbBqOXG8Xj_NoizLw0CYDRH6IG1IVOLoPYVWkZo3KiEbx6G7QK_2rkHWkbusgCwFvmloy2Jw5zuS6nOjUSQj7973mGLsMMt-eVSv7LkDNAQb3BV1tOyT4R3TAbQtTSb0tBX1c7XwGfLZVwbfxXRkSIjYoylStgWwhjXDRKZ7VOMf_Yq4SRcxSoeM5u66ICpYSmljfYpKeaJRyXIAescqb20tiiZsJTVmp7kwRI49-AwoICUCh-Ls6a0Cbx8IGXrBteCF6Pgq6N4XhSaKba0U4bMVIyjtZvcDrpeaD8XhvvbX3okaOq5Q0pLkIF733geljT-pOwioAtDZQ3t0JEv-VE00BSLVteE67ActKSgcrA4-I”
headers
{“authorization”: “Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJ1cmkiOiIvdjEvdmF1bHQvYWNjb3VudHMvMS9FVEhfVEVTVDUvYWRkcmVzc2VzX3BhZ2luYXRlZCIsIm5vbmNlIjoiY2E4NDdjZjItYTlkZC00OGM3LWIxNTgtNGYwYWY5YTg0MmQwIiwiaWF0IjoxNzIyNDI0NzE0LCJleHAiOjE3MjI0MjQ3NDQsInN1YiI6IjRmNjI1MmVlLThjYjgtNDdkNi1hZWZiLWYyZmI5ZGI2NWI4NSIsImJvZHlIYXNoIjoiZTNiMGM0NDI5OGZjMWMxNDlhZmJmNGM4OTk2ZmI5MjQyN2FlNDFlNDY0OWI5MzRjYTQ5NTk5MWI3ODUyYjg1NSJ9.l5q37VdQagivIdDi1C8Iv_x4MoEDIg8zIKncURa7bswXHLhHOs7jGbyUyphNhN35pmO7WkdBI9UNRfkfyDzUv_WWr_rS_wGzX1MCUDGNXBCurt5fioqEzmmbPvcT1m8k7TL02SFBxj0x9rb5pGViyS-cS-olgKD-jJUzADw0HUeUUymuiZoyklTtbz01AvKho_nahGp217QKozb4_2sxgltgznSrKBMtym_QyDTpc08Nm5XrGb5IEjAp8qaWDLEVPeCajqT5njQw1mTBlEHTD-tpa-nYyOzsxYils0Qdmp7yh8-cptQtwsmuKmnvDBRbBqOXG8Xj_NoizLw0CYDRH6IG1IVOLoPYVWkZo3KiEbx6G7QK_2rkHWkbusgCwFvmloy2Jw5zuS6nOjUSQj7973mGLsMMt-eVSv7LkDNAQb3BV1tOyT4R3TAbQtTSb0tBX1c7XwGfLZVwbfxXRkSIjYoylStgWwhjXDRKZ7VOMf_Yq4SRcxSoeM5u66ICpYSmljfYpKeaJRyXIAescqb20tiiZsJTVmp7kwRI49-AwoICUCh-Ls6a0Cbx8IGXrBteCF6Pgq6N4XhSaKba0U4bMVIyjtZvcDrpeaD8XhvvbX3okaOq5Q0pLkIF733geljT-pOwioAtDZQ3t0JEv-VE00BSLVteE67ActKSgcrA4-I”, “x-api-key”: “4f6252ee-8cb8-47d6-aefb-f2fb9db65b85”}
uri
“https://sandbox-api.fireblocks.io/v1/vault/accounts/1/ETH_TEST5/addresses_paginated”
the code mentions to set the api url as developers-hub/authentication_examples/rust/src/main.rs at c44604d0e99324450906809b64bf1336eaad4d1c · fireblocks/developers-hub · GitHub
but the doc says to do it like this
Yes that’s the issue @supernova.
The example code has the base URL without the /v1 relative path as this is set in each endpoint call by passing the endpoint’s URI.
I can see on my end that the requests are sent to:
/v1/v1/vault/accounts/1/ETH_TEST5/addresses_paginated - the version is doubled.
thanks the GET requests are working again.
But the POST requests have the same error . I am using the NCW signer key for POST. is it correct?
@SlavaSereb what do the post request show you?
Hey @supernova,
Sorry for the delay.
I can see that this API key has VIEWER permissions. Viewers cannot perform POST API calls…
Learn more here:
I am using the ncw signer for posting
d261d7a4-2323-4e4d-a561-bd76b2da8674
