Back to Fantasy Sports API Forum
0

HTTP 401 Error (Fantasy Sports API)

Hi there,

I'm having issues with accessing the Fantasy Sports API using OAuth in an iOS app I am building.

I have succesfully authenticated a user, resulting in a "HTTP 200 OK" message, yet when I try to access the API (i.e.: "http://fantasysports.yahooapis.com/fantasy/v2/users;use_login=1/games;game_keys=nhl/leagues"), I receive a HTTP 401 Unauthorized Access error.

From what I can see, I am sending the correct Authorization header w/ my request, so I'm stumped. Any help and/or feedback is greatly appreciated.

Here's my Authorization Header:

CODE
realm="yahooapis.com", 
oauth_timestamp="1295835481", 
oauth_nonce="e766cc3aabb286dba70a81a2a8be542bf85cf8ad", 
oauth_signature_method="HMAC-SHA1", 
oauth_consumer_key="dj0yJmk9WjFLcW9PeHdFT1NHJmQ9WVdrOVlWUlVVRE5ZTldVbWNHbzlNVGMyTnpneE5UWXkmcz1j
b25zdW1lcnNlY3JldCZ4PWFm", 
oauth_version="1.0", 
oauth_token="A%253DuFNA67HBshNMrE93z05q2hiK.87gNUU9QSsCqdzlsfJSfoFlNv5hGle.boN_ZGT6QL7RpZ7C7gZF
Z7mwGhUMeJFmNQVWvvvJCTNupAZHBSJkU57AKPvZI0lY32BEYmvi2ZsxtlyaV5cius7Ed8loq5pKdXxK
a
yGHUPcSB9MONMH9wwsP7x.66vcSLwpeF3nE76gI94pp8ptCZE2tuV0PDOOeZZcJbo4HbHaqBacP7fKGn
N
16Weomxm6sWbQSQREMPDDh3oO_TzA_rTHeJ19fpE9i3wSqC0ZT7OgJ_TZukuQjZ_Au2FoqwnFeUgBgNd
O
qZFQRv5L3RFLderWeIhVsy3HwSlsx1JvuzmCY28_JgPS_FwER8RRC3eur_qhYKR9L2ficcnh2oiiXp8o
p
SQe0e9_wHvlWWIsV3eqbhNCG2Reu7UudxxPLsV7yFUws5fW7EvuOdb6cycbNusR2PAH6X1CRB2o1OOj0
0
qW96509qL.0_02_z9CXpQkt_rdeO_wF6r21IHxjIMii9BjlKbZ9_QIPHHclFFkfNvoTsS01uJm6uVruj
T
5FocAY0trq20QaI_ecwYXVsBfWZgeN147Nc5l.Q8654zL39d6Vj75PzqaHrsKL0cIk1Q5fMSi1mTL_ll
G
iOTtRsWj0q7jCLH.YKzJKrGH_zzheu4M1uGgE16SXFypTROa2gISy6nRhzqVpPpbUdlzKJxUgZmFJ4gT
4
VauHuTYSaHsjQKgC8GyI.sJMl53XdyAGxs5IIolsr1vHuU7q0E_RnJfYjOJE", 
oauth_signature="47KEQwMYeMZBhYiQRtWKO3asGLs%3D"


My callback is "oob" if that makes any difference.

Thanks in advance.

by
Report Abuse
2 Replies
  • Not sure what happened with that Codeblock but here's the fixed version:

    CODEBOX
    realm="yahooapis.com", 
    oauth_timestamp="1295835481", 
    oauth_nonce="e766cc3aabb286dba70a81a2a8be542bf85cf8ad", 
    oauth_signature_method="HMAC-SHA1", 
    oauth_consumer_key="dj0yJmk9WjFLcW9PeHdFT1NHJmQ9WVdrOVlWUlVVRE5ZTldVbWNHbzlNVGMyTnpneE5UWXkmcz1j
    b25zdW1lcnNlY3JldCZ4PWFm", 
    oauth_version="1.0", 
    oauth_token="A%253DuFNA67HBshNMrE93z05q2hiK.87gNUU9QSsCqdzlsfJSfoFlNv5hGle.boN_ZGT6QL7RpZ7C7gZF
    Z7mwGhUMeJFmNQVWvvvJCTNupAZHBSJkU57AKPvZI0lY32BEYmvi2ZsxtlyaV5cius7Ed8loq5pKdXxKa
    yGHUPcSB9MONMH9wwsP7x.66vcSLwpeF3nE76gI94pp8ptCZE2tuV0PDOOeZZcJbo4HbHaqBacP7fKGnN
    16Weomxm6sWbQSQREMPDDh3oO_TzA_rTHeJ19fpE9i3wSqC0ZT7OgJ_TZukuQjZ_Au2FoqwnFeUgBgNdO
    qZFQRv5L3RFLderWeIhVsy3HwSlsx1JvuzmCY28_JgPS_FwER8RRC3eur_qhYKR9L2ficcnh2oiiXp8op
    SQe0e9_wHvlWWIsV3eqbhNCG2Reu7UudxxPLsV7yFUws5fW7EvuOdb6cycbNusR2PAH6X1CRB2o1OOj00
    qW96509qL.0_02_z9CXpQkt_rdeO_wF6r21IHxjIMii9BjlKbZ9_QIPHHclFFkfNvoTsS01uJm6uVrujT
    5FocAY0trq20QaI_ecwYXVsBfWZgeN147Nc5l.Q8654zL39d6Vj75PzqaHrsKL0cIk1Q5fMSi1mTL_llG
    iOTtRsWj0q7jCLH.YKzJKrGH_zzheu4M1uGgE16SXFypTROa2gISy6nRhzqVpPpbUdlzKJxUgZmFJ4gT4
    VauHuTYSaHsjQKgC8GyI.sJMl53XdyAGxs5IIolsr1vHuU7q0E_RnJfYjOJE", 
    oauth_signature="47KEQwMYeMZBhYiQRtWKO3asGLs%3D"
    Report Abuse
    0
  • I can't tell much in terms of just straight verifying the response that you provided, since it's very dependent on how you're generating the request and what inputs you're giving into it. Just a couple thoughts, though:

    * Your application would need to be scoped to Fantasy Sports read (or read/write), which you set up when creating your application through the YDN site. Unlikely that's the problem, but it could definitely cause issues.
    * I'm not sure how you're telling that you've successfully authenticated the user. If you've gone through the steps where you were able to pass the user through to get their token verifier and then you run that back to YDN in order to get the access token, are you using the access token parameters that you get back, or the original request token parameters? ie, if you get the 200 OK back from YDN, are you also using the contents of that response in your request up to us?
    * What's the exactly response text that you receive back along with the 401 Unauthorized? Sometimes that can help clarify where the problem is actually occurring.
    * Failing all that, what does your code look like that you're using to a) get the access token, and B) submit the request to us along with the access token data?
    Report Abuse
    0
Ask a Question

Recent Posts

in Fantasy Sports API