Skip to content
Start building
Back

401 error when using get account (rest api)

  • 0
  • Auth
  • REST API
  • Cloud
View on Discord
supastishn🍉🇵🇸
31 Jan, 2025, 19:24

I'm using godot with the rest api to make requests to appwrite. This is my code to get account:

TypeScript
func get_account() -> bool:
    print(" Get account started")
    requesting = true
    http_request.request_completed.connect(get_account_signal)
    var link: String = endpoint + "/account"
    var body: String = JSON.new().stringify({
        
    })
    var temp_headers: PackedStringArray = custom_headers.duplicate()
    temp_headers.append("X-Appwrite-Session: " + session.get_string_from_utf8())
    var error = http_request.request(link, temp_headers, HTTPClient.METHOD_GET, body)
    await http_request.request_completed

    requesting = false
    if error != OK or response != 200 and response != 201: return false
    return true
    ```
Custom headers includes the appwrite project id and content-type application/json
I have the third header, x appwrite session with my session string.
Printing the header string gives me this:

"X-Appwrite-Project: pale-tube", "Content-Type: application/json", "X-Appwrite-Session: {$id:679d22d032e6b859705a,$createdAt:2025-01-31T19:21:52.227+00:00,$updatedAt:2025-01-31T19:21:52.227+00:00,userId:679cfd9c7af6fb6bf717,expire:2026-01-31T19:21:52.208+00:00,provider:email,providerUid:omareeto2012@hotmail.com,providerAccessToken:,providerAccessTokenExpiry:,providerRefreshToken:,ip:REDACTED,osCode:AND,osName:Android,osVersion:,clientType:browser,clientCode:AN,clientName:Android Browser,clientVersion:,clientEngine:WebKit,clientEngineVersion:,deviceName:,deviceBrand:,deviceModel:,countryCode:jo,countryName:Jordan,current:true,factors:[password],secret:,mfaUpdatedAt:}"

TypeScript
which matches the values I am using.
Logging in with my rest api implementation succeeds, giving me a 201 response code and a valid session
TL;DR
Developers are encountering a 401 error when trying to get an account via the Appwrite REST API. They are seeking guidance on the authentication process. The suggested solution involves retrieving the session token from the response headers of the authentication request and storing it for subsequent requests. The issue may stem from setting cookies or using an API key. The correct header for the session string is "X-Appwrite-Session," not "X-Appwrite-Project." The provided code snippet shows the correct implementation.
Kenny
31 Jan, 2025, 19:30

I believe x-appwrite-session is not the session object, but your session secret.

https://appwrite.io/docs/references/cloud/models/session

supastishn🍉🇵🇸
31 Jan, 2025, 19:37

it says that its only included when i made the request with an api key, does that mean i need to make a custom backend to not leak the key?

supastishn🍉🇵🇸
31 Jan, 2025, 19:38

or can i make it give me the secret without forcing me to use an api key

Kenny
31 Jan, 2025, 19:44

I'm not familiar with godot, can you set cookies and include them in http requests?

Kenny
31 Jan, 2025, 19:45

If not, I believe you should be able to get the session token from the cookies in the response headers of your authentication request, then you can store that and use it on subsequent requests.

Steven
31 Jan, 2025, 19:48

Have you looked at this? https://appwrite.io/docs/apis/rest#authentication

Reply

Reply to this thread by joining our Discord

Reply on Discord

Recommended threads

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more