The Movie Database podpora
Podpora → API podpora
Create list error 401
odoslané Shahood Ul HassanSTAFFMOD dňa 2. apríl, 2025 o 5:32AM
Hi, I'm trying to create a list via "Try it" feature on the API reference page. However, I'm failing with 401 saying: 'Sorry, your couldn't be authenticated with those credentials' pointing at my access token.
My fetch request:
const url = 'https://api.themoviedb.org/3/list?session_id=%7B%20%20%20%22success%22%3A%20true%2C%20%20%20%22session_id%22%3A%20%2230036ee8426fc0d347056e7be55fb77565598114%22%20%7D';
const options = {
method: 'POST',
headers: {
accept: 'application/json',
'content-type': 'application/json',
Authorization: 'Bearer {MY_ACCESS_TOKEN}'
},
body: JSON.stringify({name: 'SUH first list', description: 'This is my first list', language: 'en'})
};
fetch(url, options)
.then(res => res.json())
.then(json => console.log(json))
.catch(err => console.error(err));
Response:
{
"success": false,
"status_code": 3,
"status_message": "Authentication failed: You do not have permissions to access the service."
}
I'm new to the Authentication API. I've created the request_token, authorized it and created a session_id successfully. However, when I try to create a list on a test basis, I fail as mentioned above.
Kindly let me know what I'm doing wrong.
Thanks!
Odpoveď od Travis Bell
dňa 2. apríl, 2025 o 10:41AM
It's because you're authenticating with a bearer token. That is taking preference over your query params.
If you want to keep using a bearer token, you will need to create an access token that has been authorized by your user. This is outlined here.
If you don't care about bearer authentication, switch to using
api_keyas a query param, and delete the Authorization header.Odpoveď od Shahood Ul Hassan
dňa 3. apríl, 2025 o 1:23AM
I didn't quite get it. Firstly, I forgot to explicitly mention that I was using V3, although it was evident from the fetch request I shared.
So if I wanna keep using the bearer token, I'll have to switch to using V4 way of authorization via an access token?
Odpoveď od Travis Bell
dňa 3. apríl, 2025 o 9:34AM
The bearer token is already technically “v4” authentication. That’s why you’re having an issue.
So yes, you have to continue to use v4 for user authentication, or switch to query params for authentication (which is technically “v3”).
Odpoveď od Shahood Ul Hassan
dňa 4. apríl, 2025 o 2:28AM
For anyone interested in the outcome of this thread:
If someone wants to keep using the bearer token in V3, he should create an
access_tokenusing this V4 workflow.Then, use this
access_tokento get asession_idin V3 as mentioned here.