In case you need to develop native integrations between your product and Sage Intacct, then you might encounter the "401 Unauthorized" error message. This error generally occurs when the authentication credentials offered for the request are either invalid or have expired.
This article will try to explore the possible reasons for this error and also offers the solutions to help you resolve it.
HTTP/1.1 401 Unauthorized
Content-Type: application/json
{
"error": "invalid_grant"
}
Causes of the Sage Intacct Integration Error 401 Unauthorized
Let us take a look at some of the main reasons for the error 401:
1. A case of expired Access Tokens
The access token comprises a limited lifespan and should, thus, be refreshed regularly. In case the access token that has been used within an API request has expired, a 401 error will then occur. In order to resolve this error, you need to refresh the access tokens by sending a new authentication request and thus, receiving a new set of access and refresh tokens.
The solution for “Expired Access Tokens”
In order to fix the error caused by expired access tokens, you are required to refresh the tokens. This can be done by sending a new authentication request and thus, receiving a new set of access and refresh tokens. Let us take a look at a sample code snippet that shows how to refresh the access tokens in Python.
//Import Required Libraries
import requests
import json
//Define Auth Endpoint URL
url = 'https://api.intacct.con/identity/v2/oautha/token'
//Define Auth Parameters
auth params = {
'grant_type': 'refresh_token',
'refresh_token': 'your_refresh_token here',
'client_id': 'your_client_id_here',
'client secret': 'your_client secret here'
}
//Send Auth Request
response - requests.post(url, data=auth params)
//Parse Auth Response
response_json = json.loads(response. text)
access_token = response_json['access_token']
refresh_token = response_json['refresh_token']
Here, this code makes use of the Python Requests library inorder to authenticate with Sage Intacct API. This is done by sending a request with a refresh token, client ID, and client secret. After this you will receive new access and refresh tokens for the subsequent API requests.
Now, let us take a look at an example response that you might get.
{
"access_token":
"eyJhbGc101JSUZUXMITSImtpZCT6T ZIM tpY 2F ZMWpUS I hF eENNbAJVZE1Fa8dLAFBAYNZ JemRVY1YyM
GS9Tn8. ey.JqdGki01 13MzJaNJM2N1OXY JKSLTRINJCtY JRIOCT IMDQYN2QWOTUINZALLCIPYXQIOJEZMIA
2NJQ200CS InV4CCT6MTYyMDY20DT4NywiaXNzT §01b3B1bnF tLmFwaSTSIANTY4I6T§QONCISInF12CT6T
WFwaSTSIANVbNRy YWNBT j01ZnVsbFOhY2NvAWSET iwi c2NvcGVZT 301 VMN jb3VudDpydyBhY2NvdNS80nd
'YaXRLIENVbNRYYWNGORF jdG1vbiJ9. JbBh11Q_2px9P-JquUEhGkU6JnKUJKZSPBS-pn1vCDYeUXCtSPS
K9e7p--bLy_SR7Cn1k~117VIMQOKWFpagVwxq3A629XBgZnx6Lm6 rgfUSCKYUG16mem_982hI-q-PapvV.
HKZIXINKp13JD1CyEZvF_nH-nEMGrhCpIVi1xOxvZEWd_GAIQQLbVY6SSmCDYUSHS KK 1hLeBBOr2JS-F
8¢_VzXeX_Yq3hDswi JVCTy48Ged6Uf 82KKTVMVDCYNINBOXUZGHRL 1VUSWSUBKR JK11rVw2CnZcSBgz8K
X9TPGMyq3n@DaxghAVZBKVUINMPEJGBfKKS6A"
"scopes": "full _access:read Contact:action"
"token_type": "bearer"
"expires_in": 300
"refresh_token" :
"eyJhbGc101JSUZUXHI TS TmtpZCT6T SZ1M2tpY2F ZMNpUS hF eEhNbNJVZB1F aBdLAFBAYWZ JemRvY 1YyM
- eyJqdGk101JK0GQ40DINZ11hY J FALTQ2YTgEYTC2MCThMZMIM VIZ] 1kMIUILCIpYXQIOFEZMIA
2NjQ20TQSImVACCI6MTYyMDY200MANCWi aXNZ101b3B1baF tLnFwaSTSINN1YI61QONCISIm"
"refresh token expires in": 86400
"requested by id": "1234567890"
}
2. A case of revoked or Invalid Access token
This reason indicates that the access token is no longer valid or that it has been terminated by the API service. This can occur for a number of reasons, such as the user revoking access, the token expiring, or the user changing their password. Once an application attempts to use an invalid or revoked access token, it will generally receive an error message, such as "Invalid Access Token" or "Revoked Access Token," indicating that it is unable to carry out the requested action.
The solutions for the "Invalid or Revoked Access Token" error
In case the error is because of an invalid or revoked access token, you are required to follow the same steps as for a token that has expired, as shown above, in order to obtain a new one.
3. Invalid Credentials
Invalid credentials generally refer to incorrect or expired authentication credentials that have been used to acquire an access token. This can include: an incorrect username or password, an expired authorization code or refresh token, or even an incorrect client id or client secret. Invalid credentials will thus, result in a failed authentication attempt and the inability to obtain a valid access token. The latter will prevent the user from accessing protected resources or trying to make API calls.
The solutions for the "Invalid Credentials"
In this case you need to verify that the client ID and secret that you are using are accurate. This is done by consulting the Sage Intacct Developer Console. If not, then you need to reset your password or to get help from Sage Intacct customer support.
4. Insufficient permissions
Insufficient permissions implies a situation where the user or application trying to access a certain resource or perform a specific action does not have the required permissions to do so. This can be because the user does not have the required role or the permission level, or because the application has not been authorized to perform the action.
The kind of permissions needed for the Sage Intacct depends on what you are trying to do. The common kinds of permissions consist of role-based, object-based, action-based, and company-based permissions. In order to access the API Endpoints such as the access token endpoint, the application should be authorized by an administrator and have the required permissions assigned to it. In case a user is not sure of which permissions are needed, they can check the documentation of the software or speak with an administrator.
Also Checkout -> Sage 50 Payroll Full Payment Submission Error
The solutions for the "Insufficient permissions"
Make sure that the user linked with the access token has the required permissions to perform the desired action. In case they do not have the needed permissions, you might need to adjust their role or permission level or even seek assistance from the Sage Intacct support.
Conclusion
So, there you have it friends, these are some aspects related to the Sage Intacct Integration Error 401 Unauthorized. How did you find this article so far? Was it helpful? Do let us know in the space below and we would love to hear from you.
FAQs For Sage Intacct Integration Error 401 Unauthorized
Q. How can one fix the unauthorized 401 error?
A. In order to do this you need to:
- Start by Confirming that the URL is correct.
- Next, Double-check the URL in case it has been misspelled or outdated.
- Now, Clear cache.
- After this Check the authentication credentials.
- Now, Disable the password protection.
- Finally Troubleshoot the code.
Q. What is the 401 error when you are trying to access the API?
A. The 401, Unauthorized, status code denotes that the authentication credentials received have not been authorized. The user might repeat the request using a new or replaced Authorization header field.
Q. What does 401 authorization required mean?
A. This is a HyperText Transfer Protocol (HTTP) 401 Unauthorized response status code that indicates that the client request has not been completed as it lacks valid authentication credentials for the requested resource.