REST API Usage

sperok · August 5, 2016, 1:30am

I am trying to use the REST API to access my Rachio device from a server that I host, but keep getting 401 Unauthorized. I am using the correct API Key, at least it gives me correct results when using curl. Might this be a CORS issue? The Rachio web app is running in my browser on my local machine, but the “origin” and “referrer” servers are a remote machine.

FIREFOX NETWORK TRACE

Request URL:https://api.rach.io/1/public/person/info
Request Method:GET
Status Code:401 Unauthorized
Remote Address:52.42.219.241:443

Request Headers

Accept:/
Accept-Encoding:gzip, deflate, sdch, br
Accept-Language:en-US,en;q=0.8
Authorization:bearer correct-rachio-api-key
Connection:keep-alive
Content-Type:application/json
Host:api.rach.io
Origin:http://my IP address deliberately hidden
Referer:http://my IP address deliberately hidden
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36

Response Headers
Access-Control-Allow-Credentials:true
Access-Control-Allow-Origin:http://my IP address deliberately hidden
Access-Control-Expose-Headers:Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Cache-Control:no-cache, no-store, max-age=0, must-revalidate
Connection:keep-alive
Content-Length:56
Content-Type:application/json;charset=utf-8
Date:Fri, 05 Aug 2016 01:08:43 GMT
Expires:0
Pragma:no-cache
Server:Apache-Coyote/1.1
Strict-Transport-Security:max-age=31536000 ; includeSubDomains
X-Content-Type-Options:nosniff
X-Frame-Options:DENY
X-XSS-Protection:1; mode=block

sperok · August 5, 2016, 2:19am

Problem solved. The Authorization parameter was not correctly encoded.

Gorilla800lbs · August 9, 2016, 5:32pm

Hello! I am just starting to dabble with Rachio API, and I am having the same initial issue, I believe. Would you mind elaborating on how did you need to encode the Authorization parameter?

Thanks!

sperok · August 9, 2016, 5:55pm

Here are the steps I took. You can see the encoding of the API Access Token in the Javascript/Jquery step 3.

Get API Access Token from the app.rach.io using upper right hand menu. Note - the API Access Token below is faked.
Use curl example from Obtaining your API Token to test:

curl -X GET -H “Content-Type: application/json” -H “Authorization: Bearer 19ed0123-abcd-4d48-921b-17d4d9876838” https://api.rach.io/1/public/person/info

The response to this API should be the user’s ID if the API Access Token is OK.

Coded some Javascript to read the API Key from an Input field and generate an XHR request

function getUserId() {
	// Get the Rachio user info
	$.ajax({
		type: "GET",
		beforeSend: function (xhr) {
    		xhr.setRequestHeader('Authorization', 'Bearer ' + $('#apiKey').val())
    	},
		url: "https://api.rach.io/1/public/person/info",
		contentType: "application/json",
		async: true
	}).then(function(data) {
		getUser(data.id)
	})
}

function getUser(id) {
	$.ajax({
		type: "GET",
		beforeSend: function (xhr) {
    		xhr.setRequestHeader('Authorization', 'Bearer ' + $('#apiKey').val())
    	},
		url: 'https://api.rach.io/1/public/person/' + id ,
		contentType: "application/json",
		async: true
	}).then(function(data) {
		updateUser(data)
	})
}

Gorilla800lbs · August 9, 2016, 6:22pm

@sperok

I got it working, thank you very much!