I'd really appreciate it if you didn't cross-post.  This topic seems more relevant to RPG400-L vs. Midrange-L, so I am replying on the RPG list.

With regards to the bearer token -- its something that you have to implement yourself, as HTTPAPI does not know about bearer tokens.  It looks as though you are doing this correctly (but I am not an expert).  If you had a bad bearer token, it SHOULD be responding with a 401 Authorization Error rather than 400 Bad Request.  Unless theres an actual syntax error in the token, I suppose that could be a "bad request".

Its important to understand that the "400 Bad Request" is not being sent by HTTPAPI -- this was sent from the HTTP server that you are connecting to (, and HTTPAPI is merely relaying it through to your program so that you know what it reported.  For some reason it does not believe that your HTTP request is valid.

This could be due to the URL you are using -- for example, the addressLine1 contains a LOT of blank characters... perhaps the HTTP server requires the blanks to be trimmed?

You could consider trying a tool like SoapUI or PostMan to make the request.  If you can get a valid request with those tools, you can see exactly what they are sending, and then do the same thing with HTTPAPI.  I usually find that approach to be helpful.


On 8/22/2018 2:47 PM, Mohammad Tanveer wrote:
I am able to use the HTTP handler to add Authorization but it seems like
Bearer is not suppoted by APIs? its keep saying bad request if I don't
pass it then I get UNAUTHORIZED Response. Is there something else needs to
be added to the header to make it work?

Here is the http log..

HTTPAPI Ver 1.39 released 2018-03-09
NTLM Ver 1.4.0 released 2014-12-22
OS/400 Ver V7R2M0

New iconv() objects set, PostRem=819. PostLoc=0. ProtRem=819. ProtLoc=0
http_persist_open(): entered
http_long_ParseURL(): entered
DNS resolver retrans: 2
DNS resolver retry : 10
DNS resolver options: x'00000136'
DNS default domain: mycom.COM
DNS server found:
DNS server found:
DNS server found:
Nagle's algorithm (TCP_NODELAY) disabled.
http_persist_req(GET) entered.
http_long_ParseURL(): entered
http_long_ParseURL(): entered
do_oper(GET): entered
There are 0 cookies in the cache
User-Agent: http-api/1.39
Accept-Encoding: gzip,deflate
Authorization: Bearer

recvresp(): entered
HTTP/1.1 400 Bad Request
X-Powered-By: Servlet/3.1
X-Application-Context: customer-matching-service:dev:11184
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Language: en-US
Transfer-Encoding: chunked
Connection: Close
Date: Wed, 22 Aug 2018 19:39:02 GMT

SetError() #13: HTTP/1.1 400 Bad Request
recvresp(): end with 400
recvdoc parms: chunked 0
header_load_cookies() entered
recvchunk(): entered
get_chunk_size(): entered

chunk size = 0
get_chunk_size returned 0
SetError() #13: HTTP/1.1 400 Bad Request
http_close(): entered

On Tue, Aug 21, 2018 at 6:05 PM Mohammad Tanveer <surgum@xxxxxxxxx> wrote:

Anyone knows or have an example how to call http request using LIBHTTP
APIS using Authentication Type Bearer?


How can we add header parameters?


This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2020 by and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].