[#692] code -32600 Invalid request

system · May 3, 2021, 10:18pm

Migrated from Redmine #692 | Author: Marco Deppe
Status: Closed | Priority: High, I’m very impatient | Created: 2021-05-03

Hi, trying to use the REST API to find free slots per API documentation | SimplyBook.me Online Scheduling but I receive code -32600 Invalid request

$ curl -d ‘{“company":“bartellcentral”,“login”:"automation@example.com”,“password”:“passwordremoved”}’ -H “Content-Type: application/json” https://user-api.enterpriseappointments.com/admin/auth
{“error”:{“code”:-32600,“message”:“Invalid request”,“data”:},“id”:null}

Our booking site is SimplyBook.me — Free Online Appointment Scheduling Service

Appreciate your help!

system · May 4, 2021, 9:53am

Dmytro Bondarev wrote:

Hi! To use REST API on your server you should use user-api-v2.simplybook.pro endpoint.

system · May 4, 2021, 4:37pm

Dino Ganas wrote:

same issue

(Short original content)

system · May 4, 2021, 4:45pm

Dmytro Bondarev wrote:

Please provide RAW HTTP request

system · May 4, 2021, 5:16pm

Dino Ganas wrote:

#API details
url = “https://user-api-v2.simplybook.me/admin/auth”
body = json.dumps({“company”:“ashleyhomestoreappointments”, “login”:““, “password”:””})
headers = {‘Content-Type’: ‘application/json’}

#Making http post request
response = requests.post(url, headers=headers, data=body, verify=False)
#token = print(response.json())
json_obj=response.json()#json.loads(html)
token_string=json_obj[“token”]#.encode(“ascii”,“ignore”)
#session=json_obj[“auth_session_id”]#.encode(“ascii”,“ignore”)
print(token_string)
print(json_obj)

url1 = “https://user-api-v2.simplybook.pro”
body1 = json.dumps({“X-Company-Login”:“ashleyhomestoreappointments”, “X-Token”:token_string})
headers1 = {‘Content-Type’: ‘application/json’}
response1 = requests.get(url1, headers=headers1, data=body1, verify=False)
json_obj1=response1.json()
print(json_obj1)

system · May 4, 2021, 5:19pm

Dmytro Bondarev wrote:

You are using wrong URL, please follow documentation.

system · May 4, 2021, 5:23pm

Dino Ganas wrote:

can you please be more specific? i refered to the original documentation and it didnt work or if im doing something wrong then assist with example
thx

system · May 4, 2021, 5:26pm

Dino Ganas wrote:

i used simplybook.me didnt work, then referred to simplybook.pro and it didnt work

system · May 4, 2021, 5:27pm

Dmytro Bondarev wrote:

url1 = “https://user-api-v2.simplybook.pro”

It is wrong URL, please see REST API documentation and select proper URL API documentation | SimplyBook.me Online Scheduling

system · May 4, 2021, 5:29pm

Dmytro Bondarev wrote:

For example to get bookings list
https://user-api-v2.simplybook.pro/admin/bookings

system · May 4, 2021, 5:34pm

Dino Ganas wrote:

i tried that already..still getting message

9f1fea52bd5d8968e56b225e8d7e425edbdd59d73cc31111405263ca7d0de870
{‘token’: ‘9f1fea52bd5d8968e56b225e8d7e425edbdd59d73cc31111405263ca7d0de870’, ‘company’: ‘ashleyhomestoreappointments’, ‘login’: ‘admin’, ‘refresh_token’: ‘54c7fc2824e6a159e68357461f79b120ce23e73a10ece14ba201508095aefe94’, ‘domain’: ‘simplybook.me’, ‘require2fa’: False, ‘allowed2fa_providers’: , ‘auth_session_id’: ‘’, ‘id’: None}
{‘code’: 401, ‘message’: ‘Unauthorized’, ‘data’: , ‘message_data’: }

system · May 4, 2021, 5:37pm

Dmytro Bondarev wrote:

Please provide http request. Above is your code, not raw http request.

system · May 4, 2021, 5:58pm

Dino Ganas wrote:

< POST /admin/auth HTTP/1.1
< Host: user-api-v2.simplybook.me
< User-Agent: python-requests/2.24.0
< Accept-Encoding: gzip, deflate
< Accept: /
< Connection: keep-alive
< Content-Type: application/json
< Content-Length: 86
<
< {“company”: “ashleyhomestoreappointments”, “login”: “admin”, “password”: “FDETeam123”}

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 May 2021 17:56:54 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 316
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Access-Control-Allow-Headers: content-type, x-company-login, x-token, x-requested-with
X-XSS-Protection: 1; mode=block

{“token”:“e4219d21a8177d88fad5fdb5f7a0209b21302f211d679924316dc9606f04afbe”,“company”:“ashleyhomestoreappointments”,“login”:“admin”,“refresh_token”:“6b2220994fbc7c9ac47e5f07e4b8fbc76994d35cc88a12b2e0be3094d35c347b”,“domain”:“simplybook.me”,“require2fa”:false,“allowed2fa_providers”:,“auth_session_id”:“”,“id”:null}
< GET /admin/bookings HTTP/1.1
< Host: user-api-v2.simplybook.pro
< User-Agent: python-requests/2.24.0
< Accept-Encoding: gzip, deflate
< Accept: /
< Connection: keep-alive
< Content-Type: application/json
< Content-Length: 129
<
< {“X-Company-Login”: “ashleyhomestoreappointments”, “X-Token”: “e4219d21a8177d88fad5fdb5f7a0209b21302f211d679924316dc9606f04afbe”}

HTTP/1.1 401 Unauthorized
Server: nginx
Date: Tue, 04 May 2021 17:56:54 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 65
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: sb_line_token_user-api-v2=1620151014%7CbMOVaLQ1AzpQMqDFWbnSJA%3D%3D%7C84d471206b056692e43a9c3a951cead01816a1ce; path=/; secure; HttpOnly; SameSite=none
Set-Cookie: sb_token_user-api-v2=1620151014%7CNdrNFBeNKiW5xf1sLBhdJg%3D%3D%7Cd868a3bc8e84319fe31185b51aaa76c9e5fafbdd; path=/; secure; HttpOnly; SameSite=none
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Access-Control-Allow-Headers: content-type, x-company-login, x-token, x-requested-with

{“code”:401,“message”:“Unauthorized”,“data”:,“message_data”:}

system · May 4, 2021, 6:31pm

Dino Ganas wrote:

Dino Ganas wrote:

< POST /admin/auth HTTP/1.1
< Host: user-api-v2.simplybook.me
< User-Agent: python-requests/2.24.0
< Accept-Encoding: gzip, deflate
< Accept: /
< Connection: keep-alive
< Content-Type: application/json
< Content-Length: 86
<
< {“company”: “ashleyhomestoreappointments”, “login”: “", “password”: "*”}

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 May 2021 17:56:54 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 316
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Access-Control-Allow-Headers: content-type, x-company-login, x-token, x-requested-with
X-XSS-Protection: 1; mode=block

{“token”:“e4219d21a8177d88fad5fdb5f7a0209b21302f211d679924316dc9606f04afbe”,“company”:“ashleyhomestoreappointments”,“login”:“*****”,“refresh_token”:“6b2220994fbc7c9ac47e5f07e4b8fbc76994d35cc88a12b2e0be3094d35c347b”,“domain”:“simplybook.me”,“require2fa”:false,“allowed2fa_providers”:,“auth_session_id”:“”,“id”:null}
< GET /admin/bookings HTTP/1.1
< Host: user-api-v2.simplybook.pro
< User-Agent: python-requests/2.24.0
< Accept-Encoding: gzip, deflate
< Accept: /
< Connection: keep-alive
< Content-Type: application/json
< Content-Length: 129
<
< {“X-Company-Login”: “ashleyhomestoreappointments”, “X-Token”: “e4219d21a8177d88fad5fdb5f7a0209b21302f211d679924316dc9606f04afbe”}

HTTP/1.1 401 Unauthorized
Server: nginx
Date: Tue, 04 May 2021 17:56:54 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 65
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: sb_line_token_user-api-v2=1620151014%7CbMOVaLQ1AzpQMqDFWbnSJA%3D%3D%7C84d471206b056692e43a9c3a951cead01816a1ce; path=/; secure; HttpOnly; SameSite=none
Set-Cookie: sb_token_user-api-v2=1620151014%7CNdrNFBeNKiW5xf1sLBhdJg%3D%3D%7Cd868a3bc8e84319fe31185b51aaa76c9e5fafbdd; path=/; secure; HttpOnly; SameSite=none
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Access-Control-Allow-Headers: content-type, x-company-login, x-token, x-requested-with

{“code”:401,“message”:“Unauthorized”,“data”:,“message_data”:}

system · May 4, 2021, 6:34pm

Dmytro Bondarev wrote:

You have to pass X-Company-Login and X-Token as headers, instead of passing them as body.

system · May 4, 2021, 7:09pm

Dino Ganas wrote:

seemed to have worked… thank you.