Showing results for 
Search instead for 
Did you mean: 

OAuth2 authentication error

New Contributor

I have built a pipeline that includes accessing a secure rest endpoint. I have created an account for OAuth2 authentication and tried all different grant types, however it doesn’t seem as though the authentication for the account is being utilized in the pipeline. I consistently receive a 499 Token Required error.

I am not certain if I am not configuring the snap correctly or if it is a configuration issue on the account. The account shows that it has accepted the Client ID/Client Secret and produced a token with an expiration. The token refreshes successfully as well.

I have looked through the community site and setup the snaps using the documentation. At this point I feel I’ve exhausted my resources and could use some assistance.

Thanks in advance



There are two key points to look at when it comes to oauth2 accounts. I’m not sure what api you are using, but more likely than not its documentation talks about “sending token as Authorization header”. If that’s in the API spec, that means you need to check the “Header Authenticated” option in the account, that indicates that the access token (typically a bearer token) will be sent as an Authorization header to the end point in the format Bearer <access_token>. Different apis respond differently to missing that authorization, some will respond with a 401, it seems the one you’re using responds with a 499.

Thanks for the quick response. I’ve been looking into the documentation on my end (I am using an Esri ArcGIS Portal rest endpoint) and it seems as though it doesn’t utilize authorization headers but passes them through the URL, although the documentation isn’t completely clear and I’m still researching.

If I do check the header authenticated box in the account settings it does produce a error 498 which is an invalid token instead of a token required, so it does see one I assume

yeah, I started looking through their documentation and it seems they’re using some fairly strange way of either doing the oauth calls or handling some other aspect. It’s really hard to get set up to test with them on my own, so I’m not totally sure how far I can get, but I have a few things going on my side that I’m going to look into if I get some time today. I don’t even see any documentation regarding the 499 or 498 status codes (which are custom codes they’ve put together on their side).

Thanks for your help, I appreciate it. I’m going to try it in a couple other test environments and see if I get different results. Additionally, if need be I may open a support ticket with Esri, although that may be as helpful as their documentation