error="invalid_token", error_description="Invalid access token: '...'

[avatar-lavventura]

I have followed this guide's Retrieving Public Data section:

Please note that I have successfully obtained my token and paste it next to Bearer :
Example output of my access_token:

{"access_token":"baf58c02-e7ca-45b2-950a-44d6a39f851e","token_type":"bearer","refresh_token":"0b5bcdec-ff67-42b2-9c27-906126b2f66b","expires_in":631138518,"scope":"/authenticate","name":"name surname","orcid":"0000-0001-7642-0552"}%

---

I keep getting following error ({"error":"invalid_token","error_description":"Invalid access token: dd91868d-d29a-475e-9acb-bd3fdf2f43f4"}) when I try to obtain the public record:

$ token='baf58c02-e7ca-45b2-950a-44d6a39f851e';
$ curl -i -H "Accept: application/vnd.orcid+xml" -H 'Authorization: Bearer dd91868d-d29a-475e-9acb-bd3fdf2f43f4' 'https://api.sandbox.orcid.org/v2.1/0000-0002-9227-8514/record'

HTTP/1.1 401 Unauthorized
Server: nginx/1.10.0
Date: Sat, 05 May 2018 18:18:04 GMT
Content-Type: application/vnd.orcid+xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Cache-Control: no-store
Pragma: no-cache
WWW-Authenticate: Bearer realm="ORCID T2 API", error="invalid_token", error_description="Invalid access token: dd91868d-d29a-475e-9acb-bd3fdf2f43f4"

{"error":"invalid_token","error_description":"Invalid access token: dd91868d-d29a-475e-9acb-bd3fdf2f43f4"}%

[Q] What should I do to overcome this error? What might be the reason for this?

[alainna]

@avatar-lavventura We have a mailing list for API issues. Please see: https://groups.google.com/group/orcid-api-users

[avatar-lavventura]

Thanks @alainna .

[rcpeters]

The actual issue the /authenticate token can't be used for anything. When you get the token you also get the ORCID iD in the token returned, which is the authenticate aspect. For public api users there is also a two step /read-public token.

[rcpeters]

See: https://github.com/ORCID/ORCID-Source/tree/master/orcid-model/src/main/resources/record_2.1#scopes

[avatar-lavventura]

Sorry I get lost on the documentation section. I just want to GET record of a user, please note that I do have only a personal account.

I am using this section with the access_token that obtained from Developer Tools (https://orcid.org/developer-tools) section.

[Q] How can I obtain /read-public token? Isn't it same as access_token?

I would appreciate if you could guide me in this. @rcpeters

[lizkrznarich]

@avatar-lavventura /read-public tokens are generated using client credentials grant type (rather than authorization code) - see https://github.com/ORCID/ORCID-Source/tree/master/orcid-api-web#generate-a-two-step-read-public-access-token In the future, please post questions to the API users group https://groups.google.com/group/orcid-api-users

[avatar-lavventura]

Please see (https://groups.google.com/forum/#!topic/orcid-api-users/b4-5oZ5PfWw) @lizkrznarich.