Developer forum

Forum » Dynamicweb 10 » Live product info

Live product info

E-mail notifications
Cátia Torego
Reply
Posted on 28/05/2025 19:03:49

Hi,

When logged in and impersonating a customer, the GetProductsInfo request is being sent with ExternalUserId and AccessUserCustomerNumber as Anonymous. (request_without_token.png

<GetEcomData ExternalUserId="Anonymous" AccessUserCustomerNumber="Anonymous" VatCountryCode="DK" VatPostingGroup="">

Before the api call to /dwapi/ecommerce/products/ is made there is a check for a SwiftLoginBearerToken cookie that is missing, so I added some custom code to make sure it exists. 
Now the GetProductsInfo request has the correct values for ExternalUserId and AccessUserCustomerNumber, (request_with_token.png) but the api call returns a bad request.

<GetEcomData ExternalUserId="10338" AccessUserCustomerNumber="10338" VatCountryCode="US" VatPostingGroup="">

If the api call doesn't allow the token to be sent how can ExternalUserId and AccessUserCustomerNumber get the correct values?

 

DW version: 10.16.0

request_without_token.png request_with_token.png

Replies

 
Nicolai Pedersen Dynamicweb Employee
Nicolai Pedersen
Posted on 02/06/2025 11:15:04
Reply

Hi

Whenever you call /dwapi you have to send a JWT token of the user which data you require. The /dwapi endpoints are always at all times stateless, so JWT is required to get anything in the context of a user.

So it is correct you have to set the bearer token (JWT) in the /dwapi request.

Are you sure the JWT has not expired?

The only badrequest the /dwapi/ecommerce/products/ endpoint otherwise can give is if you are missing either group or repository/query parameters in the request (which does not seem to be the case). I can see the url you post to /dwapi contains a userid - you cannot not send a userid to the endpoint in the querystring - you have to only send the JWT and that will translate into a userid.

 
Cátia Torego
Posted on 03/06/2025 12:01:01
Reply

Hi Nicolai,

The token is not expired. I tried removing the userid but there is no diference, the bad request happens when the token is added.

 
Nicolai Pedersen Dynamicweb Employee
Nicolai Pedersen
Posted on 03/06/2025 16:45:31
Reply

Can you check what is on the response tab of the bad request?

And what happens if you remove ?getproductinfo=true from the request URL?

I cannot figure out why you get a 400 Bad Request as that should only happen if you URL does not meat one of these criterias

  1. GroupID=XYZ
  2. ProductIds=abc,def
  3. RepositoryName=someRepository&QueryName=someQuery

Any other situation should result in 200, 204 or 404

Also - what is the complete URL of your request? Are you sure it is encoded correctly?

 
Cátia Torego
Posted on 04/06/2025 11:47:22
Reply
This post has been marked as an answer

Hi Nicolai,

I just found the issue,

The code that adds the token to the request was:

if (bearerToken !== "") {
    fetchProducts.headers.Authorization = bearerToken;
}

And it needed to be:

if (bearerToken !== "") {
    fetchProducts.headers.Authorization = "Bearer " + bearerToken;
}

Thanks for helping.

Votes for this answer: 1

 

You must be logged in to post in the forum