Step 5 - Using the OAuth Token (Making API calls?)


I’m having some trouble making calls with the API. I am able to get back the access token but when I try to make a GET request to make API calls I’m getting this error.

body: `{"errors":[{"code":1,"code_name":"Unauthorized","detail":"The server could not verify that you are authorized to access the URL requested. You either supplied the wrong credentials (e.g. a bad password), or your browser doesn't understand how to supply the credentials required.","id":"f551adf8-d096-46cc-90a5-d67ceeb87638","status":"401","title":"Unauthorized"}]}`,
  statusCode: 401

I’m doing all of this in a JavaScript Node environment. I suspect that I’m not constructing the GET request correctly but I’m not exactly sure how it should be done.
Here is the code I’m using to make all of this work.

const tiny = require('tiny-json-http')

let client_id = process.env.CLIENT_ID
let client_secret = process.env.CLIENT_SECRET
let redirect_uri = process.env.REDIRECT_URI

module.exports = async function patreon(req) {
    let code = req.query.code
    console.log('code', code)
    console.log("made it to patreon.js")
    try {
        let result = await{
            url: `${code}&grant_type=authorization_code&client_id=${client_id}&client_secret=${client_secret}&redirect_uri=${redirect_uri}`,
            headers: {
                'content-type': 'application/x-www-form-urlencoded'
        console.log("RESULT:", result)
      let token = result.body.access_token
      console.log("TOKEN:", token)

      let user = await tiny.get({
        url: ``,
        headers: {
          Authorization: `${token}`,
          Accept: 'application/json'
      console.log("made it to part2")
      return {
    } catch (err) {
      return {
        error: err.message

The first half of this code runs and I’m able to use a POST to receive the access token but the GET is giving me the error.

Any help or direction would be appreciated. Thank you!

At a first glance, it looks like your Authorizations statement is invalid. I’m not sure on the language you’re using but try:

Authorization: `Bearer `${token}`,
For more info, see: API Reference

It could be the capitalization of Authorization even, given it shows as lower case in the API docs, but I don’t know how particular their system actually is.

Past that, did you request the identity scope when that user authenticated with Patreon?

1 Like

This was exactly it. I’m authorized and getting back a response now! Thank you so much for your help. I was stuck on this for the past few days. I should be able to grok these scopes and API calls now. Thanks again Zanaras.

1 Like

Happy to help! If you have any future questions about API stuff, hit me up. I don’t have many patrons myself to really test things out with but I’ve done a bunch of work figuring out how the API actually works.