Add token to header in API Call

Hi
I need to add a Token to my API Call. I get this token from a previous API call. It works if I set a policy where I set the token myself to the header, but I need to this to be dynamic. I have tried with a Transformation Policy but I must be doing something wrong.

I have written this policy

If I preview the policy it seems to work as I want it to

But I just get a 401 when I run the API call

If I enable this policy where I set the header manually, then the API call works

Find more posts tagged with

ION API Gateway

Accepted answers

unknown

yes, you need to have parameter in the 2nd API to map the token from the 1st API response body.

for example: the 1st API response is a json message with "access_token" key has token value

add a header parameter to 2nd API , the parameter name can be anything.

in API flow map the token value from 1st API response to the header parameter in 2nd API

The transformation policy on 2nd API is

<?xml version="1.0" encoding="UTF-8"?>
<jsonTransform continueOnError="false" displayName="JSON transform Policy-example"
enabled="true" name="JSON-Tranform-example" version="1.0"
xmlns="">http://www.infor.com/ion/api"
xmlns:xsi="">www.w3.org/.../XMLSchema-instance"
xsi:schemaLocation="http://www.infor.com/ion/api jsonTransform.xsd">
<transformations>
<transform kind="handlebars">{{setReqHeader 'authorization' (append "Bearer " (requestVars 'request.header.Bearertoken')) }} {{JSONstringify (jsonPathNoWrap '$') }} </transform>
</transformations>
</jsonTransform>

hope this help you.

All comments

unknown

you can try the following transformation policy

<?xml version="1.0" encoding="UTF-8"?>
<jsonTransform continueOnError="false" displayName="JSON transform Policy-example"
enabled="true" name="JSON-Tranform-example" version="1.0"
xmlns="">http://www.infor.com/ion/api"
xmlns:xsi="">www.w3.org/.../XMLSchema-instance"
xsi:schemaLocation="http://www.infor.com/ion/api jsonTransform.xsd">
<transformations>
<transform kind="handlebars">{{setReqHeader 'authorization' (jsonPathValue '$.access_token') }} {{JSONstringify (jsonPathNoWrap '$') }} </transform>
</transformations>
</jsonTransform>

Claes Röjder

Thanks for replying, but it didn't work.
Is there any way I can see how my request headers looks like after making the API call?

Rémi Rudiger

Hi,

you can use https://public.requestbin.com/r to analyze what your request loook like.

Just replace your Target Endpoint URL by the Requestbin endpoint url.

Regards

unknown

you can try this code, I included Bearer keyword. please note space after Bearer keyword

<?xml version="1.0" encoding="UTF-8"?>
<jsonTransform continueOnError="false" displayName="JSON transform Policy-example"
enabled="true" name="JSON-Tranform-example" version="1.0"
xmlns="">http://www.infor.com/ion/api"
xmlns:xsi="">www.w3.org/.../XMLSchema-instance"
xsi:schemaLocation="http://www.infor.com/ion/api jsonTransform.xsd">
<matcher matchKind="string" matchValue=" " matchAction="apply"/>
<transformations>
<transform kind="handlebars">{{setReqHeader 'authorization' (append "Bearer " (jsonPathValue '$.access_token')) }} {{JSONstringify (jsonPathNoWrap '$') }} </transform>
</transformations>
</jsonTransform>

you can see the request body is intact and the authorization parameter is added as well.

Claes Röjder

In the API Flow, Do I need to have a parameter for the input (the text in sample input)? I get the word Bearer but no token from the input right now.

Copyright © 2025 Infor. All rights reserved.