Skip to main content
Solved

401 authentication_failed in data-privacy but works everywhere else

  • September 10, 2024
  • 2 replies
  • 105 views

Forum|alt.badge.img
  • Contributor I
  • 1 reply

Hello I am building a Klaviyo integration. It will be on the klaviyo app store which means im using Oauth for authentication. 


Every api request has been working well but one thing I need to do is delete profiles. I have been using the Request Profile Deletion call to delete profiles but it always returns a 401 authentication_failed.

Since im using Oauth the user gets a access token. I have been using the access token with no problems for api calls. I easily create profiles with it in the header like
'Authorization' => 'Bearer  {{ accessToken }}'

Now this header doesn’t work for the delete profile endpoint. I have added the necessary scopes `data-privacy:write data-privacy:read` to both my integration settings and my code. 

Any ideas?
Here is the code if it helps 

$deletionRequest = [
    'data' => [
        'type' => 'data-privacy-deletion-job',
        'attributes' => [
            'profile' => [
                'data' => [
                    'type' => 'profile',
                    'attributes' => [
                        'email' => $email 
                    ]
                ]
            ]
        ]
    ]
];

$client = new Client();
$response = $client->request('POST', 'https://a.klaviyo.com/api/data-privacy-deletion-jobs/', [
    'json' => $deletionRequest,
    'headers' => [
        'Authorization' => 'Bearer ' . $accessToken,
        'accept' => 'application/json',
        'content-type' => 'application/json',
        'revision' => '2024-07-15',
    ],
]);


Any advice would be very helpful thank you!

Best answer by Kim Strauch

Hey @Socha, a 401 indicates you’re running into an access token auth issue vs. missing required scopes. A missing required scopes error should manifest as a 403.

Can you please make sure you’re populating the access token properly? Also, if you can provide an actual error response payload you’re receiving, the team may be able to take a closer look at what’s going on here. 

View original
Did this topic or the replies in the thread help you find an answer to your question?

2 replies

Kim Strauch
Klaviyo Employee
Forum|alt.badge.img+9
  • Klaviyo Employee
  • 91 replies
  • Answer
  • September 16, 2024

Hey @Socha, a 401 indicates you’re running into an access token auth issue vs. missing required scopes. A missing required scopes error should manifest as a 403.

Can you please make sure you’re populating the access token properly? Also, if you can provide an actual error response payload you’re receiving, the team may be able to take a closer look at what’s going on here. 


Forum|alt.badge.img
  • Author
  • Contributor I
  • 1 reply
  • September 18, 2024

Hi Kim

thanks for getting back to me. Im pretty sure Im passing in the access tokens correctly.

here is the error payload

 

{"errors":[{"id":"a87ff47b-cc9a-4944-9dfb-175ed299afc5","status":401,"code":"authentication_failed","title":"Incorrect authentication credentials.","detail":"Missing or invalid authorization","source":{"pointer":"/data/"}}]}