Loading

'401 Unauthorized' error for a Marketing Cloud authentication call

Publiceringsdatum: Oct 13, 2022
Beskrivning

Incorrect Client ID and Client Secret combination

Ensure you are using the correct Client ID and Client Secret combination.

 

Service User is inactive

When an installed package is created, a service user is created behind the scenes. These users do not show up in the Marketing Cloud Setup portion of the UI. They can be retrieved using SOAP API. Depending on your login expiry policy, this service user could have expired if not used regularly. You can reactivate the user through SOAP API.
Lösning
First, you will need to find the name of your installed package.
 
  • Go to Setup | Platform Tools | Apps | Installed Packages
  • Find the package name, click on it
  • Confirm the Client ID and Client Secret are correct and what you are using to authenticate

The package name is used to create the service user. The naming convention is {Package Name} + 'app user'. You will need to note this for later use.

Use the below call to retrieve a list of inactive users.
  
<s:Body xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <RetrieveRequestMsg xmlns="http://exacttarget.com/wsdl/partnerAPI">
         <RetrieveRequest>
            <ObjectType>AccountUser</ObjectType>
            <Client>
               <ID>123456789</ID>
            </Client>
            <Properties>ID</Properties>
            <Properties>CreatedDate</Properties>
            <Properties>ModifiedDate</Properties>
            <Properties>Client.ID</Properties>
            <Properties>AccountUserID</Properties>
            <Properties>ActiveFlag</Properties>
            <Properties>Name</Properties>
            <Filter xsi:type="SimpleFilterPart">
               <Property>ActiveFlag</Property>
               <SimpleOperator>equals</SimpleOperator>
               <Value>0</Value>
            </Filter>
         </RetrieveRequest>
      </RetrieveRequestMsg>
   </s:Body>

 

Example response

<RetrieveResponseMsg xmlns="http://exacttarget.com/wsdl/partnerAPI">
         <OverallStatus>OK</OverallStatus>
         <RequestID>b9363eb1-abd8-4302-8fba-6d1e5adbe937</RequestID>
         <Results xsi:type="AccountUser">
            <Client>
               <ID>123456789</ID>
            </Client>
            <PartnerKey xsi:nil="true"/>
            <CreatedDate>2016-03-22T16:11:30.8</CreatedDate>
            <ModifiedDate>2019-03-20T11:07:04.097</ModifiedDate>
            <ID>77777777</ID>
            <ObjectID xsi:nil="true"/>
            <AccountUserID>7654321</AccountUserID>
            <Name>authtest app user</Name>
            <ActiveFlag>false</ActiveFlag>
            <Delete>0</Delete>
         </Results>
      </RetrieveResponseMsg>

If the service user is returned in this list, they may have been disabled due to login expiry. 

Run the below call to update the ActiveFlag for the Service User in question.
  
<soapenv:Body>
<UpdateRequest xmlns="http://exacttarget.com/wsdl/partnerAPI">
        <Options/>
        <Objects xsi:type="AccountUser">
           <Client>
              <ClientID>123456789</ClientID>
           </Client>
           <ObjectID xsi:nil="true"/>
           <ID>77777777</ID>
           <Name>authtest app user</Name>
           <ActiveFlag>1</ActiveFlag>
        </Objects>
     </UpdateRequest>
   </soapenv:Body>

You should get a success response. Once complete, attempt to run the authentication call again.
 
Knowledge-artikelnummer

000384562

 
Laddar
Salesforce Help | Article