I’m trying to access an API using Postman to get a response using basic authentication, but when I submit the data, it gives me the dreaded 400 error, which apparently indicates that some headers aren’t set up properly.
Here’s the API info:
Request
Endpoint: {loginUrl}
Data to submit: an email and a password
POST /login HTTP/1.1
Host: {baseUrl}
Accept: application/json
Content-Type: application/json
Content-Length: 68
{
"email": "{email}",
"password": "{password}"
}
And in response, I should get an encrypted token in form of JSON, instead I’m getting this error.
Here are the postman screenshots:
Am I missing something?
asked Jan 28, 2018 at 17:28
7
I also faced the same issue and i updated my postman header with the below image. And issue solved.
answered Aug 11, 2021 at 5:54
1
From the lack of details it’s difficult to offer a specific answer but I can offer something that you can try — The Request data you posted in the question looks like you should be adding:
{
"email": "{email}",
"password": "{password}"
}
In the Body section of the request but your images don’t show that you’ve added that to the Body on any request, you’ve added it as a Auth header instead, so remove that before trying again. I’m not sure of the need to add the Content-Length header as that will change for different username and password combinations in the payload or for the length of the response.
answered Jan 28, 2018 at 19:08
Danny DaintonDanny Dainton
22.5k6 gold badges62 silver badges75 bronze badges
In case anyone finds this helpful, I ran into the same issue and the culprit turned out to be missing headers. I knew I needed the "Content-Type": "application/json" header, which I already had in place, but I didn’t know that I was missing two other headers.
The solution for me was also adding the "Content-Length" and "Host" headers in Postman.
I see some others have questioned the need for the "Content-Length" header, but in my case, the minimum three needed were "Content-Type", "Content-Length", and "Host" or it would always fail.
answered Feb 25, 2022 at 20:03
cf512cf512
614 bronze badges
I faced a similar issue. it got resolved when i called my placeholder as a tuple.
answered Oct 5, 2022 at 10:02
1
I had the same problem,and I discovered was sending a json body from postman while a text option was selected instead of a json.
answered Mar 4 at 22:16
Describe the bug
A clear and concise description of what the bug is.
To Reproduce
Steps to reproduce the behavior:
- Go to ‘…’
- Click on ‘….’
- Scroll down to ‘….’
- See error
Expected behavior
A clear and concise description of what you expected to happen.
Screenshots
If applicable, add screenshots to help explain your problem. Please make sure the screenshot does not contain any sensitive information such as API keys or access tokens.
App information (please complete the following information):
- App Type [e.g. Chrome App, Native App]
- Postman Version [e.g. 6.0.1]
- OS: [e.g. macOS High Sierra 10.13.2]
Additional context
Add any other context about the problem here.
@MuraliKrishna4550 You are going to have to give more information than this.
Can you please give us more details? Console Logs would be helpful so we can get an idea of what may be happening.
I am having the same problem.
Any POST request to any service running on any port on localhost never hits the service. It immediately errors out with a 400 Bad Request. I have included as much information as is relevant to the problem, the same request made of a valid hostname elsewhere works without issue.
MacOS 10.15.5
Postman 7.28.0 (Native App)
I recently updated Postman on a reboot and ever since I have experienced this problem, I have no issues reaching valid hostnames, it is just when I attempt to hit localhost that it nearly immediately gives a 400 and I do not see the request hit the locally running service that is being developed.
@gintohewoo The request does reach your locally running service that’s why it’s returning a 404 response.
Can you share what’s the request URL like? or, share steps that we can use to reproduce this issue locally?
Did you disable the Host request header? I see it’s missing from the attached console screenshot.
I am not sure how to disable the HOST request header.
I believe the host is missing because this request is going to localhost. I do see the host header entry when I hit the services running at a valid hostname, so perhaps this is the issue.
@gintohewoo Host header is attached to every request sent unless it’s disabled explicitly. Refer to the following screenshot and check if the Host field is disabled/unchecked.
Everything looks as it should on my end.
I have simply rolled back to an earlier version and things appear to be working now. Thank you for your assistance but I had to get this deployed by end of week this week, sorry I could not be of more help.
@hostaur Note that this setting is deprecated and will be removed in the future.
Can you share what’s the issue you are facing and got the need of turning this OFF?
I’m facing the same issue in Version 9.14.0 after the update. Where can I get the previous version of postman?
where is the problem reply as sson as possible urgent
I have a very basic webApi built/running (pretty much template app, nothing more) in order to follow a training video. The GET and DELETE calls work fine, PUT and POST give a 400 error. Admittedly very new to all this so I’m looking for some basic direction as to how to troubleshoot. Pertinent screen shots follow, I’d be glad to provide others as requested. Thanks in advance.
asked Jan 28, 2019 at 21:10
1
you are trying to make POST request which needs string value in its body.
Step to the Body section of the Postman Request, select form-data after that add value as parameterName and This is test string as parameter value
answered Jan 28, 2019 at 21:14
8
I know this very old thread but may help someone so posting my answer.
try updating your method attribute[HttpPost(«New»)] and call it as http:localhost//api/new.
answered May 22, 2020 at 7:04
0
Mine is a development env on .net core.
This drove me nuts and lost 5 hours, all preventing post requests from either the browser calls or from Postman.
The following three changes helped me in 3 different scenarios.
- First I disabled the https and made it only http. Commented out sslPort and removed ‘s’ from https.
- Next I felt xsrf/csrf token are causing issues, so I disabled Anti Forgery token as follows. As you can see I applied the IgnoreAntiforgeryToken attribute at the controller level, but you may also apply at the action method level as needed. The token is sent anyway, but you can ask .net core to ignore it, for that route.
- Finally, I noticed that ApiVersion parameter in the action method is also causing issues, so I commented that out as well.
answered Jul 4, 2021 at 5:02
VivekDevVivekDev
19.6k24 gold badges126 silver badges194 bronze badges
1
Problem Description:
I’m trying to access an API using Postman to get a response using basic authentication, but when I submit the data, it gives me the dreaded 400 error, which apparently indicates that some headers aren’t set up properly.
Here’s the API info:
Request
Endpoint: {loginUrl}
Data to submit: an email and a password
POST /login HTTP/1.1
Host: {baseUrl}
Accept: application/json
Content-Type: application/json
Content-Length: 68
{
"email": "{email}",
"password": "{password}"
}
And in response, I should get an encrypted token in form of JSON, instead I’m getting this error.
Here are the postman screenshots:
Am I missing something?
Solution – 1
From the lack of details it’s difficult to offer a specific answer but I can offer something that you can try – The Request data you posted in the question looks like you should be adding:
{
"email": "{email}",
"password": "{password}"
}
In the Body section of the request but your images don’t show that you’ve added that to the Body on any request, you’ve added it as a Auth header instead, so remove that before trying again. I’m not sure of the need to add the Content-Length header as that will change for different username and password combinations in the payload or for the length of the response.
Solution – 2
I also faced the same issue and i updated my postman header with the below image. And issue solved.
Solution – 3
In case anyone finds this helpful, I ran into the same issue and the culprit turned out to be missing headers. I knew I needed the "Content-Type": "application/json" header, which I already had in place, but I didn’t know that I was missing two other headers.
The solution for me was also adding the "Content-Length" and "Host" headers in Postman.
I see some others have questioned the need for the "Content-Length" header, but in my case, the minimum three needed were "Content-Type", "Content-Length", and "Host" or it would always fail.
Solution – 4
I faced a similar issue. it got resolved when i called my placeholder as a tuple.
This blog article shows you one of the possible ways to resolve 400 Bad Request on Postman when sending a POST to ASP.NET Web Api. This article expects you to know C# and basic ASP.NET Web Api. When you have a HttpPost in Web Api with a method that tales string as the parameter.
[HttpPost]
public void Post([FromBody] string value)
{
string str = value;
}
You will see the 400 Bad Request when you POST to the Web Api.
You need to create a class to hold the string, even is only one strong. Like the class below.
public class DataLean
{
public string Name { get; set; }
}
In the HttpPost method, uses the class as the parameter.
[HttpPost]
public void Post([FromBody] DataLean value)
{
string str = value.Name;
}
Send a POST again from Postman.
You can see the POST is working with 200 OK status.
Source code download: https://github.com/chanmmn/WebApi
About chanmingman
Since March 2011 Microsoft Live Spaces migrated to WordPress (http://www.pcworld.com/article/206455/Microsoft_Live_Spaces_Moves_to_WordPress_An_FAQ.html) till now, I have is over 1 million viewers. This blog is about more than 50% telling you how to resolve error messages, especial for Microsoft products. The blog also has a lot of guidance teaching you how to get stated certain Microsoft technologies. The blog also uses as a help to keep my memory. The blog is never meant to give people consulting services or silver bullet solutions. It is a contribution to the community. Thanks for your support over the years.
Ming Man is Microsoft MVP since year 2006. He is a software development manager for a multinational company. With 25 years of experience in the IT field, he has developed system using Clipper, COBOL, VB5, VB6, VB.NET, Java and C #. He has been using Visual Studio (.NET) since the Beta back in year 2000. He and the team have developed many projects using .NET platform such as SCM, and HR based applications. He is familiar with the N-Tier design of business application and is also an expert with database experience in MS SQL, Oracle and AS 400.