The Movie Database Support Forum
Support → API-Support
Create list error 401
Verfasst von Shahood Ul HassanSTAFFMOD am 2. April 2025 um 05:32
Hi, I'm trying to create a list via "Try it" feature on the API reference page. However, I'm failing with 401 saying: 'Sorry, your couldn't be authenticated with those credentials' pointing at my access token.
My fetch request:
const url = 'https://api.themoviedb.org/3/list?session_id=%7B%20%20%20%22success%22%3A%20true%2C%20%20%20%22session_id%22%3A%20%2230036ee8426fc0d347056e7be55fb77565598114%22%20%7D';
const options = {
method: 'POST',
headers: {
accept: 'application/json',
'content-type': 'application/json',
Authorization: 'Bearer {MY_ACCESS_TOKEN}'
},
body: JSON.stringify({name: 'SUH first list', description: 'This is my first list', language: 'en'})
};
fetch(url, options)
.then(res => res.json())
.then(json => console.log(json))
.catch(err => console.error(err));
Response:
{
"success": false,
"status_code": 3,
"status_message": "Authentication failed: You do not have permissions to access the service."
}
I'm new to the Authentication API. I've created the request_token, authorized it and created a session_id successfully. However, when I try to create a list on a test basis, I fail as mentioned above.
Kindly let me know what I'm doing wrong.
Thanks!
Antwort von Travis Bell
am 2. April 2025 um 10:41
It's because you're authenticating with a bearer token. That is taking preference over your query params.
If you want to keep using a bearer token, you will need to create an access token that has been authorized by your user. This is outlined here.
If you don't care about bearer authentication, switch to using
api_keyas a query param, and delete the Authorization header.Antwort von Shahood Ul Hassan
am 3. April 2025 um 01:23
I didn't quite get it. Firstly, I forgot to explicitly mention that I was using V3, although it was evident from the fetch request I shared.
So if I wanna keep using the bearer token, I'll have to switch to using V4 way of authorization via an access token?
Antwort von Travis Bell
am 3. April 2025 um 09:34
The bearer token is already technically “v4” authentication. That’s why you’re having an issue.
So yes, you have to continue to use v4 for user authentication, or switch to query params for authentication (which is technically “v3”).
Antwort von Shahood Ul Hassan
am 4. April 2025 um 02:28
For anyone interested in the outcome of this thread:
If someone wants to keep using the bearer token in V3, he should create an
access_tokenusing this V4 workflow.Then, use this
access_tokento get asession_idin V3 as mentioned here.