The Movie Database -tuki
Tuki → API-tuki
Create list error 401
Kirjoittanut Shahood Ul HassanSTAFFMOD pvä 2 huhtikuu 2025 klo 5:32AM
Hi, I'm trying to create a list via "Try it" feature on the API reference page. However, I'm failing with 401 saying: 'Sorry, your couldn't be authenticated with those credentials' pointing at my access token.
My fetch request:
const url = 'https://api.themoviedb.org/3/list?session_id=%7B%20%20%20%22success%22%3A%20true%2C%20%20%20%22session_id%22%3A%20%2230036ee8426fc0d347056e7be55fb77565598114%22%20%7D';
const options = {
method: 'POST',
headers: {
accept: 'application/json',
'content-type': 'application/json',
Authorization: 'Bearer {MY_ACCESS_TOKEN}'
},
body: JSON.stringify({name: 'SUH first list', description: 'This is my first list', language: 'en'})
};
fetch(url, options)
.then(res => res.json())
.then(json => console.log(json))
.catch(err => console.error(err));
Response:
{
"success": false,
"status_code": 3,
"status_message": "Authentication failed: You do not have permissions to access the service."
}
I'm new to the Authentication API. I've created the request_token, authorized it and created a session_id successfully. However, when I try to create a list on a test basis, I fail as mentioned above.
Kindly let me know what I'm doing wrong.
Thanks!
Vastaus käyttäjältä Travis Bell
2 huhtikuu 2025 klo 10:41AM
It's because you're authenticating with a bearer token. That is taking preference over your query params.
If you want to keep using a bearer token, you will need to create an access token that has been authorized by your user. This is outlined here.
If you don't care about bearer authentication, switch to using
api_keyas a query param, and delete the Authorization header.Vastaus käyttäjältä Shahood Ul Hassan
3 huhtikuu 2025 klo 1:23AM
I didn't quite get it. Firstly, I forgot to explicitly mention that I was using V3, although it was evident from the fetch request I shared.
So if I wanna keep using the bearer token, I'll have to switch to using V4 way of authorization via an access token?
Vastaus käyttäjältä Travis Bell
3 huhtikuu 2025 klo 9:34AM
The bearer token is already technically “v4” authentication. That’s why you’re having an issue.
So yes, you have to continue to use v4 for user authentication, or switch to query params for authentication (which is technically “v3”).
Vastaus käyttäjältä Shahood Ul Hassan
4 huhtikuu 2025 klo 2:28AM
For anyone interested in the outcome of this thread:
If someone wants to keep using the bearer token in V3, he should create an
access_tokenusing this V4 workflow.Then, use this
access_tokento get asession_idin V3 as mentioned here.