Discussions

we recently encountered this failure in our automation that calls the [PUT update OpenAPI](https://docs.readme.com/main/reference/updateapispecification spec endpoint

HttpResponseProxy{HTTP/1.1 400 Bad Request [Date: Tue, 06 Jun 2023 17:09:11 GMT, Content-Type: application/json; charset=utf-8, Content-Length: 855, Connection: keep-alive, X-Xss-Protection: 1; mode=block, X-Dns-Prefetch-Control: off, X-Frame-Options: Deny, Strict-Transport-Security: max-age=15552000; includeSubDomains, X-Download-Options: noopen, X-Content-Type-Options: nosniff, X-Powered-By: Express, Warning: 199 - "Authorization token in request should be Base64 encoded", X-Documentation-Url: https://docs.readme.com/main/logs/a33ddb46-ad7a-4428-ae84-d95c842128bf, Etag: W/"357-5mB4EKrmnApLjk3SlNuYpGGDO5c", Vary: Accept-Encoding, Via: 1.1 vegur, CF-Cache-Status: DYNAMIC, Server: cloudflare, CF-RAY: 7d3242f5ce5c30ab-SEA] ResponseEntityProxy{[Content-Type: application/json; charset=utf-8,Content-Length: 855,Chunked: false]}

we have been passing Authorization: Basic $readmeApiKey as the authorization for some time now and this has been working. I see the cool new https://docs.readme.com/main/reference/intro/authentication section of the docs, but this doesn't mention base64 encoding the api key.

What stands out to me is the Warning: 199 - "Authorization token in request should be Base64 encoded" , which could be fine and unrelated to the failed API call if it's just a warning (unless it is the issue, in which case shouldn't that make this a http status 401?