Getting 401 unauthorized for embedding apps (using Postman)

Help Needed

Working on postman to get retool embed URL but getting unauthorized

Hitting POST Request on https://[company]

In the Headers Section

I have set Authorization with a value retool_xxxxxxxxxxxxxx

My body looks like

      "landingPageUuid": "xyz",
      "externalIdentifier": "zxy",
      "groupIds": ["123"],
      "metadata": {
        "mode" : "dark"

What am i doing wrong ?

I think the authorization header is wrong, or well... the value isn't right and you do have to use an actual Retool API Key that you generated in your settings menu. it should look like this:

Authorization: 'Bearer SDFHEIUH23HJKS289:KNBEASIO230589'

you also need the content type header:
'Content-Type': 'application/json'

depending on where you look in the docs this is only available to Business and Enterprise plans.... and in 1 place it says this is only available to Enterprise plans, so idk take it how you want i guess :person_shrugging:

here right under the heading title you'll see "Available on: Business Plan and Enterprise Plan"

and just a little further down it says Enterprise only or self hosted

I'd assume this would cause the same unauthorized error as having the Authorization header wrong.

1 Like

Hey, Thank You. I figured out generating the url. How can i make sure the generated url is public.
I want to send metadata in a public url

you generated the URL using an authorized API key and the correct end point, ensuring the response contains a public URL is 100% up to Retool. The metadata is actually only populated when the public url is generated, so if you need to send new metadata or update it I believe you'll need to generate a new public url using the new metadata. When you generate the public url it unfortuantely doesn't open like a stream or socket for the metadata, its more like it encodes the metadata then passes it along as a URL Parameter.... so any changes that need to be made have to be done in another Post to generate the public url w the new metadata. Be sure to enable Prevent Query Spoofing btw if you haven't already

1 Like