invalid_authorization_header - pagSeguro

Question

I'm trying to use the checkout API of pagSeguro. I had already done my register on sandbox and got my token, I don't know if i supposed to do anything else, but after I had registered and got my token, I tried to use it in the API example and it gave me the following error:

{
  error_messages: [
    {
      error: 'invalid_authorization_header',
      description: 'Invalid credential. Review AUTHORIZATION header.'
    }
  ]
}

My code:

const options = {
  method: 'POST',
  headers: {
    accept: 'application/json',
    Authorization: 'xxxx',
    'Content-type': 'application/json'
  },
  body: JSON.stringify({
    reference_id: 'cp-000001',
    expiration_date: '2023-08-14T19:09:10-03:00',
    customer: {
      name: 'João test',
      email: '[email protected]',
      tax_id: '00000000000',
      phone: {country: '+55', area: '27', number: '999999999'}
    },
    customer_modifiable: true,
    items: [
      {reference_id: 'ITEM01', name: 'item name', quantity: 1, unit_amount: 500}
    ],
    additional_amount: 0,
    discount_amount: 0,
    shipping: {
      type: 'FREE',
      amount: 0,
      service_type: 'PAC',
      address: {
        country: 'BRA',
        region_code: 'SP',
        city: 'São Paulo',
        postal_code: '01452123',
        street: 'Faria Lima',
        number: '12',
        locality: 'Pinheiros',
        complement: '4 floor'
      },
      address_modifiable: true,
      box: {dimensions: {length: 15, width: 10, height: 14}, weight: 300}
    },
    payment_methods: [
      {type: 'credit_card', brands: ['mastercard']},
      {type: 'credit_card', brands: ['visa']},
      {type: 'debit_card', brands: ['visa']},
      {type: 'PIX'}
    ],
    payment_methods_configs: [
      {
        type: 'credit_card',
        brands: ['mastercard'],
        config_options: [{option: 'installments_limit', value: '10'}]
      }
    ],
    soft_descriptor: 'xxxx',
    redirect_url: 'https://pagseguro.uol.com.br',
    return_url: 'https://pagseguro.uol.com.br',
    notification_urls: ['https://pagseguro.uol.com.br']
  })
};

fetch('https://sandbox.api.pagseguro.com/checkouts', options)
  .then(response => response.json())
  .then(response => console.log(response))
  .catch(err => console.error(err));

does anyone know what I have to do?

I tried using different things instead of the token, but they didn't work either.

Answer 1

apparently you are not following the correct format of header for authorizations. check their documentation for further information. https://developers.international.pagseguro.com/docs/payment-page-api

There ypu will see that the API expects the authorization header to be in a specific format: Concatenate your email and token separated by a colon (:). Base64 encode the concatenated string. Prepend the string "Basic " to the encoded string.

If you not follow it, your request will be denied.

Example of how you should do the request:

const email = '[email protected]';
const token = 'your_pagseguro_token';

const authString = `${email}:${token}`;
const encodedAuth = btoa(authString);

Answer 2

Your request seems to be right (except for tax_id).

The Authorization header should be your Sandbox token.

You can find it in the "Vendedor" section of the sandbox account.

For example: Authorization: Bearer CE12334345634C67899C441EE072402F

Here is a full example with your request:

const myHeaders = new Headers();
myHeaders.append("Content-Type", "application/json");
myHeaders.append("Authorization", "Bearer CE12334345634C67899C441EE072402F");

const raw = JSON.stringify({
  "reference_id": "cp-000001",
  "expiration_date": "2024-08-14T19:09:10-03:00",
  "customer": {
    "name": "João test",
    "email": "[email protected]",
    "tax_id": "01234567890",
    "phone": {
      "country": "+55",
      "area": "27",
      "number": "999999999"
    }
  },
  "customer_modifiable": true,
  "items": [
    {
      "reference_id": "ITEM01",
      "name": "item name",
      "quantity": 1,
      "unit_amount": 500
    }
  ],
  "additional_amount": 0,
  "discount_amount": 0,
  "shipping": {
    "type": "FREE",
    "amount": 0,
    "service_type": "PAC",
    "address": {
      "country": "BRA",
      "region_code": "SP",
      "city": "São Paulo",
      "postal_code": "01452123",
      "street": "Faria Lima",
      "number": "12",
      "locality": "Pinheiros",
      "complement": "4 floor"
    },
    "address_modifiable": true,
    "box": {
      "dimensions": {
        "length": 15,
        "width": 10,
        "height": 14
      },
      "weight": 300
    }
  },
  "payment_methods": [
    {
      "type": "credit_card",
      "brands": [
        "mastercard"
      ]
    },
    {
      "type": "credit_card",
      "brands": [
        "visa"
      ]
    },
    {
      "type": "debit_card",
      "brands": [
        "visa"
      ]
    },
    {
      "type": "PIX"
    }
  ],
  "payment_methods_configs": [
    {
      "type": "credit_card",
      "brands": [
        "mastercard"
      ],
      "config_options": [
        {
          "option": "installments_limit",
          "value": "10"
        }
      ]
    }
  ],
  "soft_descriptor": "xxxx",
  "redirect_url": "https://pagseguro.uol.com.br",
  "return_url": "https://pagseguro.uol.com.br",
  "notification_urls": [
    "https://pagseguro.uol.com.br"
  ]
});

const requestOptions = {
  method: "POST",
  headers: myHeaders,
  body: raw,
  redirect: "follow"
};

fetch("https://sandbox.api.pagseguro.com/checkouts", requestOptions)
  .then((response) => response.text())
  .then((result) => console.log(result))
  .catch((error) => console.error(error));

For more details, check the documentation.