When making HTTPS requests to the system via the Nx Cloud service, sometimes you may encounter HTTP 401 Unauthorized errors, even if your credentials are correct. This issue often arises due to improper handling of HTTP redirection, where the authentication header is not sent along with the redirected request. HTTP redirection is occurring because the Nx Cloud relay service is dynamically directing requests to the nearest geographical relay server. This ensures optimal performance and reduced latency by routing traffic through the closest available server.

Why isn’t the authentication working?

When a request is redirected (e.g., HTTP status code 307 Temporary Redirect), the client application or framework might not automatically resend the authentication header to the new redirected destination. This results in the Server returning an HTTP 401 Unauthorized error because the redirected request lacks the necessary authentication information.

How can I solve this issue?

To handle this issue, you need to check the HTTP status code of the response. If it is 307, this indicates a redirection. You then need to extract the new URL from the `Location` header of the response and resend your request to the new destination, including the authentication header.

Here's a step-by-step pipeline:

1. Send the Initial Request
   Make your initial request with the necessary authentication headers.
2. Check the Response Status Code
   If the response status code is 307, extract the new relay URL from the `Location` header.
3. Resend the Request to the New URL
   Resend your request to the new URL, ensuring that you include the authentication headers.

Handling HTTP redirections in python

This redirection issue has often been seen while using the `requests` module in Python, which is a popular choice for making HTTP and HTTPS requests due to its simplicity and ease of use. Here is an example of how the issue can be addressed in python.

def request_api(url, uri, method, **kwargs):
  server_url = f'{url}{uri}'
  response = requests.request(
      method,
      server_url,
      **kwargs)

  # Handle the redirection. Check for HTTP status code (307)
  if response.status_code == requests.codes.temporary_redirect:
      new_url = response.headers["Location"]
      response = requests.request(
          method,
          new_url,
          **kwargs)
  if not check_status(response):
      exit(1)
  if response.headers.get('Content-Type') == 'application/json':
      return response.json()
  else:
      return response.content

Handling HTTP redirections in Postman

Postman is a tool for developers to easily create, test, and manage APIs. It allows you to send requests, inspect responses, and automate API testing, helping streamline the development process.However, sometimes you may also find the redirection issue during your test using Postman. To resolve the issue, you can refer to the following steps to configure the Postman to retain the authentication header.

1. Open Postman: Launch Postman on your computer.
2. Create or select a request.
3. Select the Settings tab on the URL
4. Find the `Follow Authorization header` option.
5. Toggle the option to enable it to ensure the authorization header is retained when a redirect happens to a different hostname.
6. Send the request by clicking the `Send` button to send your request with the authentication header.

By enabling the Follow Authorization header option, Postman will retain the authentication header for your requests, including during redirects to different hostnames, making it easier to manage and reuse authentication details across your API calls.

Handling HTTP redirections in N8N

For advanced users working with n8n, please refer to the following resources:

Please refer to this post, which explains how to use the built-in tools in n8n to create the necessary URL extraction steps. 

Additionally, please review this article which covers how to forward the Authentication Header correctly in the latest version of n8n.

Any questions?

Please also explore our GitHub for useful resources and sample code. 
There are tools and our open-source repos available, and it will be able to boost your projects and streamline your development process. Check it out now!