404 Not Found Error when calling access_tokens


#1

I am trying to build a GitHub App (in C#) and I’m getting stuck on getting an access token. I have followed the documentation as best I could but I keep getting a 404 error when trying to get an access token. This is completely unhelpful as it doesn’t tell me where the problem exists.

I have created a JWT token using the App_ID and I am able to issue the following command

curl -i -H "Authorization: Bearer {JWT}" -H "Accept: application/vnd.github.machine-man-preview+json" https://api.github.com/app/installations

This returns the application installations without any problems. When I try to use the following API I keep getting a 404:

 "access_tokens_url": "https://api.github.com/installations/49778/access_tokens"

My code was building this URL based on the Installation Id provided in the webhook payload, and I matched that my code was using the exact same URL as that returned in the /app/installations call above.

Using the following command fails:

curl -H "Authorization: Bearer {JWT}" -H "Accept: application/vnd.github.machine-man-preview+json" https://api.github.com/installations/49778/access_tokens

#2

@jbrinkman If I understand correctly, you’re trying to call

curl -H "Authorization: Bearer {JWT}" -H "Accept: application/vnd.github.machine-man-preview+json" https://api.github.com/installations/49778/access_tokens

in order to generate a token, correct? If so, you’ll need to change the verb for the call:

curl -XPOST -H "Authorization: Bearer {JWT}" -H "Accept: application/vnd.github.machine-man-preview+json" https://api.github.com/installations/49778/access_tokens

Let me know if I’ve misunderstood where you’re running into trouble.


#3

Thanks. The POST verb was definitely the issue. This is not prominently displayed in the documentation for getting an access token.

I recommend adding a prominent link to the relevant portions of the API as it was not easy to find the access token API in the API documentation.


#4

Glad you got it sorted.

Yeah, I think the documentation for this could use another pass. Thanks for bringing it up!