Developper tools send agentless whatsapp : This request requires a non-user context. User token cannot be used for requests to this

Riko80 · February 23, 2023, 2:28pm

Hi,
I want to send an agentless whatsapp from the developper tools tab "send an agentless whatsapp
I get this error message :
{
"message": "This request requires a non-user context. User token cannot be used for requests to this resource.",
"code": "not.a.client",
"status": 400,
"contextId": "7c3ecf32-c536-4816-aab0-cffdf9470408",
"details": [],
"errors": []
}

this is below my request :

/api/v2/conversations/messages/agentless

{

"fromAddress": "81ff9d2a-a865-48b2-bb3e-7c4fbe0a14b0",

"toAddress": "212XXXXXXXXXX",

"toAddressMessengerType": "whatsapp",

"textBody": "",

"messagingTemplate": {

"responseId": "",

"parameters": [

{

"id": "",

"value": ""

}

]

},

"useExistingActiveConversation": true

}

How can I solve this problem to send an agentless whatsapp please?

Regards

Eos_Rios · February 23, 2023, 2:40pm

Off hand I'd say you'll need to generate an OAuth token and use Postman or Insomnia or similar.
Some things can't be done by a user, some things can only be done a user.

The API is clear on this;

Send an agentless outbound message. Send an agentless (api participant) outbound message using a client credential grant. In order to call this endpoint you will need OAuth token generated using OAuth client credentials authorized with at least messaging scope. This will generate a new Conversation, if there is an existing active Conversation between the fromAddress and toAddress already, then this POST will fail.

tim.smith · February 23, 2023, 2:47pm

You will need to implement the client credentials grant in your application or use a local tool like postman to test it. Client credentials are never able to be used in a browser under any circumstances.

Riko80 · February 23, 2023, 2:52pm

Thank you for your update,

What type of OAUTH should I choose?
once this OAUTH generated how should I implement it with the developper tools part?
I have never used postman, is there a place where I should declare OAUTH?
Regards

Riko80 · February 24, 2023, 7:54am

@tim.smith,
Thank you for your update,

What type of OAUTH should I choose?
once this OAUTH generated how should I implement it with the developper tools part?
I have never used postman, is there a place where I should declare OAUTH?
Regards
[/quote]

tim.smith · February 24, 2023, 2:17pm

The one I linked above. Client credentials.

You don't. As stated previously, client credentials are never able to be used in a browser under any circumstances.

Yes. Authorizing requests | Postman Learning Center

Riko80 · February 27, 2023, 7:45am

@tim.smith
Thank you for your answer,
I created Oauth of type client information on the admin side as below :

I tried to test it with insomnia but each time it gives me the " 404 bad request" error message as on the screenshot as below

Regards

Riko80 · February 27, 2023, 7:55am

@tim.smith
I also ran this test but got a "400 bad request" error message

Regards

tim.smith · February 27, 2023, 2:25pm

@Riko80 You must regenerate your client secret immediately. You have posted your org's credentials publicly on the internet. I have removed the offending screenshots, but some person/app could have scraped the values. Please review with your security team to check for unauthorized activity in your org. Client secrets must always be handled like passwords.

tim.smith · February 27, 2023, 2:27pm

Please read the error message you're getting in the response; it tells you what is wrong. Refer to the client credentials documentation linked above for documentation on the correct format. You must send the request exactly as documented.

system · March 30, 2023, 2:27pm

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.