Posting to workflow endpoint gives HTTP Unauthorized


Hey there,

I’m playing around with the Workflows API in ruby using a trial account. Here is my code.

It seems that I’m able to retrieve the workflow that I created manually (using the browser interface). However, I posting with the same hapikey I used to get with gives the following error:
{“status”:“error”,“message”:“Any of the listed authentication credentials are missing”,“correlationId”:“92bcc536-22b8-4540-b12a-bfd56fcb93a2”,“engagement”:{“shhkey-v1”:“shhkey-v1 not engaged. Shhkey not found in the request header.”,“hapikey”:“hapikey not engaged. hapikey is not present in query params.”,“oauth-token”:“oauth-token not engaged. OAuth access token not found in request header.”,“access_token”:“access_token not engaged. Token not found in query params.”,“internal-cookie”:“internal-cookie not engaged. Cookie not found in the request.”,“app-cookie”:“app-cookie not engaged. App cookie is not present on the request.”,“legacy-app-cookie”:“legacy-app-cookie not engaged. Auth cookie is not present in the request.”,“saml-redirect”:“Not engaged, HubId not specified on the request, cannot identify Identity Provider. is missing”},“requestId”:“8e23cbd316cffcf3216ae80650c07618”}

Any chance someone could shed some light? Thanks for your time and help.


Hi @tmzhuang

Nothing really jumps out to me from your code, but that error message would indicate that the hapikey query parameter is missing or formatted incorrectly in the request URL (you’d get a different error message saying the hapikey was invalid if there was a problem specific to the key itself). It looks like your code is printing the value for uri that would be used in the requests, can you verify that the URLs look correct, and do they work you copy and paste them into a browser?


Hey @dadams

Here is the uri I’m getting the workflow from: “”.

And here is the uri I’m trying to post the workflow to: “”.

Seems to work fine when I just paste into a browser. Any ideas? Thanks.


@tmzhuang both of those URLs look ok to me, and they both work in my browser.

Are you getting that error for both the GET and the POST in your code? The GET works fine for me when testing your script (I’m getting an error for the POST but it’s because the version of Ruby I have doesn’t like



The GET works for me as well. The POST is the one that gives me the HTTP unauthorized.