How to debug 401 Unauthorized errors

Nextcloud version (eg, 12.0.2): 16.0.2
Operating system and version (eg, Ubuntu 17.04): Debian 4.9.65-3+deb9u1
Apache or nginx version (eg, Apache 2.4.25): 2.4.38 (Debian)
PHP version (eg, 7.1): 7.3.9-1~deb10u1

The issue you are facing:

I have created a group called Writing Group [wg]. I am attempting to add a user to that group using the API.

I am sending:

POST to https://cloud.extinctionrebellion.org.uk/ocs/v1.php/cloud/users/robrenouf/groups
Headers:
  Authorization: Basic (removed)
  OCS-APIRequest: true
  Accept: application/json
  Accept: text/html
  Accept: */*
  User-Agent: BasecampGatewayLive
  Content-Type: application/json; charset=utf-8

Content is:

  "groupid": "Writing Group [wg]"

And receiving:

StatusCode: 401, ReasonPhrase: 'Unauthorized'
Headers:
  Date: Thu, 12 Dec 2019 00:13:49 GMT
  Server: Apache/2.4.38
  Server: (Debian)
  Strict-Transport-Security: max-age=31536000; includeSubDomains
  Cache-Control: no-store, must-revalidate, no-cache
  Pragma: no-cache
  Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self'
  X-Frame-Options: SAMEORIGIN
  X-Content-Type-Options: nosniff
  X-XSS-Protection: 1; mode=block
  X-Robots-Tag: none
  X-Download-Options: noopen
  X-Permitted-Cross-Domain-Policies: none
  Referrer-Policy: no-referrer
  Expires: Thu, 19 Nov 1981 08:52:00 GMT
  Content-Length: 111
  Content-Type: application/json; charset=utf-8

Content:
{"ocs":{"meta":{"status":"failure","statuscode":997,"message":"","totalitems":"","itemsperpage":""},"data":[]}}

Is this the first time you’ve seen this error? (Y/N): Y

Steps to replicate it:

See above

The output of your Nextcloud log in Admin > Logging:

The nextcloud.log does not contain any output from within 1 hour of the time of the error.

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):
Note - there is no config.php file in /var/www/nextcloud - it is in /var/www/nextcloud/config. Here it is:

<?php
$CONFIG = array (
  'passwordsalt' => '(Removed)',
  'secret' => '(Removed)',
  'trusted_domains' => 
  array (
    0 => 'localhost',
    1 => '(Removed)',
  ),
  'datadirectory' => '(Removed)',
  'dbtype' => 'mysql',
  'version' => '16.0.2.1',
  'overwrite.cli.url' => 'http://localhost',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'nextcloud',
  'dbpassword' => '(Removed)',
  'installed' => true,
  'instanceid' => 'oco7zw7q011j',
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'mail_from_address' => 'cloud',
  'mail_smtpmode' => 'smtp',
  'mail_sendmailmode' => 'smtp',
  'mail_domain' => '(Removed)',
  'mail_smtphost' => '127.0.0.1',
  'mail_smtpport' => '25',
  'maintenance' => false,
  'default_locale' => 'en-GB',
  'default_language' => 'en-GB',
);

The output of your Apache/nginx/system log in /var/log/____:

(Removed) - (Removed) [12/Dec/2019:00:13:49 +0000] "POST /ocs/v1.php/cloud/users/robrenouf/groups HTTP/1.1" 401 775 "-" "(Removed)"

There is nothing near that time in the apache error log.

Other, similar, posts to add users to groups work fine.

Adding that user to that group manually, using the UI, works.

Could it possibly be something to do with the group name having a square bracket in it?

How do I find out?

Hi!

I have a same issue can i get a help?

BR Gaben

I was running the program that uses the Api continuously. I opened a connection to it (with a built-in cookie container - this comes as standard in C#), and kept that connection open all the time.
I think the authorisation code must check the cookies, and decide it needs a password because it hasn’t had one recently, before the regular check for Api calls allows the call in.

Anyway, I changed my code so it opened a new connection, with an empty cookie container, much more frequently (every few minutes), and I stopped getting the errors.

Hope that helps.