API authentication token problem


I am trying to pause a conversation using HITL module.I am using botpress 12.3.

.post(‘http://XXX.XXX.XXX.X:3000/api/v1/bots/’ + event.botId + ‘/mod/hitl/sessions/’ + event.threadId + ‘/pause’, {
headers: headers
.then(function(response) {
user.request = event.credentials
user.response = response
.catch(function(error) {
// handle error
user.request = event.credentials
user.response = error
.finally(function() {
// always executed

And I get authorization error, since I did not provide a Bearer token.

To get the token, I use a post request as below:

var loginheaders = {
‘Content-Type’: ‘application/x-www-form-urlencoded’

const login = await axios
  .post('http://XXX.XXX.XXX:3000/api/v1/auth/login/basic/default', {
    headers: loginheaders,
    email: 'myemail',
    password: 'mypass'

But I get an error saying " email and strategy are mandatory".

My question is how can I get the token to call hitl api to pause conversations. I couldn’t find any document which describes how to get tokens programatically.

Thank you.


Depending on where do you perform this call the answer might change.

if you have access to bp sdk (i.e you are in a module) then you can simply use

const config = await bp.http.getAxiosConfigForBot('yourBotID')
// config has authorization headers
await axios.post('http://XXX.XXX.XXX:3000/api/v1/bots/yourBotID/mod/hitl/sessions/sessionID/pause', {}, config)

Now, if for some reason you are outside of botpress you indeed need to get your authoriation token from your credentials. You almost had it right, just no header required

const login = await axios
.post('http://XXX.XXX.XXX:3000/api/v1/auth/login/basic/default', {
    email: 'myemail',
    password: 'mypass'

Thank you very much, it works.

Please include this detail to the documentation. Maybe as a reminder on HITL section.

1 Like


I’m strugling with the same problem, but in my case I’m making a POST call

http://localhost:3000/api/v1/auth/login/basic/default {email=myEmail’, password=‘myPassw’}

(I’m using my actual email/password) inside Insomnia

and getting the same result as he got, before your answer to @utkufk .

Do you have any clue to help me?

Thanks a lot.