powered by Jive Software

Openfire UserService Authorization


I am following the documentation linked from the plugin page for the userservice api. I have figured out how to setup the headers. They look exactly as they should. When the request is sent, I have checked in Fiddler that all the appropriate content types, payload, and authorization headers are being sent, they are. I have tried using HTTP basic auth, and a token, but neither worked. I just constantly get “401 Not Authorized.” Example:

Request: GET http://domain.tld:9090/plugins/userService/users HTTP/1.1
Host: domain.tld:9090
Authorization: mySuperSecretToken
Accept: */*
Cookie: PHPSESSID=7493e16cc0b9b835d237e2cfc7822fda; JSESSIONID=94s6oyfe2rvewh2j5uej5cq3 Response:
HTTP/1.1 401 Unauthorized
Content-Length: 0

If you need any log files / configuration files, just say and I will be happy to post.

I’d be grateful if anyone could help, this is really starting to bug me.


Send once again the request and look at your error logs.


  • Do you use the User service 2.0.2?

  • Is Shared secret Enabled in Server Settings > User Service and is the secret key set to mySuperSecretToken