Cannot access AWX API using OAuth 2 token

With AWX 23.5.2, I can authenticate and access the API using a browser without any issue.

However, trying to automate it with the CLI in a different matter…

Getting an OAuth 2 token:

curl -u awx_user:password -k -X POST https://awx_host/api/v2/tokens/
{
  "id": 22,
  "type": "o_auth2_access_token",
  "url": "/api/v2/tokens/22/",
  "related": {
    "user": "/api/v2/users/1/",
    "activity_stream": "/api/v2/tokens/22/activity_stream/"
  },
  "summary_fields": {
    "user": {
      "id": 1,
      "username": "awx_user",
      "first_name": "",
      "last_name": ""
    }
  },
  "created": "2024-02-06T16:03:56.006883Z",
  "modified": "2024-02-06T16:03:56.018615Z",
  "description": "",
  "user": 1,
  "token": "TlTzso87sycucOXpmsA3tTVlsNwtGj",
  "refresh_token": null,
  "application": null,
  "expires": "3023-06-09T16:03:55.994224Z",
  "scope": "write"
}

As described in the official doc, I tried to use this token to access any object, but this fails:

curl -k -X GET -H “Content-Type: application/json” -H “Authorization: Bearer TlTzso87sycucOXpmsA3tTVlsNwtGj” https://awx_host/api/v2/credentials/
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx</center>
</body>
</html>
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx</center>
</body>
</html>
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx</center>
</body>
</html>
{"detail":"Authentication credentials were not provided. To establish a login session, visit /api/login/."}++ set +x

What is going on?
What is the correct way to use this token?

I used your exact curl commands and it worked locally for me, so you are using them correctly.

I’ll mention that the doc curl command under Basic Auth has an example with “Authorization: Basic …”, that is incorrect

tokens should use Authorization: Bearer

Seth

Then you must be using a different AWX version.