The APi always returns 401 Unauthorized for every namespace / endpoint.
Repro:
Use the Battle.net developer portal to explore the profile and game data APIs for Era, Cata, and Retail. Even after removing the application connection from the Battle.net account settings to force a new OAuth flow, every namespace / endpoint returns 401 Unauthorized.
Bring back Mike Morhaime! He’ll get this company back into shape.
Believe it or not, Blizzard, people actually use these endpoints. Please fix them and stop breaking them. Maybe you guys should consider rehiring a QA team. Use those profits to re-invest into your own company.
Please fix this. How did something this obvious slip through QA?
Please fix and preferably stop breaking your APIs!
Fix it you idiots.
Please fix.
I’m getting the same issue here. I get a 401 response from calling any API, even after successfully renewing my OAuth token without any errors. This has been happening for about a week.
I’ve tried multiple things to get past this, with no success. I’ve even tried registering a new OAuth client (with a new ClientID/Secret).
I think that the API system must still be working for some consumers, because there are online services (such as the Undermine Exchange auction house service, which I assume must use the same system) that appear to be up to date.
I don’t think I would have done anything that would be construed as abusing the system in any way that I’m aware of. I rarely make more than one or two API calls per day, so I’m not going anywhere near any of the request limits (36,000 requests per hour / 100 requests per second)
Some feedback would be helpful. Even if it is a response saying that Blizzard is aware of the issue (or not). That way I could at least understand if it’s a me problem, or a you problem 
Hey guys, these are my brother’s word, he helps me with API calls for our guild’s website. he asked me to pas this to you guys:
I’m curious how everyone else is calling the api. I was in the process of converting our api calls from passing in our token as a query parameter to using an authorization header and passing it in as a bearer token. We noticed our page started failing with these 401 errors, but the newly converted api calls were still retrieving data successfully. I was able to confirm my suspicions in Postman too. When I call the api passing the token as a query parameter I get a 401 unauthorized response, but when I pass it as a bearer token then the response is successful. My guess is Blizzard has stopped support for the query parameter way, which is honestly probably a good call. Hopefully this information helps some of you though at least.
You’ve absolutely nailed it Darknðvà! I was previously sending my token in my URI, eg:
https://us.api.blizzard.com/data/wow/connected-realm/index?namespace=dynamic-us&locale=en_US&access_token={token}
I’ve removed the access_token from the URI, and explicitly added it as an Auth header (eg in my C# code):
_client.DefaultRequestHeaders.Authorization =new AuthenticationHeaderValue("Bearer", token);
This has solved the issue with a 2 minute fix.
Thanks again to you Darknðvà, and please send thanks to your brother!
// create curl resource
$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
‘Content-Type: application/json’,
'Authorization: Bearer ’ . $token
));
// set url
curl_setopt($ch, CURLOPT_URL, "$url");
and yes, remove the get parameter in the url.
This fixed the 401 errors. I am still getting the 403 errors for the Guild API in Classic Era.
I’m Lovepony, and I support this Error Report.