Successful Login to API; Unsuccessful at accessing any data due to being unauthorized

Question

I am attempting to come up with a live leaderboard for my local club using the PDGA's (Professional Disc Golf Association) API. I am writing a Google Apps Script intending to auto populate a Google Sheet with a Club Ranking that can be refreshed as needed.

Right now, all I am trying to do is make pull of data to ensure I am able to begin using the API, but I can't seem to do even that.

For reference, here are the only two resources I have to work with regarding this specific API:

PDGA REST API Authentication

PDGA REST API Services

I have got the original login to work using this code:

function apiLogin() {
  var LoginUrl = 'https://api.pdga.com/services/json/user/login';
  var LoginDetails = {
    'username' : Username,
    'password' : Password
  };
  var LoginRequest = {
    'method' : 'post',
    'Content-Type' : 'application/json',
    'payload' : LoginDetails
  };

  var LoginResponse = UrlFetchApp.fetch(LoginUrl, LoginRequest);
  var json = LoginResponse.getContentText();
  var LoginData = JSON.parse(json);

  Logger.log(LoginData);
  var SessionID = LoginData['sessid'];
  var SessionName = LoginData['session_name'];
  var Tok = LoginData['token'];

  var playerFetchPar = {
    'method' : 'get',
    'Cookie' : SessionID + '=' + SessionName
  };
  var PlayerResponse = UrlFetchApp.fetch('https://api.pdga.com/services/json/players?pdga_number=1',playerFetchPar); //ERROR
  Logger.log(PlayerResponse);
};

It's the last part when I am trying to call on data from a player that I get the following error message:

Exception: Request failed for https://api.pdga.com returned code 403. Truncated server response: ["Access denied for user anonymous"] (use muteHttpExceptions option to examine full response)

I am guessing that my screw up is in my interpretion of the parameter Cookie from that second link. In the initial response to make sure I was logging in properly, I received a session_name and sessid but I can't seem to figure out what is expected from Cookie. I am sorry if the answer is obvious, but any help would be greatly appreciated!

Answer 1

The documentation says

Cookie: session_name=sessid

You've used

Cookie: sessid=session_name

Reverse it:

'Cookie' : `${SessionName}=${SessionID}`

And you need to send it as a header:

const playerFetchPar = {
    method : 'get',
    headers: {'Cookie' : `${SessionName}=${SessionID}`}
};