C# Json post request with redirect

Question

I am trying to make a login POST request with json to this website Link ,and follow the redirect.My current program works fine if the login details are wrong.If the details are wrong I get the '(401) Unauthorized.' message,which means the Post request was succesful. However,my problem is that,if the login details are correct,I get the '(400) Bad Request'. I have no idea why this happens and I am currently stuck at this point. Here is my code,and I hope someone can help me out:

static string url = "https://auth.riotgames.com/authz/auth";
        static string uriString = "";
        static void Main(string[] args)
        {
            var request_check = (HttpWebRequest)HttpWebRequest.Create("https://auth.riotgames.com/authz/auth");
            request_check.Host = "auth.riotgames.com";
            request_check.UserAgent = "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:47.0) Gecko/20100101 Firefox/47.0";
            request_check.Accept = "application/json, text/javascript, */*; q=0.01";
            request_check.Headers.Add("Accept-Language", "en-US,en;q=0.5");
            request_check.Headers.Add("Accept-Encoding", "gzip, deflate, br");
            request_check.ContentType = "application/json";
            request_check.Headers.Add("X-Requested-With", "XMLHttpRequest");
            request_check.Referer = "https://auth.riotgames.com/authorize?response_type=code&scope=openid%20email&client_id=merch-store-client&ui_locales=de-DE&login_hint=euw&redirect_uri=https://euw.merch.riotgames.com/de/riot_sso/auth/redirect/";
            var cookieContainer = new CookieContainer();
            request_check.CookieContainer = cookieContainer;
            request_check.Method = "POST";
            request_check.KeepAlive = true;
            request_check.AllowAutoRedirect = false;
            // Account details Senturia:a12365478
            using (var streamWriter = new StreamWriter(request_check.GetRequestStream()))
            {
                string json = "{\"username\":\"Senturia\",\"password\":\"a12365478\",\"remember\":false,\"region\":\"EUW1\",\"language\":\"de_DE\",\"lang\":\"de_DE\"}";
                streamWriter.Write(json);
            }
            try
            {
                // Get the response ...
                using (var webResponse = (HttpWebResponse)request_check.GetResponse())
                {
                    // Now look to see if it's a redirect
                    if ((int)webResponse.StatusCode >= 300 && (int)webResponse.StatusCode <= 399)
                    {
                        uriString = webResponse.Headers["Location"];
                        Console.WriteLine("Redirect to " + uriString ?? "NULL");
                    }
                }
            }
            catch(Exception e)
            {
                Console.WriteLine(e.Message);
            }



            Console.ReadKey();
        }

Answer 1

When an HTTP request fails you can catch a WebException , and read the response from the server as it might contain useful information about the reason why the request failed:

catch (WebException e)
{
    using (var stream = e.Response.GetResponseStream())
    using (var reader = new StreamReader(stream))
    {
        Console.WriteLine(reader.ReadToEnd());
    }
}

In your case this prints:

{"error":"invalid_session_id","error_description":"Missing session id."}

So I guess that the server requires some session id parameter to be sent along with the request. Consult the documentation of the endpoint you are trying to invoke for more details on how to do that.