python requests not able to get the bearer token

Question

I'm not able to get the request header from this API: How to get the bearer token dynamically, seems that requests lib is returning only the response header , but I need the request header with the bearer.

url_site = 'https://www.rappi.com.br/lojas/900520986-makro-atacadista-nc/mercearia'

url_api = 'https://services.rappi.com.br/api/ms/web-proxy/dynamic-list/cpgs/'
    
    with requests.session() as r:
        print(r.get(url_api).headers)

Expected output: Get the bearer token and pass it for the headers

Answer 1

Normally the bearer token would be set in response you logging into the site, then returned by the server to the client, then sent by the client to the server on subsequent requests.

Are you performing a login?

Answer 2

With Curl format I copy this request from browser that you can implement in request obviously but is not the question. This API return a json that contains your bearer, so just send in a header into requests normaly.

curl 'https://services.rappi.com.br/api/rocket/v2/guest' \
-X 'POST' \
-H 'authority: services.rappi.com.br' \
-H 'accept: */*' \
-H 'accept-language: en-US,en;q=0.9' \
-H 'content-length: 0' \
-H 'content-type: application/json' \
-H 'deviceid: aa86021c-a01c-4238-8703-debf4ab2985f' \
-H 'origin: https://www.rappi.com.br' \
-H 'referer: https://www.rappi.com.br/' \
-H 'sec-ch-ua: "Google Chrome";v="105", "Not)A;Brand";v="8", "Chromium";v="105"' \
-H 'sec-ch-ua-mobile: ?0' \
-H 'sec-ch-ua-platform: "Linux"' \
-H 'sec-fetch-dest: empty' \
-H 'sec-fetch-mode: cors' \
-H 'sec-fetch-site: same-site' \
-H 'user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36' \
-H 'x-guest-api-key: kPFcVarmnF/dKTjdVf/FI263I3otKDy9ySvqRXteTx4jzvTARe2xc1OfP4CovswsR4kW8Hgz5mwHSg8BvfsQUL7pISNJz92+gpMm16znHFnl3aJGnKe1jGum4q6lRltwpBXfYSMrpc2YMCqopCIsMWYBJTdpub75sj0YL7NIOuQjURTWbmWwfwSNpEaRVkrKujNEYfM3sXWSsQpGooqCvtWW1Sbgzm4tB3jiljglchAunBdtLy8WstIufJgPzUSmNU/AlNfVCH94Zh5AX0rfftganulDlRH3Ch5/QyXQwYVMDWMXjBpdbIfMTxjXZxgmqo4MUVwsc32SMACQyOEDqg==' \
--compressed

Response:

{"access_token":"ft.gAAAAABjK3YB2MlWichQW2SuqOrudIcwNW-4-Ykb_0AwzDLR7tgrUzAPS7UW_Hf8FmC1BDITjW4pT6mWmwYaR7WBFtqlljjGSK770EqRiySfNBgEvCfD-EHFpBpGo3_7_wB76wwW-ohgUjN1zPBxSE7UowKHzWzf5aLIyAENYuX8vqNVGavJnIV33QKHFzIYT_XpJFWgu6LK1ZMGPna0PLyemmBx-bYQTSvEv3TUF_SQlV1SgGVmNIfKkS8d44Hc0IijtBQbjKHEadsfOE0x5gOeKtPQA8HURDDuVwQXMpH8cEPGDWoMi8mhGdBJ_pHkk7UtBfml141kH3QXsEY4FoJIc6T8is6AraNjRwAw_EeYs3ElxGG9bEA=","token_type":"Bearer","expires_in":604800,"refresh_token":"ft.gAAAAABjK3YBpmtK_ox1r8DwkT8uO6HQVujT1XdPbDvJSXPOCb8ATfKM8Vr17Xe5so8yojA_uSpSIO1rUryKOccrJIu91M0piQ977haGi4dv__nmDUxYUf3_74waTkiJExVMjs72eRVsldEYmznZYjMRrmW-LkBee-S5s0zxtnrhkPme70LSiNYQ_HgqtEduCSLILwegmwn60WfWht3NUS4eJ_n7dTw2lDo_cAl6H_UtLTdEYu7AMf1sWA7TDAusiuON6FWENlPozl9Q3FTmOw27D6B8gGIhj5sV7unaqMGpxdIQXvrLi5LxYdL6L9kteK4p93u_roUw4Q1OscMgp6r1zGkVg0sfyI7EjIoQTC9_5RT1wiZ46Aw=","first_login":false}