Token import/upload endpoint API 'POST /token/load/(filename)' call returns 400 Bad Request

Hi Folks,

I can import tokens from the webgui successfully. When I have tried multiple ways (curl/php) I can only get as far as a ‘400 Bad Request’ response :slightly_frowning_face:.

I expect the issue is how/where the import file comes from. Currently this is my test code after getting a working token:

$url = 'https://<oursiteurl>/privacyidea/token/load/filename';
$post_fields = array(
        'filename' => 'filename',
        'type' => 'OATH CSV', // tried oathcsv but saw this in the log from a local import that worked
        'tokenrealms' => '',
        'infile' => new CURLFile(realpath($infile),'application/octet-stream','filename'),

$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    "Authorization: $token",
    "Content-Type: multipart/form-data"
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields);
$output = curl_exec($ch);

Would anyone mind pointing to a working example, or, pointer to where I am falling off the API boat?
We are using version 3.8.1.