I managed to set up a developer account to get API responses working on the API explorer. However, I'm trying to connect to Postman and have been getting the following error messages.
I have gotten my user access token as follows:
The Callback URL: I have used the RuName (eBay Redirect URL name)
Auth URL: I have used https://auth.sandbox.ebay.com/oauth2/authorize (https://developer.ebay.com/api-docs/static/oauth-consent-request.html#configure)
Access Token URL: I have used the https://api.sandbox.ebay.com/identity/v1/oauth2/token (https://developer.ebay.com/api-docs/static/oauth-authorization-code-grant.html)
ClientID and Client Password I've used the credentials from my developer account
This returns the following token:
As you can see a USER ACCESS TOKEN.
When I go to use the request in an API put request I always get the following error:
The token seems to be right.
I try the same call in the built in API explorer and it works.
Please could someone advise its driving me crazy, probably something I've done wrong but any ideas?
During Authentication the following happens it prompts me to login and then shares the oath code (it doesn't tell me to accept the application as stated in document not sure why though)
Related
I was trying to publish something to Facebook page.
From this article, it seemed really easy to publish using Facebook API
So, I create a Facebook page and made sure that I have all the required permission for the given auth token, opened by Postman and created a POST request to following URL (along with attaching my access token bearer)
https://graph.facebook.com/2984640844138/feed?message=HeyWhatever
This is giving me following error
{
"error": {
"message": "(#200) If posting to a group, requires app being installed in the group, and \\\n either publish_to_groups permission with user token, or both manage_pages \\\n and publish_pages permission with page token; If posting to a page, \\\n requires both manage_pages and publish_pages as an admin with \\\n sufficient administrative permission",
"type": "OAuthException",
"code": 200,
"fbtrace_id": "D1z1soQbTE2"
}
}
I am not sure about what I am doing wrong, perhaps my request is incorrect or I am not using postman correctly.
This is what I am doing in Postman (screenshot below), can someone point me out what I am doing wrong? Also, suggestions are also welcome
I would recommend you use the Facebook Graph API Explorer, which provides you with the tools to generate the access token with appropriate permission and also craft your HTTP requests with ease. Visit the same, generate a token, then head to the Access Token Debugger to double check the scopes of the token.
I am trying to get offline access to the outlook calendar from a webview.
(using the authorization_code oauth flow)
currently im doing the following
the javascript website calls the
https://login.microsoftonline.com/common/oauth2/v2.0/authorize
endpoint. Then I set the redirect URI to my spring endpoint.
The spring service is getting a valid code/state, so I assume I did everything correct until now.
Then I am calling the /token endpoint with the following parameters
{
grant_type: authorization_code,
client_id: <client_id>,
client_secret: client_secret,
redirect_uri: <THE SAME AS USED BY AUTHENTICATE>,
scope: https://graph.microsoft.com/mail.read
}
I am getting the following error back:
{
"error" : "invalid_client",
"error_description" : "The OAuth client was not found."
}
I made sure twice that the client secret/id is set correct. I used the microsoft registration portal to create my application, and Web as platform. Live SDK support is also enabled.
https://apps.dev.microsoft.com
Does anyone have suggestions why this doesnt work?
You need to pass back the authorization code you received from the first call in the body of your second call. The following are the parameters you need to pass back:
grant_type - Should be authorization_code
code - The auth code you received
client_id - This is your Application/Client ID
client_secret - This is the Password/Client Secret
scope - This should match the same set of scopes you initial requested
redirect_uri - This is the redirect URI defined in your application registration
Also keep in mind that the POST should encoded as application/x-www-form-urlencoded rather than application/json.
I wrote an primer on the v2 Endpoint that you might find useful here as well.
Currently i am working on an App which will create groups in Office 365 programatically. I am wondering if this is possible using JavaScript. I also had another question regarding the Authentication and Authorization process. I am able to register the App and fetch the Authorization code. However when i try to fetch the Access token, it throws an error stating that it encountered a bad request. My Authorization URL is of the form:
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?
client_id=<some_client_id>
&scope=openid+profile
&response_type=id_token
&redirect_uri=<some_redirect_url>
&nonce=123456789
And my access token request url is:
https://login.microsoftonline.com/common/oauth2/v2.0/token?
grant_type=authorization_code
&code=<Code_generated_in_above_request>
&redirect_uri=<some_redirect_url>
&resource=https%3A%2F%2Fgraph.microsoft.com%2F
&scope=openid+profile
&client_id=<some_client_id>
&client_secret=<Some_client_secret>
If anyone could help me regarding my doubts, then it would be greatly appreciated. Thanks.
Microsoft Graph from JavaScript
Using Microsoft Graph from JavaScript works. HTTP requests to the REST endpoints with a valid access token will work great. You might also want to check out KurveJS (github:MicrosoftDX/kurvejs) for a simple library (handles authentication and some graph operations).
Authentication
If you are attempting client-side implicit flow, you can pass 'response_type=id_token+token' and avoid the second call. This will return you an access token in the resulting payload.
If you are attempting server-side authentication, you should pass 'response_type=code' and then make the second call for the access token with the resulting code.
References:
v2.0 Protocols - SPAs using the implicit flow
v2.0 Protocols - OAuth 2.0 Authorization Code Flow
I Had the following code
$client->setClientId('39605174446-s067746s1jur731n49fujigfh8occ5pa.apps.googleusercontent.com');
$client->setClientSecret('MYCLIENTSECRET');
$client->setRedirectUri('http://examplesss.com/oauth2');
$client->setScopes('https://picasaweb.google.com/data');
$client->setAccessType("offline");
I did authenticate
At my Google Console API, I set it for "Web Application", Authorization Javascript origins I leave it blank.
Authorization Redirect URI I set it as
http://example.com/oauth2
I went to the following site to get my authorisation code
https://accounts.google.com/o/oauth2/auth?access_type=offline&approval_prompt=&client_id=39605174446-s067746s1jur731n49fujigfh8occ5pa.apps.googleusercontent.com&redirect_uri=http://example.com/oauth2&response_type=code&scope=https://picasaweb.google.com/data&state=state
When I went into the site, I press ok to grant "offline access" . After that I am redirect to an none existent site which I use that is example.com and then the URI was something like
http://example.com/oauth2?state=stat&code=4/qWt9q19VtilG6Iw6HFte4RnpiXR0a5q80_zQAU-hNqc#
$client->authenticate('4/qWt9q19VtilG6Iw6HFte4RnpiXR0a5q80_zQAU-hNqc#');
Then I get my refresh token code
$client->refreshToken('1\/vYnZlRcvaY2nD0yh5LhU9paLZZggMArGOo-3rEJHGCM');
But when I run the code it say...
PHP Fatal error: Uncaught exception 'Google_Auth_Exception' with message 'Error refreshing the OAuth2 token, message: '{
"error" : "invalid_grant"
Wonder what went wrong, I just want to access my picasa web album.
Thanks
It can be 2 things. One, is the incorrect use of the versions of the Google API client or the one I think that is the problem, it's on the refresh token and how you're passing the token. It's a problem with the / character in the string, json enconding and how it's passed. Put the refresh token in double quotes and send the variable. If all the data is correct and authorized via Google, it should work.
I am trying to do Facebook authentication in same window of my web application's login page.
I am using following code when user clicked login button to go to authentication page.
function loginUsingOAUTH()
{
top.location = 'https://graph.facebook.com/oauth/authorize?client_id=839846246064537&scope=email&redirect_uri=http://www.olcayertas.com/testqa/result.html';
}
1) After authentication Facebook redirects me to my redirect url and returns a parameter "code".
At this point I want to access Facebook user information but I don't know how to do that.
What is this "code" parameter for?
2) Is there any other way to access user information?
3) Do you have any other advice facebook authentication with same window login?
Thank you in advance for your help
When you get the code you should make a server side request to get an access token and than pass the access token to user. It is explained in Facebook Developer page:
Exchanging code for an access token
To get an access token, make an HTTP GET request to the following
OAuth endpoint:
GET https://graph.facebook.com/v2.3/oauth/access_token?
client_id={app-id}
&redirect_uri={redirect-uri}
&client_secret={app-secret}
&code={code-parameter}
This endpoint has some required parameters:
client_id. Your app's IDs
redirect_uri. This argument is required and must be the same as the original request_uri that you used when starting the OAuth login
process.
client_secret. Your unique app secret, shown on the App Dashboard. This app secret should never be included in client-side code or in
binaries that could be decompiled. It is extremely important that it
remains completely secret as it is the core of the security of your
app and all the people using it.
code. The parameter received from the Login Dialog redirect above.
Response
The response you will receive from this endpoint will be returned in
JSON format and, if successful, is
{“access_token”: <access-token>, “token_type”:<type>, “expires_in”:<seconds-til-expiration>}
If it is not successful, you will receive an explanatory error
message.