I am trying to integrate office 365 apis with my application. I am able to generate the access token using the OAuth2 process. But calling the api with that generated access token is giving us a 401 error.
This is the response of token I am getting
{
"token_type": "Bearer",
"scope": "ActivityReports.Read ThreatIntelligence.Read",
"expires_in": "3599",
"ext_expires_in": "0",
"expires_on": "1480350031",
"not_before": "1480346131",
"resource": "https://manage.office.com",
"access_token": "===access token===",
"refresh_token": "===refresh token===",
"id_token": ""
}
And I am trying to call the endpoint "https://outlook.office.com/api/v2.0/me" with the header as Authorization: Bearer , but giving me the 401 error.
Any thoughts ?
Thanks,
I believe the issue here is that you have acquired an access token for an endpoint that is different than the API you are trying to query.
If you notice, the "resource" in your token is "manage.office.com" when you will need a token with the resource "outlook.office.com" in order to query the outlook API.
Can you check in your code that you are specifying the correct resource for your needs, and additionally, make sure your client application is configured correctly for the permissions required to access that API.
I hope this helps!
Related
Actually when I login into the Microsoft online login with this API.
https://login.microsoftonline.com/{taentId}/oauth2/v2.0/token API to get access token and I got the response of token but when I try to use that token into this API to create the event https://graph.microsoft.com/v1.0/me/events. I got this error **Resource could not be discovered.
**
Also Sharing a response of the login api
{
"token_type": "Bearer",
"scope": "email openid profile Calendars.Read Calendars.Read.Shared Calendars.ReadBasic Calendars.ReadWrite Calendars.ReadWrite.Shared User.Read User.Read.All",
"expires_in": 5***,
"ext_expires_in": 5***,
"access_token": "eyJ0*************",
"id_token": "eyJ0********"
}
How Can I Solve This Error ?
i am trying to insert a new row to my google spreadsheet using JS from broser console
using post man made a post request to this url
https://sheets.googleapis.com/v4/spreadsheets/1KjrAqsNzzNIyEDb4hjx846j2AVffSeLUqi0BMR_pKPM/values/Sheet1:append?key=AIzaSyAc5XWsjlFeR3omZiYnrzaEAbZAYIWUXqI
injecting this json:
{
"asin": "aaaa",
"price": "15.99",
"title": "ratings",
"bsr" : "555523",
"image_url":"hhhhhhh"
}
and i got this error:
{
"error": {
"code": 401,
"message": "API keys are not supported by this API. Expected OAuth2 access token or other authentication credentials that assert a principal. See https://cloud.google.com/docs/authentication",
"status": "UNAUTHENTICATED",
"details": [
{
"#type": "type.googleapis.com/google.rpc.ErrorInfo",
"reason": "CREDENTIALS_MISSING",
"domain": "googleapis.com",
"metadata": {
"service": "sheets.googleapis.com",
"method": "google.apps.sheets.v4.SpreadsheetsService.AppendValues"
}
}
]
}
}
my spreadsheet has 4 columns:
asin title bsr price image_url
You would need to authorize your postman application first using Google OAuth2 as referenced here in this article.
You would need to create a Google Cloud Project on console.cloud.google.com, and under API's and Services > Enabled API's and Services, look for Google Sheets API.
Once you have enabled the API, click on Manage and proceed to the Credentials Tab to create your credentials.
Make sure that under Authorized Redirect URIs, put in "https://oauth.pstmn.io/v1/browser-callback"
Also, application type should be set to Web Application
Download the JSON file, and also make sure to save your Client ID and Client Secret.
From the downloaded JSON file, you would need to save the "auth_uri" and "token_uri" (you'll be needing this for authorization on your postman console for auth url and access token url)
Set the client ID and client secret and use the scope "https://www.googleapis.com/auth/drive.file"
From there, once you have generated your access token, make your post request following the sample here in this article: https://developers.google.com/sheets/api/reference/rest/v4/spreadsheets.values/append. YOUR_API_KEY should be the access token that was generated earlier on your Postman console.
If ever you experience other issues with authorizing your account for OAuth2, proceed with going to the OAuth Consent Screen on your Google Cloud Console, create an app, and define the said scope above under the Non-sensitive scopes, and add your Google Account under Test Users.
I was trying to publish something to Facebook page.
From this article, it seemed really easy to publish using Facebook API
So, I create a Facebook page and made sure that I have all the required permission for the given auth token, opened by Postman and created a POST request to following URL (along with attaching my access token bearer)
https://graph.facebook.com/2984640844138/feed?message=HeyWhatever
This is giving me following error
{
"error": {
"message": "(#200) If posting to a group, requires app being installed in the group, and \\\n either publish_to_groups permission with user token, or both manage_pages \\\n and publish_pages permission with page token; If posting to a page, \\\n requires both manage_pages and publish_pages as an admin with \\\n sufficient administrative permission",
"type": "OAuthException",
"code": 200,
"fbtrace_id": "D1z1soQbTE2"
}
}
I am not sure about what I am doing wrong, perhaps my request is incorrect or I am not using postman correctly.
This is what I am doing in Postman (screenshot below), can someone point me out what I am doing wrong? Also, suggestions are also welcome
I would recommend you use the Facebook Graph API Explorer, which provides you with the tools to generate the access token with appropriate permission and also craft your HTTP requests with ease. Visit the same, generate a token, then head to the Access Token Debugger to double check the scopes of the token.
I've followed the guide Google login / Expo and got both access token and refresh token.
But after access token expiring I can't get the new token.
When I try to get new one I get this error:
"error": "unauthorized_client", "error_description": "Unauthorized"
Here is the sample of the sent request for getting the new access token (Google docs):
POST /oauth2/v4/token HTTP/1.1
Host: www.googleapis.com
Content-Type: application/x-www-form-urlencoded
client_id=<your_client_id>&
client_secret=<your_client_secret>&
refresh_token=<refresh_token>&
grant_type=refresh_token
P.S. I did not forget to replace client_id and other relevant data.
The same client ID that got the refresh token must be used to get another access token!
You are probably using this code on Android, for mobile devices Google doesn't give you a secret since it is not needed. You can remove the secret from the request and change the client ID to match your mobile client ID.
I have an Angular.js application and I am trying to implement authentication to my PHP backend using a JWT.
I have the app setup to set the token on login and send the token with every request if it exits. I was following the information here, though it is for Node.js not PHP: https://auth0.com/blog/2014/01/07/angularjs-authentication-with-cookies-vs-token/.
The information there was extremely helpful, but I do not understand why the token should be in the Authorization header with the text 'Bearer ' before the token. Could I just put the token there without 'Bearer '? Is there a recommended method for where the token should go in the request?
My other issue is where to store the token on the front end. The website recommended using $window.sessionStorage which doesn't seem to work well for my case because it seems to prevent someone from using multiple tabs which isn't very intuitive.
My question really comes down to:
Where do I put the token in the request header?
How should I store the token on the front end?
The use of the Bearer keyword is recommended in the RFC6750 - section Authorization Request Header Field:
Clients SHOULD make authenticated requests with a bearer token using
the "Authorization" request header field with the "Bearer" HTTP
authorization scheme. Resource servers MUST support this method
The libraries I've been working with always require it before the token itself. So the request header should be as follows:
Authorization: Bearer your_token
Regarding the storage I have seen it in $window.sessionStorage too