Anyone is having problems retrieving Likendin connections with new apps?
With old apps my hybridauth app is retrieving connections just fine. While with new apps (I created 3 different apps) I keep getting Access to connections denied
When authenticating I got the correct scopes on likedin login screen(r_basic_profile, r_network, w_messages, r_emailaddresses)
Im using free plugin http://wordpress.org/plugins/wp-social-invitations/ which uses hybridauth
This is a recent problem with the linked. They have stopped providing member connection in their recent API change. Now you have to obtain a partner certificate in order to access member connection information. Even my production application has stopped this functionality to work. We might be removing linked from our application as it is of no use now with so much of restrictions.
Linkedin api changed recently, that's the reason scopes are not longer working
The get connections API in linked in has been deprecated follow this link to get the API' that are allowed as part of developers program right now.
Related
I'm currently working on an application for myself in which I need access to my own photos/albums on Google Photos. I have gotten by using the oauth 2.0 token generated in the playground, but I'd like to get a more permanent solution that does not require me manually regenerating the token. Is this possible with Google Cloud? The app is meant to run in daemon, so this makes any option with consent pages unusable. The scopes I'm using are:
https://www.googleapis.com/auth/photoslibrary.sharing
https://www.googleapis.com/auth/photoslibrary.readonly.appcreateddata
https://www.googleapis.com/auth/photoslibrary.readonly
I have tried using the https://accounts.google.com/o/oauth2/token and https://accounts.google.com/o/oauth2/auth endpoints to generate one programatically, but the only minor success I had was /auth sending me to a consent screen. I've also looked at using the refresh token given by Google Oauth playground with no luck there either.
Just looking to see if there is anything that I am missing.. This is my first post on stackoverflow, so please let me know if you need any more information.
I was unable to make it an internal app as it was for personal use and not for an organization.
Solved this by first using the google api package to create my own access/refresh token for my oauth client, then calling the https://oauth2.googleapis.com/token endpoint each time to generate a valid access token. I hope this can be helpful to someone else!
According to the setup documentation, as long as your app is marked as internal, you should not need to verify the app and can use it without the consent screen.
I got the error when trying to get an access key for one of our APIs.
"AADSTS65001: The user or administrator has not consented to use the application with ID '{GUID}'
First, I was trying to prompt=consent during login, thinking that I had new consents that weren't prompted during login. And I got the following error.
"AADSTS65005: The application '{GUID}' asked for permissions to access a resource that has been removed or is no longer available. Contact the app vendor."
I removed prompt=consent and started fiddling with the permissions in Azure, and now I was stuck on the same error.
I changed everything as it was, but I still get the error. However, this only happens to my user. Everyone else can still log in without problems.
So my problem is actually in two parts:
The first error when trying to get an access token for the API.
Somehow I need to prompt the user with consent, but I am using adal.js which uses a silent retrieval of the keys using an invisible iframe. I want the support to be when the user logs into the web app.
Is this possible?
My user can't log in to our web app anymore. Everyone else can. Did anyone encounter this before?
The product is a SPA Web App written in React, and we use adal.js (adal-vanilla) as a library for authentication to Azure AD.
Update
I finally got some stuff working. Not all the way, but at least it's a start.
The problem with this is that users registered on other tenants (this is a multi-tenant app) don't get consent to use the API. These users get the error. However, I registered a user on the same tenant, and everything worked as intended.
Problem two was solved by removing all the permissions, adding them one by one, and testing in between. Somehow this worked after two-three tries.
The problem is that users from other tenants don't get a consent prompt to access the API.
Somehow the issue got fixed, I'm not 100% sure how or why but here are the steps I performed to fix it if someone finds themselves in a similar situation:
Ensure that all permissions are correct (APIs are added as delegated permissions to the client)
All services (web app & apis) are multitenant
Update manifest with:
"availableToOtherTenants": true,
"knownClientApplications": [
"{client app application id}"
],
(availableToOtherTenants was false for the API even though it was marked as multitenant in the settings)
The consent might be possible to fix with prompt=admin_consent.
As for the second problem, you can add your web app as a known client application of the API. This will allow simultaneous consent when the user authenticates to the web app.
To do that, find the API app registration in Azure Portal's Azure AD blade. Then open its manifest (there is a Manifest button on the app blade). In there should be a "knownClientApplications" property. Add the client id of the web app in the array and save the manifest.
E.g.:
"knownClientApplications": [
"bda6ffff-ffff-ffff-ffff-ffff8bf8c57f"
],
I'm building a Chrome extension that adds features to Gmail.
To accomplish this, I need oauth 2.0 access to the Google Contacts and Gmail APIs.
Originally I was using a technique/library outlined here: OAuth 2.0 in Chrome Extensions
That was working fine with the Contacts API, but I couldn't figure out how to get it to work with the very new Gmail API. It seems to send the oauth request as uri parameters, each parameter prefaced with 'oauth'. It also appears to be around 4 years old, last updated about two years by looking at the HEAD.
I then moved on the chrome.identity API, using the chrome.identity.getAuthToken() flow for google accounts. This worked awesome... for the chrome account that's linked to the currently logged in Gmail account. If a user logs into a different gmail account that doesn't match the address of the currently logged in chrome account, all my REST interactions go kaput. Which they should.
So I've moved on to using chrome.identity.launchWebAuthFlow() method, which seems to be the updated version of the first method / library I had tried. The problem here is that an access token seems to be limited to just an hour before requiring a re auth? (Meaning pop up UI, etc) Not ideal for an app used over the course of a workday.
Has anyone here managed to gain long term access tied to more than one email address for an extension?
At this point it seems my best option is just making sure I have helpful UI modals to either
A. make sure the user is logged into chrome under the same address they are logged into gmail under
or
B. Have helpful UI convincing users that reauthorizing every hour is necessary for security. (not terrible, still annoying).
Thanks in advance for any insight!
As you may know, pinterest api seems down now.( api.pinterest.com )In this site: http://tijn.bo.lt/pinterest-api, it says that readonly access still works. What does exactly mean ?
I can build an application using this api but cannot use pinning or creating my own board ?
Sorry if my question is too ridiculous, i am very newbie to create an application with an API..
If the API permits read-only alone, that means you can consume data from the source, but you cannot write to it. You could probably get a list of items from your board, but you wouldn't be able to programmatically push a new item to your board.
It's a one-way road, until they open up another lane.
The information posted on that site is a bit out of date.
The API was until recently allowing read/write access, but about two weeks ago Pinterest stopped issuing new access tokens via their original authentication scheme. The new scheme requires API users to generate an oauth signature to receive an access token (needed to use the API), and consequently the API is only accessible to those who have received a client_id and client_secret for their application from Pinterest.
Caveat: if you happen to have an old access_key issued using the old API, you apparently can still use that to make API calls, though I'm guessing those tokens will expire soon.
I'm wondering which authentication method to use if i need extended permissions (e.g. if i want to use the users photos in my application). The methods are either the single-sign on using JavaScript SDK or by using the OAuth 2.0 protocol. Both methods are explained here: Authentication - Facebook developers. The JS SDK would be easiest but haven't found a solution yet.
The application will utilize the Google Appengine with Django environment.
At the moment the entire Facebook API is undergoing changes.
I would suggest you use the OAuth API - it appears as this is the direction they will adopt.
A word of caution - the "official" documentation in the page you mentioned are not complete at best and some of the options are still buggy (try setting display=wap with scope=... you will get an error).
Check out the Facebook developer forum on the issue I stated above.
I believe you can find answers to other Facebook related issues there.