Here is my Request Post URL:
https://open-api.tiktok.com/oauth/access_token/?client_key=fgjvjhg&client_secret=ghhjgjhgjkhjk&code=Web&grant_type=authorization_code
Here is the response which I got:
{
"data": {
"captcha": "",
"desc_url": "",
"description": "Authorization code expired",
"error_code": 10007
},
"message": "error"
}
Here is the documentation page which I am following:
https://developers.tiktok.com/doc/login-kit-manage-user-access-tokens
Please help me with that, thanks in advance.
Check your code to make sure you're not making duplicate requests. A second request will invalidate the first one and you'll get Authorization code expired.
You are missing 2 values there:
Code (Authorization code from Web/iOS/Android authorization callback)
grant_type (should always be set as authorization_code)
Example request:
https://open-api.tiktok.com/oauth/access_token/?client_key={{key}}&client_secret={{secret}}&code={{client_unqiue_id}}&grant_type=authorization_code
Related
Following this guide: https://developer.twitter.com/en/docs/authentication/oauth-2-0/user-access-token. I am getting this error when making the POST oauth2/token at the step 3 request:
`
{
"errors": [
{
"code": 99,
"message": "Unable to verify your credentials",
"label": "authenticity_token_error"
}
]
}
`
This is my request: (Note that I hide the client_id and code). The code is the one I receive after the step 2, doing the GET oauth2/authorize callback. Header: Content-Type - application/x-www-form-urlencoded;charset=UTF-8
My Request
I found the issue, the problem was that in the Bot Application, editing the Auth settings of my twitter app, I had the option: Confidential client which needed a Basic Auth = authorization: Basic ${'username + password encoded here'}
I am creating a Power Automate flow to get MS Booking information. Having trouble with getting an Authorization using https://login.microsoftonline.com/***TENANT ID****/oauth2/token. I receive an error that I am missing grant_type although I supply it. I registered the app in azure, the HTTP request in power automate looks like this:
{
"uri": "https://login.microsoftonline.com//oauth2/token",
"method": "POST",
"headers": {
"content-type ": "application/x-www-form-urlencoded"
},
"body": "client_id=&resource=https://graph.microsoft.com&grant_type=password&client_secret=&username=username&password=password"
I receive the error:
{"error":"invalid_request","error_description":"AADSTS900144: The request body must contain the following parameter: 'grant_type'.
Anyone have an idea what I am doing wrong or missing? Thank you in advance.
Just a quick follow-up. Thanks Expiscornpvus, you pointed me in the right direction, although there were spaces after the content type header, I corrected this and things worked well
I am trying to obtain an authorization token to consume a published API in Azure API Management, for which I am performing the following steps:
Call the authorization URL as follows:
https://login.microsoftonline.com/common/oauth2/authorize?
client_id=<CLIENT_ID>
&response_type=code
&response_mode=query
&redirect_uri=<REDIRECT_URI>
&scope=SCOPE
Immediately after, I call the following URL with the obtained authorization code and other parameters in the body and to send them as form-data:
POST https://login.microsoftonline.com/common/oauth2/token
client_id=<CLIENT_ID>
scope=SCOPE
grant_type=authorization_code
client_secret=<CLIENT_SECRET>
code=<AUTHORIZATION_CODE_PREVIOUS_STEP>
As a result, I get the following error and cannot continue:
{
"error": "invalid_grant",
"error_description": "AADSTS54005: OAuth2 Authorization code was already redeemed, please retry with a new valid code or use an existing refresh token.\r\nTrace ID: f0264d85-2f41-4009-9e8e-1a211209e100\r\nCorrelation ID: c6b15ffb-82e8-49aa-941f-6c85be4d9601\r\nTimestamp: 2022-01-18 15:06:55Z",
"error_codes": [
54005
],
"timestamp": "2022-01-18 15:06:55Z",
"trace_id": "f0264d85-2f41-4009-9e8e-1a211209e100",
"correlation_id": "c6b15ffb-82e8-49aa-941f-6c85be4d9601"
}
I understand that the authorization code is for one use only but, in my case, on the first attempt I get this error.
Any help is appreciated
I'm trying to connect to google home using OAuth2.0 mechanism. However, hitting with an issue where I'm not able to retrieve success message.
The failing request is - https://oauthintegrations.googleapis.com/v1/token:getForService
with the response payload as redirectState. I know about redirect but what is redirectState? I tried to search a bit over this one, but failed.
Any help would be appreciated.
Note:I have followed all the necessary steps mentioned in doc, I can receive authorisation code, but not able to make token request to desired endpoint.
The docs are https://developers.google.com/actions/identity/oauth2-code-flow and https://developers.google.com/actions/identity/account-linking.
In configuration settings we have Linking type as Oauth -> Authorization Code.
In dialog flow in Integration -> Integration Settings we have checked in for 'Sign in required' for Default Welcome Intent and have the firebase function as
app.intent('Default Welcome Intent', (conv) => {
conv.ask(new SignIn());
});
according to https://developers.google.com/actions/identity/account-linking document and I am currently using API version V2.
After the auth code is received as mentioned it does not call token url, we receive this screen :
Bad response from IdP in Auth Code Exchange & what is redirect_state
The https://gala-demo.appspot.com/app#redirect_state=XXX&state=yyy&service=abc when inspected fails at https://oauthintegrations.googleapis.com/v1/token:getForService as mentioned by #rajesh with status code 400, but when this request is made through postman it return the response. Here is the body and response for the request.
Body :
{
"credential" : {
"redirectState": "XXX"
},
"scopes": [],
"gdiState": "APP_AUTH",
"serviceId": "tapclicks-integration-adac2_dev"
}
RESPONSE :
{
"serviceInfo": {
"authUrl": "https://-domain-/authorization",
"name": "tapclicks dashboard",
"logoUrl": "https://placeholder.com/",
"clientId": "zdqexVMaVvxIMQ7Frjwa",
"tokenUrl": "https://-domian-/token_url",
"privacyPolicyUrl": "https://placeholder.com/",
"tosUrl": "https://placeholder.com/",
"id": "tapclicks-integration-adac2_dev"
},
"completionInfo": {
"appauthInfo": {
"appauthRedirectUrl": "https://-domain-/authorization?response_type=code&client_id=zdqexVMaVvxIMQ7Frjwa&redirect_uri=https://oauth-redirect.googleusercontent.com/r/tapclicks-integration-adac2&scope=gmail&state=yyy",
"appauthRedirectState": "abcxxx"
},
"oauthAuthorizationUrl": "https://-domain-/authorization?response_type=code&client_id=zdqexVMaVvxIMQ7Frjwa&redirect_uri=https://oauth-redirect.googleusercontent.com/r/tapclicks-integration-adac2&scope=gmail&state=yyy"
},
"gdiState": "APP_AUTH",
"header": {}
}
Can you please tell if i might be making any configuration mistake or any other info you need.
Authorization Url : https://kprb95tye7.execute-api.us-east-1.amazonaws.com/authorization/
Token Url : https://9343j46f16.execute-api.us-east-1.amazonaws.com/token_url/
Thanks
I'm trying to POST to a Auth0 delegation URL to obtain an access token and getting a "Grant Type not allowed" error as seen below. (This is when not using Postman.)
I came across a post in the forums that Delegation is deprecate in Auth0. Can anyone confirm if that is the issue here and if I'm trying something that's not available anymore?
Request:
Content-Type: 'application/json'
{
"client_id": "ID",
"grant_type": "urn:ietf:params:oauth:grant-type:jwt-bearer",
"id_token": "TOKEN",
"target": "lwTL1rYVfC0KsBUFPeKWY3HvGjbIgdDM",
"api_type": "salesforce_api",
"scope": "openid"
}
Error:
{
"error": "unauthorized_client",
"error_description": "Grant type 'http://auth0.com/oauth/legacy/grant-type/delegation/id_token' not allowed for the client.",
"statusCode": 403,
"error_uri": "https://auth0.com/docs/clients/client-grant-types"
}
Related Question:
"Missing grant-type parameter" in Auth0 Delegation endpoint call
In that question, using Postman to call the endpoint with the same request results in a different error!