i have an Oauth app that im trying to get synced to strava, but am getting the below error:
Request failed with code: 400, message: {"message":"Bad Request","errors":[{"resource":"Application","field":"client_id","code":"invalid"}]}
the request looks like this:
https://www.strava.com/oauth/authorize?approval_prompt=force&client_id=60232&response_type=code&redirect_uri=https%3A%2F%2Fyourway.local%2Fuser%2Fsecurity%2Fauth%3Fauthclient%3Dstrava&xoauth_displayname=Your%20Way&state=d7bacc541e1bbc39ec956adbce63e1b15a00a9817367726e663d02e354df883d
i get the Strava Authorize screen but then get that error, the client ID does match and the return URI matches the domain in Strava
I worked it out that it was a subsequent call without the required params.
Related
I'm currently trying to get the authorization token from Okta using a GET request from my app using fetch API. The first step works well and I get the sessionToken. The next step requires me to pass this sessionToken in the url of a get request . Once this is done I should be getting an html object but what I instead get is a 404 message from the server on the console and the id_token embedded in the failed url which also is on the console. I have tried every possible fix and yet it doesn't seem to work.
async function getAccessToken(url = '', sessionID= ''){
const response = await fetch(url + sessionID);
return response
}
ON THE CONSOLE: Failed to load resource: the server responded with a status of 404 () the failed url with the id_token
When I copy this URL and run it in the browser it works. Response contains the callback url alone and I don't seem to have anyway to access the id_toke. Any way to access this id_ token would do for now.
I'm new to keycloak and tyring to get access token from keycloak using GET request method through postman but experiencing http 405 error (Method not allow)
I already have tried this but it's not working and throwing HTTP 405 error method not allowed
MEHTOD: GET
URL: https://keycloak.carbook-dev.gocarbook.com/auth/realms/carbook/protocol/openid-connect/token
{
"realm":"carbook",
"bearer-only":true,
"grant_type":"password",
"client_id": "web_app",
"username":"admin*****",
"password":"a*****"
}
I'm expecting access token upon successfully completion of that request such as
eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJJQk1YWTd0TGpfejg5c1p2Z2JrUHp.....
I can achieve the same using postman GET NEW ACCESS TOKEN form but i want to achieve this through rest call so that later on i could use the same request in cypress to access the token for subsequent calls.
Shouldn't you POST the request instead of GET ?
The message seems to tell that GET method is not allowed for this endpoint...
We want to enable uploading apps to the Intune store via an API.
I saw this example on GitHub, and want to do something similar in JS, so I've tried using the same REST calls.
The problem is, I can't seem to make the https://graph.microsoft.com/beta/deviceAppManagement/mobileApps request properly - I always get 401. When making the same request via the Graph API Explorer it works fine.
I tried fixing my permissions, and I'm kinda stuck getting the correct token.
I did the following steps with an admin account, on both the "common" and our own tennant:
Called the admin consent - https://login.microsoftonline.com/nativeflow.onmicrosoft.com/adminconsent?client_id=<ID>&redirect_uri=<URI>
Got authorization from the user - https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=<ID>&response_type=code&redirect_uri=<URI>&response_mode=query&scope=DeviceManagementApps.ReadWrite.All
POST request to get the actual token -
https://login.microsoftonline.com/nativeflow.onmicrosoft.com/oauth2/v2.0/token
with the following body:
client_id: <ID>
scope: https://graph.microsoft.com/.default
client_secret: <secret>
grant_type: client_credentials
requested_token_use: on_behalf_of
code: <The code I got in step 2>
I tried changing the scope in step 3 to https://graph.microsoft.com/DeviceManagementApps.ReadWrite.All or simply to DeviceManagementApps.ReadWrite.All, but it says that it's not a valid scope.
I got a token in step 3, but when I try calling the actual API I receive this error:
{
ErrorCode:"Forbidden",
Message:{
_version: 3,
Message: "An error has occurred - Operation ID (for customer support): 00000000-0000-0000-0000-000000000000 - Activity ID: 7b5c3841-976d-4509-b946-f7fdabd047d7 - Url: https://fef.msub02.manage.microsoft.com/StatelessAppMetadataFEService/deviceAppManagement/mobileApps?api-version=5018-05-02",
CustomApiErrorPhrase: "",
RetryAfter: null,
ErrorSourceService: "",
HttpHeaders: {"WWW-Authenticate":"Bearer realm=urn:intune:service,f0f3c450-59bf-4f0d-b1b2-0ef84ddfe3c7"}
},
Target:null,
Details:null,
InnerError:null,
InstanceAnnotations:[]
}
So yeah, I'm pretty much stuck. Anyone have any experience with it? I've tried making the calls in Postman, curl and via code, but nothing works.
Cheers :)
You have a couple issues going on:
You're using the Authorization Code Grant workflow but requesting Client Credentials.
The scope Device.ReadWrite.All is an application scope, it is only applicable to Client Credentials. It isn't a valid Delegated scope so it will return an error when you attempt to authenticate a user (aka delegate) using Device.ReadWrite.All.
Your body is using key:value but it should be using standard form encoding (key=value).
To get this working, you need to request a token without a user. This is done by skipping your 2nd step and moving directly to retrieving a token (body line-breaks are only for readability):
POST https://login.microsoftonline.com/nativeflow.onmicrosoft.com/oauth2/v2.0/token
Content-Type: application/x-www-form-urlencoded
client_id={id}
&client_secret={secret}
&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default
&grant_type=client_credentials
I am using the Twitter OAuth to authenticate user and to show the user tweets on my site.
Following are the some Constants that are used for API:
public const string REQUEST_TOKEN = "https://api.twitter.com/oauth/request_token";
public const string AUTHORIZE = "https://api.twitter.com/oauth/authorize";
public const string ACCESS_TOKEN = "https://api.twitter.com/oauth/access_token";
Now when I am making a webrequest using the
new StreamReader(webRequest.GetResponse().GetResponseStream());
Then I am getting error : "The remote server returned an error: (401) Unauthorized."
My webrequest uri is https://api.twitter.com/oauth/access_token?oauth_consumer_key=myConsumerkey&oauth_nonce=3403339&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1366792353&oauth_token=1372849567-3BtbvrvJ3HXl774InICgBz1T2jcLpif9xecxWmc&oauth_version=1.0&oauth_signature=%2bLyQZwQwiNGJNP9uk591Hy4arfk%3d
So what is wron with this url. Please Healp me to get rid of this.
Thanks,
Dalvir
Are you sending the oauth_verifier code that you received when the user authorized your app?
Twitter applications not using the oauth_verifier will fail to complete the OAuth flow. If you're not receiving an oauth_verifier in your callback, verify that you're explicitly setting your oauth_callback on POST oauth/request_token.
I am following oauth authorization flow(http://developer.yahoo.com/oauth/guide/oauth-requesttoken.html) for accessing Yahoo's Contact API . I am able to get consumer key and consumer secret for my application from first step.
However I am getting "File Not Found" in 2nd step while giving URI request.
My URI request is given below===>
https://api.login.yahoo.com/oauth/v2/
get_request_token?oauth_nonce=rs2130523f788f313f76314ed3965ea6
&oauth_timestamp=1325661943
&oauth_consumer_key=dj0yJmk9VndXdnhUbkJMc2MyJmQ9WVdrOVUzcFdkbnA0TXpnbWNHbzlNamMxTXpJeU9UWXkm
cz1jb25zdW1lcnNlY3JldCZ4PTkw
&oauth_signature_method=plaintext
&oauth_signature=1daaeb467916f4331023fc5fce3cb6b6c27ac7ed
&oauth_version=1.0
&xoauth_lang_pref="en-us"
&oauth_callback="http://mysitename.freetzi.com/index.html"
Can you please tell why I am getting "File not found"?
The response status code is 401 if there is something wrong with your parameters. So you got the "File not found" error. But you can see the error message in the http header with Firebug. Your problem is if the oauth_signature_method is plaintext, you should add a %26 after your oauth_signature
Like this
&oauth_signature_method=plaintext
&oauth_signature=1daaeb467916f4331023fc5fce3cb6b6c27ac7ed%26
&oauth_version=1.0
Hope this helps.