I am calling the Twilio Verify Rest API using JSON in the body, but it is returning an error " Your AccountSid or AuthToken was incorrect."
Here is my setup:
I used a Base64 encoder> entered my AccountSID:Auth token> and entered it into the "Value" as seen in the screenshot below.
I am not sure exactly what I am doing wrong. Any help?
Make sure to send the body of your request as application/x-www-form-urlencoded, not JSON.
Example:
curl -X POST https://verify.twilio.com/v2/Services/VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/Verifications \
--data-urlencode "To=+15017122661" \
--data-urlencode "Channel=sms" \
-u ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:your_auth_token
Related
Even though I read a numerous duplicate issues here on Stackoverflow, still can't figure out for the life of me what I'm doing wrong.
Problem: I successfully receive an authorization code from, but when I request an access token using this code I get the following error:
{
"error": "invalid_request",
"error_description": "Invalid parameter value for redirect_uri: Missing scheme: http%3A%2F%2Flocalhost%3A3030%2Fgoogle%2Foauth2%2Fcallback"
}
Configuration:
I use http://localhost:3030/google/oauth2/callback as a callback URL
It's setup in the google developer console:
This is a "raw curl" request that I send to obtain a token:
curl --location --request POST 'https://oauth2.googleapis.com/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'code=4%2F0AY0e-g6zyewnsWjPEXoxZWawsp1E634ZlefYoBeYO1nXxBwjPQNCGVf7SGb4MxfNcjUApw' \
--data-urlencode 'redirect_uri=http%3A%2F%2Flocalhost%3A3030%2Fgoogle%2Foauth2%2Fcallback' \
--data-urlencode 'client_id=....' \
--data-urlencode 'client_secret=....' \
--data-urlencode 'grant_type=authorization_code'
P.s. as you can see I "UrlEncoded" redirect_url as well as code since it does contain slashes. To be on the same side, I tried to encode client_id, client_secret and grant_type as well, but since they only contain ASCII characters they came out the same.
What I have done:
Researched through similar problems on SO: jenkins issue, ios issue, php issue, missing http issue,nodejs issue - similar to this one followed up by discussion, this, that, and all other ones present here - will omit them for brevity.
I've tried to set
http://localhost/google/oauth2/callback:3030 as well as
http://127.0.0.1:3030/google/oauth2/callback and
http://127.0.0.1/google/oauth2/callback:3000 (although specifying a port in the end is super weird and changing localhost to 127.0.0.1, but was suggested in one of the similar threads), none of these worked.
Read all the docs from google
Played with OAuth2 Playground (where it works obviously), but doesn't work for me
Tried multiple variations for body + different content types the same problem, but sometimes I also get
{
"error": "invalid_grant",
"error_description": "Bad Request"
}
Any help would be appreciated.
After some time I was able to successfully obtain a token. Turns out that I didn't craft request to Google API correctly. Also, for the "curl" request it should be --data rather than --data-urlencode. The following request worked for me:
curl --request POST \
--url https://oauth2.googleapis.com/token \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data code=4%2F0AY0e-g4TLGE7c7VyMe8-95baQzeh0uERiKuGnHG5Sqccb4MCsmJOzV_a2jSbI9bm62VZ6Q \
--data redirect_uri=http%3A%2F%2Flocalhost%3A3030%2Fgoogle%2Foauth2%2Fcallback \
--data client_id=********* \
--data client_secret=********* \
--data grant_type=authorization_code
or
curl --request POST \
--url https://oauth2.googleapis.com/token \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data 'code=4%2F0AY0e-g4TLGE7c7VyMe8-95baQzeh0uERiKuGnHG5Sqccb4MCsmJOzV_a2jSbI9bm62VZ6Q&redirect_uri=http%3A%2F%2Flocalhost%3A3030%2Fgoogle%2Foauth2%2Fcallback&client_id=*********&client_secret=*********&grant_type=authorization_code'
One more observation: When you test, you can use the authorization code only once (for security reasons). Sometimes even if you send multiple "unsuccessful requests" with the same code, Google's API will reject all subsequent requests with that code (you need to go through the OAuth2 again flow to obtain a new one). The most "frustrating" part that confused me is that the response for the wrong code looks like this:
{
"error": "invalid_grant",
"error_description": "Bad Request"
}
instead of being something like "Code is not valid" or "Code has expired".
So, if you encounter an error above it means the request was crafted correctly, but the code is wrong.
I am using the Linkedin API OAuth 2.0 API and trying to perform a 'like' to a post or a comment using the new version 2 of the Linkedin API using the Postman client.
I have added the following permissions to the scope
r_liteprofile r_emailaddress rw_organization_admin w_organization_social r_organization_social w_member_social w_organization_social r_organization_social
And added the relevant callback, Auth & Access Token URLs to the postman request along with the Client ID and Client Secret ID.
When I perform a request to the \me v2 endpoint it returns relevant data.
When I perform the following GET request it gives me an not enough permissions error (even though it has been recently been accepted to the Marketing API for Linkedin)
https://api.linkedin.com/v2/socialActions/urn%3Ali%3Aorganisation%3A24799518/comments
I would expect to get data - but get a 403 status code and the error message below -
Not enough permissions to access: GET /socialActions/urn%3Ali%3Aorganisation%3A24799518/comments"
The cURL request looks as follows :
curl -X GET \https://api.linkedin.com/v2/socialActions/urn%3Ali%3Aorganisation%3A24799518/comments \
-H 'Authorization: Bearer {MY BEARER TOKEN HERE}' \
-H 'Content-Type: application/json' \
-H 'Postman-Token: 59c239c2-d1c7-48ee-9e5f-a894afde95dc' \
-H 'X-Restli-Protocol-Version: 2.0.0' \
-H 'cache-control: no-cache'
-- update --
I have manually tried this using cURL also with the X-Restli-Protocol-Version: 2.0.0 header and have the same issue. I am ultimately trying to use the API to like posts/comments etc..
Social Action Api is not applicable for organization|Page
GET https://api.linkedin.com/v2/socialActions/{shareUrn|ugcPostUrn|commentUrn}/comments
It is applicable for share|ugcPost|Comment
Use the following request to fetch the shares and use the share Id in the above request to get the comments for the post
GET https://api.linkedin.com/v2/shares?owners=urn:li:organization:24799518&q=owners&count=100
I've successfully generated a token with the GET /v3/identity/token API. I now want to be able to leverage the PUT API to keep the token active.
I am trying this curl command:
curl -X PUT --header 'Content-Type: application/json' --header 'Accept: application/json' -d '<token-value>' 'https://ibm-watson-ml.mybluemix.net/v3/identity/token' -v -i --basic --user <username>:<password>
I get a 400 error stating:
For request 'PUT /v3/identity/token' [Invalid Json: Unexpected character ('-' (code 45)) in numeric value: expected digit (0-9) to follow minus sign, for valid numeric value at [Source: akka.util.ByteIterator$ByteArrayIterator$$anon$1#18bd12ef; line: 1, column: 3]]
The token returned from the get request has the dash character in it, along with other non-alphnumeric values.
Does the token from the get request need to be parsed? what am I missing?
You need to set your content-type to application/json. But -d sends the Content-Type application/x-www-form-urlencoded, which maybe is not accepted on IBM side.
But, seems like your JSON (token) are in the incorrect format.
The token value needs to be the following format (JSON):
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ"
}
And you need to follow the example of sent correctly the format:
curl -H 'Content-Type: application/json' -X PUT \
-d '{"token":"yourToken"}' \
https://ibm-watson-ml.mybluemix.net/v3/identity/token
See the official reference.
i'm trying to send a parse.com push notification from ruby 1.8.7.
i got a test working with curl. but with ruby's net::http i'm getting Timeout::Error: Resource temporarily unavailable
how can i debug this? i don't know how to see why the parse server is responding differently or otherwise see what's happening. i tried sending the request to my own server and the headers looked ok to me.
i simplified what i'm doing to this:
http = Net::HTTP.new('api.parse.com', 443)
response = http.post("/1/push", "{\"where\":{},\"data\":{\"alert\":\"Elliot net http json test 1\"}}", {"X-Parse-Application-Id"=>"xxxxx", "Content-Type"=>"application/json", "X-Parse-REST-API-Key"=>"xxxxx"})
the json there is hard to read, it's from:
api_req = {:where => {}, :data => {:alert => "Elliot net http json test 1"}}.to_json
puts api_req
# {"where":{},"data":{"alert":"Elliot net http json test 1"}}
i also tried several other ways of sending a request with net::http. same result.
the curl request that worked was:
curl -X POST \
-H "X-Parse-Application-Id: xxxxxx" \
-H "X-Parse-REST-API-Key: xxxxx" \
-H "Content-Type: application/json" \
-d '{
"where": {},
"data": {
"alert": "Elliot curl test #4"
}
}' \
https://api.parse.com/1/push
i'm not using parse-ruby-client because i ran into problems with dependencies assuming a newer version of ruby. all i need to do is send some simple push notifications, and it seems like this should work without too much trouble.
can anyone help me get this working or tell me how to get some useful info about what's happening to debug?
As per the REST API Developers guide,
All API access is over HTTPS, and accessed via the https://api.parse.com domain.
So all you need to do is to add http.use_ssl = true.
I followed the instructions on https://developers.google.com/youtube/v3/guides/authentication#OAuth2_Calling_a_Google_API
to check my access to the YouTube v3 API.
I got an access_token from this:
curl --data "code=4/XXX.YYY" \
--data "client_id=foo123.apps.googleusercontent.com" \
--data "client_secret=YYY" \
--data "redirect_uri=urn:ietf:wg:oauth:2.0:oob" \
--data "grant_type=authorization_code" \
https://accounts.google.com/o/oauth2/token
which returned:
{
"access_token" : "ya29.XYXYXY",
"token_type" : "Bearer",
"expires_in" : 3600
}
If I now check access with curl or in the browser
https://www.googleapis.com/youtube/v3/video?access_token=ya29.XYXYXY
I just got back "Not Found".
If I use another (phantasy) access_token or leave out the parameter the result is always the same, just "Not Found". I tried with "http" and "https".
Am I doing something wrong? Is the service just temporarily not available? Should I use v2?
Thanks for your time,
Axel.
Found it myself. The documentation is misleading for me. The sample it uses
https://www.googleapis.com/youtube/v3/video?access_token=ya29.XYXYXY
doesn't say that you need further parameters. The response "Not found" from the server is not helpful. Furthermore "video" must be "videos".
A correct test would be
https://www.googleapis.com/youtube/v3/videos?access_token=ya29.XYXYXY&id=12345678&part=snippet