I am having an issue with hitting POST APIs(send message, create channel) from our Graph API app.
First request is for create channel:
Request URL: https://graph.microsoft.com/v1.0/teams/id/channels
Post Body:
{:displayName=>"new channel", :description=>"description"}
Headers also include the bearer token from the authorization API
Error received:
{:code=>"BadRequest", :message=>"channel cannot be null.\r\nParameter name: channel", :innerError=>{:date=>"2020-06-24T12:40:33", :"request-id"=>"be91ce7b-0"}}
Documentation that I followed: https://learn.microsoft.com/en-us/graph/api/channel-post?view=graph-rest-1.0&tabs=http
Second request is of send message to channel:
Request URL: https://graph.microsoft.com/v1.0/teams/bc71-8b158cc3b3/channels/19:ec73841#thread.skype/messages
Post Body:
{:body => {:contentType=>"html", :content=>"Tesing message from graph api"}}
Headers also include the bearer token from the authorization API
Error received:
{:code=>"InternalServerError", :message=>"Failed to execute request.", :innerError=>{:date=>"2020-06-24T12:42:01", :"request-id"=>"ed601c89-f0bd3"}}
Documentation that I followed: https://learn.microsoft.com/en-us/graph/api/channel-post-messages?view=graph-rest-1.0&tabs=http
Related
I am trying to implement Stream chat Rest APIs ( by following this link : https://getstream.io/chat/docs_rest ) provided by GetStream. So, I put the baseUrl and expected headers in following ways :
Request Url : https://chat-us-east-1.stream-io-api.com/channeltypes
These are the values which I put in Headers section of Postman :
Authorization : <Getstream token (generating from setUser function) from backend>
Stream-Auth-Type: jwt
api_key : <Getstream API key>
But I am getting this response on hitting API on Postman:
{
"code": 17,
"message": "ListChannelTypes failed with error: \"Channel types can be described only with server-side auth\"",
"StatusCode": 403,
"duration": "0.00ms"
}
I am unable to find out what I am missing or doing wrong in using the Rest API of Getstream. Please suggest and help in fixing this issue.
As described in error message:
Channel types can be described only with server-side auth
It's only possible with server side authentication.
When you use Authorization: <Getstream token (generating from setUser function) from backend>, this is for client-side.
You need to use your secret in the token to enable server-side and to gueary in this endpoint.
I'm trying to setup a MS Graph webhook subscription for messages, but it appears that Graph is sending a blank validationToken. I'm connecting to https://graph.microsoft.com/beta/subscriptions
My API endpoint works in Postman and successfully returns a plaintext response with only the validationtoken, but when I call MS Graph, I get the following error "Subscription validation request failed. Response must exactly match validationToken query parameter". I've also tried both validationtoken and validationToken as the parameter to look for.
Full error message
"{\r\n \"error\": {\r\n \"code\": \"InvalidRequest\",\r\n \"message\": \"Subscription validation request failed. Response must exactly match validationToken query parameter.\",\r\n \"innerError\": {\r\n \"request-id\": \"f1546835-606d-4bd8-ab3c-dfb2c75285aa\",\r\n \"date\": \"2018-08-10T03:45:56\"\r\n }\r\n }\r\n}"
To create a subscription you need to expose a notification URL with https (You can look at Graph documentation at https://developer.microsoft.com/en-us/graph/docs/concepts/webhooks).
When you send your create subscription request, the first post message your notification URL will receive is a message with a validation token. You have to send this validation token back. Now you should receive notifications on your specified notification URL. Looking at this failure, it looks like the notification URL is not sending the validation token back.
The response should not vary between Postman and MSGraph. If you are still seeing issues, please share your notification url and we will try to get a repro.
I'm getting a 401 when trying to POST a request to the Twilio REST API.
I've included the following header:
Authorization: Basic <base64 encoded '<accountSid>:<authToken>' string>
And I've also tried Basic Authorization without encoding the string but the result is the same.
Edit: This is the response body:
Not Authorized - only signed requests from Twilio are allowed. More info about this error at: https://www.twilio.com/help/faq/twilio-basics/why-does-my-twiml-bin-url-give-me-a-not-authorized-error-when-i-try-to-view-it
How do i sign a request? The docs aren't very clear about it.
I am trying to use survey monkey APIs to pull data from a survey we launched last week but I keep getting error. I already registered an app in the developer portal. I added 'OAuth Redirect URL' in this format "https://api.surveymonkey.com/oauth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fapi.surveymonkey.com%2Fapi_console%2Foauth2callback&client_id=SurveyMonkeyApiConsole&api_key=u366xz3zv6s9jje5mm3495fk" as mentioned in Survey Monkey OAuth developer Cheat Sheet (https://gist.github.com/api-admin/11302313). I also set scopes and marked app status as 'public'.
Here is my code to call an API .
import requests
url = "https://api.surveymonkey.net/v3/surveys/%s?api_key=%s" % (survey_id, YOUR_API_KEY)
s = requests.Session()
s.get(url).text
This is the error I get.
Out[41]: u'{"error": {"docs": "https://developer.surveymonkey.com/api/v3/#error-codes", "message": "The authorization token was not provided.", "id": "1010", "name": "Authorization Error", "http_status_code": 401}}'
What else needs to be done to download data using APIs? I am using SELECT annual plan subscription.
You need to set the access token in the header. I just checked the example in the docs and that is missing. The docs should be fixed.
OAuth example is here. So for that request in particular you'll need to do:
headers = {
'Content-Type': 'application/json',
'Authorization': 'bearer ACCESS_TOKEN_HERE'
}
s.get(url, headers=headers)
That should work for you.
I have problems while updating code to new scope. Currently I use userinfo.profile and everything works Ok.
According to Google+ OAuth 2.0 scopes new plus.me scope allows application to know who user is, and plus.login also gives additional access (to age, language, circles, ...).
If I replace userinfo.profile with plus.me - everything works Ok: method WebServerClient.RequestUserAuthorization authorizes user and ProcessUserAuthorization gives me a token.
But if I ask plus.login scope instead - Google adds additional query parameters to my callback and next call to WebServerClient.ProcessUserAuthorization fails , because implementation uses current rul to make new redirect_url, striping "known" parameters and leaving "new unknown" Google parameters. his redirect_url doesn't match on registered in Google Api Console and Google server returns 400 response.
Here is success response from authorization with plus.me scope (from NetOpenAuth.Messaging.Channel log):
Incoming HTTP request: GET http://localhost:40004/Me/LoginComplete?from=Google&state=TWXf6Zq3XYSlwyfCDt3GiQ&code=4/qC_KeuiykcVm1sayIyEdnBjiklxz.AoMfk5TqaXQcsNf4jSVKMpY-GxwThAI
After binding element processing, the received EndUserAuthorizationSuccessAuthCodeResponse (2.0) message is:
code: 4/qC_KeuiykcVm1sayIyEdnBjiklxz.AoMfk5TqaXQcsNf4jSVKMpY-GxwThAI
state: TWXf6Zq3XYSlwyfCDt3GiQ
from: Google
And here is (success) authorization response with plus.login scope:
Incoming HTTP request: GET http://localhost:40004/Me/LoginComplete?from=Google&state=26R-O3YN6u3-5EKIlJzFFw&code=4/zOoeVq8vec068x2-CyPq4PjPNtRT.osemzp8Zl7sQsNf4jSVKMpbcmWQThAI&authuser=0&prompt=consent&session_state=27ca4bd2e70d0721bc1fa781b900a558e59fe4c7..d409
After binding element processing, the received EndUserAuthorizationSuccessAuthCodeResponse (2.0) message is:
code: 4/zOoeVq8vec068x2-CyPq4PjPNtRT.osemzp8Zl7sQsNf4jSVKMpbcmWQThAI
state: 26R-O3YN6u3-5EKIlJzFFw
from: Google
authuser: 0
prompt: consent
session_state: 27ca4bd2e70d0721bc1fa781b900a558e59fe4c7..d409
Call for token (for plus.me scope) will be successful:
Prepared outgoing AccessTokenAuthorizationCodeRequestC (2.0) message for https://accounts.google.com/o/oauth2/token:
code: 4/qC_KeuiykcVm1sayIyEdnBjiklxz.AoMfk5TqaXQcsNf4jSVKMpY-GxwThAI
redirect_uri: http://localhost:40004/Me/LoginComplete?from=Google
grant_type: authorization_code
client_id: 175802076419.apps.googleusercontent.com
client_secret: ********
But with plus.login scope 3 new parameters (authuser, prompt, session_state) are transferred to redirect_url param:
Prepared outgoing AccessTokenAuthorizationCodeRequestC (2.0) message for https://accounts.google.com/o/oauth2/token:
code: 4/zOoeVq8vec068x2-CyPq4PjPNtRT.osemzp8Zl7sQsNf4jSVKMpbcmWQThAI
redirect_uri: http://localhost:40004/Me/LoginComplete?from=Google&authuser=0&prompt=consent&session_state=27ca4bd2e70d0721bc1fa781b900a558e59fe4c7..d409
grant_type: authorization_code
client_id: 175802076419.apps.googleusercontent.com
client_secret: ********
And as soon as this redirect_url does not match registered I receive error:
https://accounts.google.com/o/oauth2/token returned 400 BadRequest: Bad Request
OAuth2 spec says that params code and state are required in authorization response and says noting about adding other parameters. But it also says that
The client MUST ignore unrecognized response parameters
Does this mean that this is DNOA issue and not Google one?
May be DNOA must add nullable responseUri parameter to ProcessUserAuthorization and use it instead of guessing from current url...
What's the easiest workaround (except using Google library)?
Update:
Here is original request for /oauth
Prepared outgoing EndUserAuthorizationRequestC (2.0) message for https://accounts.google.com/o/oauth2/auth:
client_id: 175802076419.apps.googleusercontent.com
redirect_uri: http://localhost:40004/Me/LoginComplete?from=Google
state: TWXf6Zq3XYSlwyfCDt3GiQ
scope: https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/plus.me
response_type: code