QuickBooks Online API Authentication Failed - quickbooks

I got the access token using Oauth 2 in Quickbooks Intuit developer apis.
The scope is com.intuit.quickbooks.accounting
I was able to get access token and refresh token using Quickbooks authentication and authorization endpoint.
Then I tried to get companyInfo with calling this api.
https://sandbox-quickbooks.api.intuit.com/v3/company/companyId/companyinfo
When calling this api or others, I am always getting this error.
Message: message=AuthorizationFailed; errorCode=003100; statusCode=403, Detail: The access token does not have sufficient scope
I am sure access token is right. but I am not certain why I got this error.
Please help me.
Thanks

I faced the same problem and then I came to know that my quickbook client was initializing with empty client_id and client_secret. it worked after i changed those to right values.

Related

How to get profile picture from Microsoft Graph API using Keycloak token

I am trying to get profile picture from Microsoft Graph API using keycloak token.
But it is getting unauthorised when I use keycloak token, if i use token from Microsoft identity it is working fine and returning profile picture.
I am unable to get proper documentation on this. Please share if anybody got/have.
You need to execute a token exchange, where you exchange Keycloak token (not valid for Microsoft Graph API) for a Microsoft token (valid for Microsoft Graph API).
So far, I have found this question in official keycloak blog and is really helpful to proceed.
https://keycloak.discourse.group/t/is-it-possible-to-use-an-keycloak-accesstoken-to-get-access-to-the-microsoft-graph/6831

Does OneLogin support client_credentials?

Having trouble finding the information in OneLogin regarding client_credentials.
I'm just looking to setup the flow for an API that we have.
A client app will request a token using client_id, client_secret, then use that token to access our API. Was hoping that OneLogin was a token provider, and could even assist in some way.
I've gotten as far as setting up a developer account, then creating an API, but I have been unable to obtain an access token from the API - and even if I did it seems to be a token I would use to access the other features in the OneLogin API.
Can anyone tell me if what I'm trying t achieve is possible with OneLogin?
Machine to Machine, or client to API communication.
Thanks in advance!
I'd recommend setting this up with OpenID connect:
https://developers.onelogin.com/openid-connect/api/password-grant
This will generate a token (and refresh token) that can be validated against OL.

Google Picker, get OAuth token

I am using Google Picker inside of my project. Now, it has to use the OAuth token or you get the message ("Invalid credentials (missing or invalid oAuth token)").
I want to get that token from my user. I don't know how to do it.
I know it has to use OAuth 3-legged to get permissions of my client.
Can you help me, please?
Diego.
Well, I have manage my problem using OAuth 2.0 and this library. Ask me if you have any problem.

Can I obtain intuit oauth access token and secret with desktop app?

We have a desktop app (Delphi XE2) that gets an oauth request token from Intuit and fires off the URL call to Intuit where the user authorizes our app. This half of the oauth dance seems to be working.
The problem we are running into is getting the Access Token and Access Token Secret. We never seem to get it.
Details:
This is for QuickBooks v3 API.
We have a web service setup to handle the callback whose URL we pass along when we make the call to get with request token to https://appcenter.intuit.com/Connect/Begin
That opens the Intuit web page with our test company and our app listed. When we grant access to our app from the Intuit site the web browser is redirected to our callback URL and that contains an oauth token (which I'm not really sure is our access token) but we never get the access secret. That's the missing thing for us.
Is the token we are getting in the callback our access token?
If so how do we get the access secret? Is that token another token to be used to make another call to https://oauth.intuit.com/oauth/v1/get_access_token where we would obtain our access token and secret?
I tried using the token returned to our callback URL as a token for the "get access token" url and that gave me unauthorized errors.
If the token returned to our callback URL is not the access token where/how the heck do we get it?
Any help or direction is appreciated.
UPDATE:
So, it turns out I was missing one entire step of the OAuth dance.
After the user authorizes access and that passes the original request token and a verifier key to our web service. That verifier key is used with the original token in yet another call to Intuit to get the access token and access token secret.
Cheers!
TJ
The initial callback returns to you a request token, which you then have to send back to Intuit via the get_access_token URL to get an access token and secret.
Intuit instructions:
Implement OAuth in Your App
The OAuth spec it refers to is RFC 5849.
You can refer the sample V3 APP.
https://github.com/IntuitDeveloperRelations/QuickbooksV3API-Java
To be specific, please refer
OAuthController.java and OAuthHelper.java
Thanks

Salesforce webserver Oauth 2.0 integration

I am developing a google app engine - java project where I want to integrate Salesforce APIs.
I want to authorize user with Oauth 2.0 and want to retrieve contacts of the authorized user.
Salesforce API returns code in response of the first request and then again I request for the access token from the code.
With the access token when I call any of the service API it gives me following error
[{"message":"Session expired or invalid","errorCode":"INVALID_SESSION_ID"}]
I found the issue.
In configurations Administration Profile was missing to be connected with Apps whose client ID and secret I was using.
you are not getting valid access token.
generate the proper url to get the access token
https://developer.salesforce.com/page/Digging_Deeper_into_OAuth_2.0_at_Salesforce.com
For more proper information, you can have a look of this

Resources