can anyone help me I am trying to call below request
curl https://rtm.zopim.com/stream/{resource} \
-H "Authorization: Bearer {API access token}"
initially, I tried with basic auth (adding id : password in the request) response was unauthorized,
then I generate access token with postman like in below screenshot
and when call API with that access token then the response is 403 forbidden
I can successfully hit and get response other api like ( https://www.zopim.com/api/v2/chats) with the same access token
but not the specific "rtm.zopim.com/stream/"
The Real Time Chat API is available on Enterprise plans only, so if you are not on the Enterprise plan you will receive a 403 Forbidden error.
Related
Hopefully I'm missing something very simple. According to this documentation to get an access token I need to hit the following url:
https://login.live.com/oauth20_authorize.srf?client_id={client_id}&scope={scope}
&response_type=token&redirect_uri={redirect_uri}
So far this appears to be working as the returned url I get contains
/#access_token=EwAYA61DBAAUcSSzo.......
According to the token flow documentation above,
You can use the value of access_token to make requests to the OneDrive API.
According to this page,
Your app provides the access token in each request, through an HTTP header:
Authorization: bearer {token}
When running curl I give it the exact token I was given before,
curl -X GET \
https://graph.microsoft.com/v1.0/drive \
-H 'Authorization: Bearer EwAYA61DBAAUcSSzoTJJs.....
{
"error": {
"code": "InvalidAuthenticationToken",
"message": "CompactToken parsing failed with error code: 8004920A",
"innerError": {
"request-id": "8780c600-2b7f-45a0-b484-7eca9dfd2697",
"date": "2019-01-25T19:33:22"
}
}
}
Why is the token they provided not working?
What I've tried so far:
changing the case of bearer in the header
wrapping said token in {}
generating new tokens
URL decoding said token
One thing to note: the tokens I am receiving are not JWT tokens. Googling the error code pulls up several Stack Overflow questions that seem to imply the graph api is expecting a JWT. If this is the case, am I missing a step to obtaining it?
You can't call Microsoft Graph API after completing the authentication flow for Microsoft accounts (OneDrive personal).
In addition, the authorization process with Microsoft accounts is no longer recommended according the docs and new applications should be developed using Microsoft Graph:
This topic contains information about authorizing an application using Microsoft accounts for OneDrive personal. However, this approach is no longer recommended. New applications should be developed using Microsoft Graph and follow the authorization process in Authorization and sign-in for OneDrive in Microsoft Graph.
I was using apim 3-m18 previously and post'ing to localhost:9443/api/auth/oauth2/v1.0/token?grant_type=password&scope=apim:api_view with the basic auth token of clientid:clientsecret returned from /api/id4entity/oauth2/dcr/v1.0/register endpoint worked fine in giving me the oauth token for admin api's - e.g. the logic laid out at wso2 API-M 3.0 - how to get oauth token for product/admin api calls
However, I upgraded to latest rev (m24) and the dcr register endpoint still works fine, but when I then hit the token api with the base64-encoded clientid:clientsecret from dcr, the request hangs before i get a timeout error.
When I exit m24 and restart m18 and make the exact same requests (dcr call for clientid/secret, then token api call), it works. Then switching to m22 fails with same requests.
I didn't see any documentation or issues in github on this, so was curious if anyone knows what I might need to change to get the oauth token. Thanks.
Could you please use the following curl command
curl -X POST -H "Authorization: Basic N2Y4MzM0ODEtNjk1ZS00OWY4LTg0OTgtOGU0NjUwNzhmYjljOmU1NmZlOTM3LTQwZjYtNGEwMy04MDIzLTE4ZGE0YmZmNWU3OA==" -H "Content-Type: application/x-www-form-urlencoded" -d 'username=admin&password=admin&grant_type=password&scope=scope' "https://localhost:9443/api/auth/oauth2/v1.0/token" -kv
Authorization token is Base64 encoded(clientId:clientSecret)
How do you get an access token from the wunderlist api using oauth?
The wunderlist documentation says:
Wunderlist redirects back to your site
If the user accepts your request, Wunderlist will redirect to your redirect_uri with a temporary code in a code parameter as well as the state you provided in the previous step in a state parameter. If the states don't match, the request has been created by a third party and the process should be aborted.
Exchange code for an access token:
POST https://www.wunderlist.com/oauth/access_token
I do not understand
Exchange code for an access token
am I supposed to redirect to https://www.wunderlist.com/oauth/access_token to get an access token?
Exchanging the code for an access_token is done by executing an HTTP POST message to the token endpoint, in your case to https://www.wunderlist.com/oauth/access_token, with JSON data as specified in: https://developer.wunderlist.com/documentation/concepts/authorization. Using cURL it would look like:
curl -H "Content-Type: application/json" -d '{ "code":"<CODE>", "client_id": "<CLIENT_ID>", "client_secret": "<CLIENT_SECRET>"}' https://www.wunderlist.com/oauth/access_token
I am trying exchange authentication code to access token on OAuth2.
I sent a request to google using GET request, and I got a code. And now I'm trying to exchange the code to access token.
I sent request to https://accounts.google.com/o/oauth2/token with these arguments
using POST request
code=[Authentication code]
client_id=[Client ID]
client_secret=[Client Secret]
redirect_uri=urn:ietf:wg:oauth:2.0:oob
grant_type=authorization_code
But google responsed like this with 400 error
{
"error" : "redirect_uri_mismatch"
}
I created Client ID on google developers console. I used type 'Installed Application'.
I also tried:
request_uri=#://localhost:8081
request_uri=#://localhost:8081/
(# means http. I edited on my phone, so I couldn't insert code block for http)
But it didn't worked.
What's wrong with request?
Check these 2 steps below
The redirect uri to retrieve auth code and access token should be same
Use the same redirect uri that you configured while creating the application, screenshot below
I am using OAuth 2.0 for Authorization process.
I have requested for Authorization Code with this url:
https://www.box.com/api/oauth2/authorize?response_type=code&client_id={MY_CLIENT_ID}
Then I was redirected to box.net login page for authorization.
I have entered credentials for my Box.net account.
Granted access for account.Then I got Authorization code which I encoded in URL and sent a request with this:
https://www.box.com/api/oauth2/token?grant_type=authorization_code&code={AUTHORIZATION_CODE}&client_id={MY_CLIENT_ID}&client_secret={MY_CLIENT_SECRET_ID}
I got this response:
{"error":"invalid_client","error_description":"The client credentials are invalid"}
I have checked my Client Id and Client Secret Id many times. Those are correct. What can be reason for such an error message?
As the official documentation states:
To get the access_token, you’ll need to make a POST request to https://www.box.com/api/oauth2/token with the following parameters...",
Although all the parameters including client_id, client_secret, grant_type and code are right, if you don't make a POST request to the url, you will get error: "invalid_client".
Try:
curl https://www.box.com/api/oauth2/token \
-d 'grant_type=authorization_code&code={your code}&client_id={your client id}&client_secret={your client secret}' \
-X POST