I'm trying to get an authorization code to exchange for a user access token to gain access to the Instagram Basic Graph API. I've followed the directions on the Facebook Developer Page and am stuck on authenticating the user. I've tried loading the authorization uri:
https://api.instagram.com/oauth/authorize
?client_id={app-id}
&redirect_uri={redirect-uri}
&scope=user_profile,user_media
&response_type=code
on the browser, which returned:
{"error_type": "OAuthException", "code": 400, "error_message": "Invalid platform app"}
I've also tried using Postman to perform a GET request as described by Facebook, and the response returns 404, shown below:
screenshot of postman GET request attempt
What am I doing wrong?
I am trying to access token from one-time code using Google oAuth2. But I am getting an error message redirect_uri_mismatch in the response. However i've already added the redirect_uri in console.
I have my Authorized redirect uri as:
http://localhost:3020/api/users/google_oauth_store_token
My request:
Request URL = https://www.googleapis.com/oauth2/v3/token?code=xXXXxx&client_id=xxxxxx&client_secret=xxx&redirect_uri=http://localhost:3020/api/users/google_oauth_store_token&grant_type=authorization_code
My response:
response = {
"error": "redirect_uri_mismatch",
"error_description": "Bad Request"
}
That was my mistake. I had to use the redirect_uri that i had used in one-time redirect uri. Google uses one of the redirect_uri to rest the client origin.
This will probably be a really dumb question but I'm pretty new to this and am trying to learn how to use the Instagram API for Ruby.
I installed Sinatra and am trying to go to localhost:4567 to run the sample application found here: Instagram API Sample Application. I replaced the CLIENT_ID and CLIENT_SECRET in the code in the link with my actual client ID and secret.
My website URL is set to http://localhost:4567/ and redirect URI is also set to the same link.
This is probably a really dumb issue and really easy to fix--could someone please help me? Below is the error message I got.
{"code": 400, "error_type": "OAuthException", "error_message": "Redirect URI does not match registered redirect URI"}
You are not reading the error message right.
You don't have to set the website URL and redirect URL same, rather u have to make sure that the redirect URL you set is same as the redirect_uri url param you pass to authenticate in oauth2 step.
I'm developing an app where I want to integrate Instagram. I'm able to login to I get Redirect URI error. I'm not able to find out wat exactly the error is. I'm getting
{"code": 400, "error_type": "OAuthException", "error_message":
"Redirect URI does not match registered redirect uri"}
I have also made changes in apps plist list.
I added ig[clientid] as the redirect uri ,where "[clientid]" is my CLIENT ID. While registering for the app I added https://www.bcod.co.in as redirect URI
I have a Rails website that has Google OAUTH2 implemented and working.
We are developing an iOS app, which is going to talk to my web server using APIs. Some of the APIs need the user to be authenticated. The idea, is that the iOS app authenticates the user using OAUTH2 on the device, then POSTs the token over SSL from the device to the web as the authentication. I need the website to verify the token.
In the Google API console, I added the client ID for the iPhone device, and got an access token by going to:
https://accounts.google.com/o/oauth2/auth?
scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&
redirect_uri=urn:ietf:wg:oauth:2.0:oob&
response_type=code&
client_id={my client id}
Then, I pass the token to my site. On my site, I validate the token via:
google = OmniAuth::Strategies::GoogleOauth2.new(ENV['GOOGLE_API_KEY'],['GOOGLE_CLIENT_API_SECRET'])
client = OAuth2::Client.new(ENV['GOOGLE_API_KEY'],['GOOGLE_CLIENT_API_SECRET'], google.options.client_options)
access_token = OAuth2::AccessToken.new(client, params[:token], google.options.access_token_options || {})
google.access_token = access_token
google.auth_hash
When I attempt to auth_hash, the following error is returned:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "authError",
"message": "Invalid Credentials",
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Invalid Credentials"
}
}
From here, I have no clue why I have specified invalid credentials.
ENV['GOOGLE_API_KEY'] points to the same API key as the website, and ENV['GOOGLE_CLIENT_API_SECRET'] points to the secret for the iOS client.
The URL I used above, I thought, gave me an access token. In reality, it returns to me an authorization code (which can then be used to get an access token).
The solution, is to exchange the authorization code, for an access token, then I can pass the token around and use it.
The difference between an authorization code and an access token is somewhat vague on the Google site, but you can read about how to exchange them here:
https://developers.google.com/accounts/docs/OAuth2WebServer