I'm using the google calendar API since 2012, but it stopped working now.
Error response returned: Invalid Credentials
So i went through my notes and looked up how i did this. (I only did this once) I got the developer key from https://code.google.com/apis/console
They key is still there and its the same key.
But apparently i got the CONSUMER_KEY and CONSUMER_SECRET
from Google Apps for Business account (Advanced Tools > Manage OAuth domain key)
I can't get there anymore. Or i dont know how to find this in google apps. Google apps is not even called google apps anymore. Does anybody know where i have to look?
As stated in this documentation, that error means that the access token you're using is either expired or invalid. Suggested action is to refresh the access token using the long-lived refresh token. If this fails, direct through the OAuth flow, as described in Authorizing Your App with Google Drive.
CONSUMER_KEY and CONSUMER_SECRET are also known as your "API key" and "API secret".
Check these related GitHub issue and SO post which might help.
Related
I am trying to use the bitbucket API for getting details of my repositories, issue, etc., but I am not able to find a clear way of authenticating the API request.
I would like to have a simple way of authenticating the endpoints like
https://api.bitbucket.org/2.0/repositories/usamarehank_dckap?access_token={my_access_token}
Here I obtained the access token from the app password section of my account.
I am getting an error on doing so like
{"type": "error", "error": {"message": "Access token expired. Use your >refresh token to obtain a new access token."}}
I tried using consumer key creation but I am not sure where to plug those values in the request and with the OAuth it asks for client_id which I am pretty sure not giving in the docs where to get them.
How would I basically do a simple access_token request just like github API without any OAuth?
Right, this access_token is part of the OAuth authentication process: https://confluence.atlassian.com/bitbucket/oauth-on-bitbucket-cloud-238027431.html
To use just these app passwords you can create via your profile, you need to use simple Basic Authentication with that app password.
You can read a bit more about it here: https://developer.atlassian.com/bitbucket/api/2/reference/meta/authentication
I'm having some issues with the above api that I can't seem to solve and would appreciate any help: I'm trying to build an oauth url with the scope of https://www.googleapis.com/auth/adexchange.seller+https://www.googleapis.com/auth/adexchange.seller.readonly and i'm not prompted for those permissions when redirecting to the oauth urls.
I've taken the developer console URIs and only changed the client_id and redirect_uri and it still doesn't work, so I believe the problem is with my google developer console application?
e.g. the google developer console URI which prompts me to authorise for "View and manage your Ad Exchange data" and "View your Ad Exchange data" is:
https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/adexchange.seller+https://www.googleapis.com/auth/adexchange.seller.readonly&response_type=code&access_type=offline&redirect_uri=https://developers.google.com/oauthplayground&approval_prompt=force&client_id=407408718192.apps.googleusercontent.com
Now if I only change the client_id and redirect_uri to use my application i only get prompted to "Have offline access" which in turn does not allow me to access any data as it says that this user does not have any adx account.
Both cases I'm authenticating with the same user (I also tried with other adx users), using a "client id for web application" credential.
Thanks
Amnon
If anyone ever has this problem: the issue was caused because I once tried to authenticate with a google credential for installed application and for some reason until I revoked the access for the application from google.com/settings it wouldn't prompt me for the correct scopes. after revoking everything started working as expected.
Amnon
Hello kind people of the internet.
Does Google OAuth2.0 support an OAuth-flow for a Resource Owner Password Credential Flow?
...and if so, then:
A.) can this type of OAuth flow be tested on the Google OAuth2 Playground?
B.) are there any examples of the "Resource Owner Password Credential Flow" with Google OAuth2.0 and the Google APIs?
Per an OAuth presentation recently in Oslo NDC 2013, this subject flow apparently skips the authorization end point all together and directly talks to the token end point of the OAuth2 server. The request syntax incantation would supposedly look something like this:
grant_type=password&
scope=resource&
user_name=owner&
password=password&
My understanding is the Resource Owner Password Credential Flow is for trusted applications in a back-end enterprise type of situations (where a name-password pair could be securely stored).
This particular OAuth flow would require no end-user consent interaction (no pop-up of a browser to Accept, then get a returned authorization-code, etc). In this subject flow the access & refresh token are directly returned, again: with no end-user interaction (albeit after an entry of a username-password).
Looking through the Google OAuth documentation ( link to Google OAuth2 docs ) there does not seem to be any mention of anything resembling Resource Password Credential Flow, but not sure that necessarily means it is explicitly not supported by Google.
Any help or advice would be much appreciated.
thanks in advance
Dear kind internet person,
it is true that Resource Owner Password Credential Flow is not supported on Google but google suggests you use the Installed Application Flow, which is described in: https://developers.google.com/accounts/docs/OAuth2InstalledApp.
You would need to create an Installed Application in the Google Console (https://code.google.com/apis/console), when you do that you can fetch the client_id and build a GET request with the parameters, which would look like so:
https://accounts.google.com/o/oauth2/auth\?
scope\=<scope>\&
redirect_uri\=urn:ietf:wg:oauth:2.0:oob\&
response_type\=code\&
client_id\=<client_id fetched from google console>
You would construct this URL and navigate to it on your browser, allow access for the app and google would give you what I believe is a code which you can use to get credentials. You can use those credentials to get an access token and refresh it, and this credentials is permanent. There's a good example of that on github. Note that you only need to get those credentials manually once, and then you save those credentials somewhere and keep using them to get/refresh tokens.
Hope this helps!
As far as I know, No. The OAuth 2.0 stuff is for Google accounts, for which Google does authentication.
I have had a search around stackoverflow, but was unable to find an answer to my question, so I thought I'd ask.
I'm currently working on an iOS app where I would like to get a feed of a public timeline without the user of the app being required to have a twitter account.
I am successfully able to do this using twitters v1.0 of the API and all works perfectly. Simply making a request to http://api.twitter.com/1/statuses/user_timeline.json?screen_name=username retrieves all the information that I require.
However, since v1.0 has been deprecated and V1.1 requires authentication for each request, I get a bad authorization error using this API. Having looked at the Twitter documentation and how to generate OAuth request headers, I don't fully understand the "Getting a signing key" section of the documentation in the link below. (this is my first time working with Twitter's API and OAuth, I'm trying to gain a good understanding, before I start the implementation)
https://dev.twitter.com/docs/auth/creating-signature
As I understand it, the consumer secret can be found when logging into twitter.com/apps but I'm not sure where I would get the "OAuth Token Secret" in order to generate a valid signing key.
Since this is an iOS app, I know I could use the TWRequest class, but to my understanding, this would require the user to have twitter setup on their device.
I hope the above makes sense and any help would be appreciated.
Thanks
If you go to the Twitter application you have set up https://dev.twitter.com/apps
You should see your Access token secret under the heading Your access token. If you don't see this then you probably haven't generated an access token yet.
I'm currently having massive trouble with Vimeo's Oauth implementation and my desktop app. My program does the following correctly.
1- Requests a Unauthorized Request Token with my key and secret and returns - a Token and a Token secret.
2- Generates a URL for the user to go to using the token which then shows our application's name and allows the user to Authorize us to use his/her account. It then shows a verifier which the user returns and puts into our app.
The problem is the third step and actually exchanging the tokens for the access tokens. Basically every time we try and get them we get a "Invalid / expired token - The oauth_token passed was either not valid or has expired"
I looked at the documentation and there's supposed to be a callback to a server when deployed like that which gives the user an "authorized token" but as im developing a desktop app we can't do this. So I assume the token retrieved in 1 is valid for this step. (actually it seems it is: http://vimeo.com/forums/topic:22605)
So I'm wondering now am I missing something here on my actual vimeo application account now? is it treating it as a web hosted app with callbacks? all the elements are there for this to work and I've used this same component to create a twitter Oauth login in exactly the same way and it was fine.
Thanks in advance,
Barry
Fixed. It was a problem on Vimeo's end.