I am using Google OAuth Playground to generate tokens to test my REST API. I enter profile,email in scope text field of playground. It returns the id_token and use this id_token to get userinfo from link
https://www.googleapis.com/oauth2/v3/tokeninfo?id_token as stated here in documentation https://developers.google.com/identity/sign-in/web/backend-auth.
But it doesn't return any userinfo in JSON.
User info can be retrieved using the below endpoint using your access ID.
https://www.googleapis.com/oauth2/v3/userinfo
What you are doing is retrieving token info using id_token which is different from retrieving the user's info (although some returned data overlaps).
Related
I am trying to Authorize via OAuth with Trello and I can't seem to get it right, even in postman.
I have followed their API docs and have got myself a developer key and I have used a little link they have in this article to get a valid auth token.
I tried including the API key and Auth token in the header and (in a separate test) in the body, as per their documentation.
Everything I try results in "unauthorized permission requested".
What am I doing wrong?
Ok so I had obviously made a mistake when trying the Header route.
It works now if I provide a header key called Authorization and the API key and Auth Token in the following format OAuth oauth_consumer_key="{{apiKey}}", oauth_token="{{apiToken}}".
I’m updating a third party app that currently integrates with Twinfield using the session’s method with username and password to use the oAuth method.
In confused by the documentation though... do I still need to use the sessions or when using oAuth do I just call the endpoint(s) by passing the access token in the header as normal?
Also their Soap definition has four properties, the usual ClientID and Secret but also accessSecret? What’s that?
TLDR: you no longer need to use the sessions and SelectCompany; when you have the access token you can use that and the company code directly in the header.
You can obtain the access token as described here.
The documentation is a bit unclear on how to use the access token in your calls.
In the old username/password/session flow, you referred to a SessionID in the SOAP Header, and you would do a SelectCompany call to select the relevant target ("administratie").
In the OAuth flow, the SessionID is no longer relevant. Once you obtained a valid access token, you should set that in the header using the AccessToken field.
Instead of the old SelectCompany call, you can set the CompanyCode directly in the header. So if you have obtained an access token eyWhatANiceToken, and want to retrieve data for company "My Company BV [130001]" you have set AccessToken to eyWhatANiceToken and CompanyCode to 130001 in the header.
You can request the available codes using the list offices call
I have a question about apple sign in. I just implemented an apple sign in, and I found that I received an identity token, access token, and refresh token. It seems that the identity token has user information in the json web token. I am wondering how I can use the access symbol to receive user information? Facebook and also Google has own endpoint where if I send in that endpoint access token I retrieve user data. Does apple sign in has something similar?
Thanks for the information
To get the user_data(email,name) I am using the following code:
if id_token:
decoded = jwt.decode(id_token, "", verify=False)
response_data.update(
{"email": decoded["email"], "name": decoded["name"]}
) if "email" in decoded else None
response_data.update({"uid": decoded["sub"]}) if "sub" in decoded else None
Here, after successfully receiving id token from "https://appleid.apple.com/auth/token" just decode the id_token and get data from it using the appropiriate fields.
Hope this solves your problem of how to get user data from apple social login.
Apple's system is basically like oAuth ... see https://oauth.net/2/
I have successfully implemented the Twitter Authentication in my .net core project. in the ExternalLoginCallback (Account Controller), I am receiving the access_token and access_token_secret after successful authentication with twitter.
How am I meant to use those to call the twitter REST API in order to receive further information about the user?
It looks like the API needs different keys for the authorisation.. See here:
Authorization:
OAuth oauth_consumer_key="xxxxxxxxxxx",
oauth_signature_method="HMAC-SHA1",oauth_timestamp="xxxxxxxxxxx",
oauth_nonce="xxxxxxxxxxx",
oauth_version="1.0",oauth_token="xxxxxxxxxxx-xxxxxxxxxxx",
oauth_signature="xxxxxxxxxxx"
I have replaced all values with xxxx..
Hope you can provide me with the missing puzzle piece!
Thanks, Nik
It looks like you're building the autorization string property.
The last step is to send the request to the Twitter endpoint, setting the value of the header to your authorization string.
https://dev.twitter.com/oauth/overview/authorizing-requests
I am trying to get access token for OneDrive API. I'm using following details for getting access token:
https://login.live.com/oauth20_authorize.srf?client_id=CLIENT_ID&redirect_uri=REDIRECT_URI&response_type=token&scope=wl.skydrive_update
and got this response:
?lc=2057#access_token=EwCAAq1DBAAUGCCXc8wU/zFu9QnLdZXy%2bYnElFkAAcigT92GxO3G9HB%2bKArednttIIIc7hIoMK3NKFGj9/BVQDn%2b%2bGBgvhLMyDlPg%2bPwaklDCVaXEM/j8DS57USZmwMyGYwlyjRnAgQ%2bplHwWmEU2QqbWHWNkpP4QEuC4nuQllB3owSA309d2WeOoVHD%2b0AS86s20FvZy9FT3slOcAHG3iI1jBEIzB6AqyksR/rOdnE3dz4sEKd1TLK8m0dzR72Myv5G9ltYlGRZbojfZwybQE254OihyflOI8/ZGx%2b5HRqjL8eZqu1tpwgWfq0/4p8czUNtSb8pvj12CosWN1PlLl3yWQrMYprja7v0gY6GE7pDXxo6y%2busYOkHfwv6PRUDZgAACBXNy30OOl1qUAFudoejdTAjLDNk1GgVfsEw2pt0ho2jbnOm3BfYwB5BMyyN/vbsx8ATOvbUWZHAcLEghcZP7nEoQsP6Oqw4SVzbsLOXX4ZeFjJDkeeH2hxYAfYPmKcq%2be3lUd75sFa4JkEQk9LHL9GIhWniPTXmsBRvoU0RSt3VI7ZFkS6Fw5iYgRrKPkcLbQDwyHgBayVhvLZlzpwefvx%2bj3KuEHdRNSjlxn2DvikKxduBKrAFSKfBj4E3h0lapNXLimZEzfanyJxu9yz/YR546I1%2b2VNqF3vTBplPMax9rjGIQjHL0Z2qW3NX/0OV3p2CMVNZRVmv6DE52E7sr222gRoeJZL4HyW%2bEZ6qt3Kk4OsmguPrpGux4%2bEHIqEVvljG%2bHaKHnsS3sMKJ1AVQEDMNvc28/dwBAAxGmOyyMEL%2bBlx55gPDw3%2bhyyRxTabeC/XiQzBi5g7l7poAQ%3d%3d&token_type=bearer&expires_in=3600&scope=wl.skydrive_update%20wl.signin%20wl.offline_access%20wl.basic&user_id=992501247416dbdab653d966ad62c6fd
But now I'm confused to find access token, because response access token is too long.
Can any one give me any idea how to get access token?
The response is the in the form of a query string so you can use a query string parsing library to parse the data and allow you to retrieve the access_token by name.
More info here: http://en.wikipedia.org/wiki/Query_string