How do you get an access token from the wunderlist api using oauth?
The wunderlist documentation says:
Wunderlist redirects back to your site
If the user accepts your request, Wunderlist will redirect to your redirect_uri with a temporary code in a code parameter as well as the state you provided in the previous step in a state parameter. If the states don't match, the request has been created by a third party and the process should be aborted.
Exchange code for an access token:
POST https://www.wunderlist.com/oauth/access_token
I do not understand
Exchange code for an access token
am I supposed to redirect to https://www.wunderlist.com/oauth/access_token to get an access token?
Exchanging the code for an access_token is done by executing an HTTP POST message to the token endpoint, in your case to https://www.wunderlist.com/oauth/access_token, with JSON data as specified in: https://developer.wunderlist.com/documentation/concepts/authorization. Using cURL it would look like:
curl -H "Content-Type: application/json" -d '{ "code":"<CODE>", "client_id": "<CLIENT_ID>", "client_secret": "<CLIENT_SECRET>"}' https://www.wunderlist.com/oauth/access_token
Related
I'm in the context of an embedded devices that uses an HTTPS client to request an access token on behalf of a user (delegated permission needed for the app).
I'm currently using OAuth 2.0 ROPC (https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth-ropc) to get my token and everything works fine.
But since this authentication is deprecated I'd like to change to a more secure solution that works in hybrid identity federation scenarios.
I see that many other solutions exists, but I can't find one that doesn't need to interpret an HTML/JS response.
Here a CURL example to explain my point:
ROPC request:
curl -X POST "https://login.microsoftonline.com/<tenant_id>/oauth2/v2.0/token" --data "grant_type=password&scope=EWS.AccessAsUser.All&username=<username>&password=<password>&client_id=<client_id>&client_secret=<client_secret>" -H "Content-Type: application/x-www-form-urlencoded"
Response:
{"token_type":"Bearer","expires_in":3599,"ext_expires_in":3599,"access_token":"eyJ0eX....1234"}
Here I can extract the token directly from the response.
But using other ways to get delegated permission token such as OAuth 2.0 Implicit Grant flow (https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-implicit-grant-flow), responses are always an HTML that I can't interpret.
So here I am wondering if there is a solution to this situation.
Thanks in advance,
Aloïs KYROU
You cannot use the implicit flow to obtain the token in the tool, you can only run the request url in the browser. Because using the implicit flow requires you to log in. Please note that before this, you must enable id token and access token.
Request the id token and access token in the browser.
https://login.microsoftonline.com/{tenant id}/oauth2/v2.0/authorize?
client_id={client id}
&response_type=id_token token
&redirect_uri={redirect_uri}
&scope=openid EWS.AccessAsUser.All
&response_mode=fragment
&state=12345
&nonce=678910
I need your help....
I need some code to get me started with an application I'm working.
I have a MVC5 app that will login users into the Planning Center and then redirect back to my website to perform some tasks. The problem at hand is that I'm having a hard time understanding how to authenticate users using the OAuth 2.0 specifications. Provided below are the details that the Planning Center requires in order for me to login and use their API:
1.Redirect the user’s browser to https://api.planningcenteronline.com/oauth/authorize?client_id=CLIENT_ID&redirect_uri=https://example.com/auth/complete&response_type=code&scope=peoplereplace CLIENT_ID and https://example.com/auth/complete with your actual redirect URI).If you need different scope, replace scope=people appropriately (see “Scopes” section below).
2.Planning Center will redirect the user’s browser back to the given redirect URI with a code param.
3.Send a POST request in the background to https://api.planningcenteronline.com/oauth/token with the following params:
{"grant_type": "authorization_code", "code": "CODE_FROM_STEP_2", "client_id": "CLIENT_ID", "client_secret": "CLIENT_SECRET", "redirect_uri": "https://example.com/auth/complete"}
(replace CLIENT_ID, CLIENT_SECRET, CODE_FROM_STEP_2, and the redirect URI appropriately).
curl -X POST https://api.planningcenteronline.com/oauth/token
-F grant_type=authorization_code
-F code=1234567890
-F client_id=2345678901
-F client_secret=3456789012
-F redirect_uri=https://example.com/auth/complete
The response you get back will contain the access token and other information.
{
"access_token": "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef",
"token_type": "bearer",
"expires_in": 7200,
"refresh_token": "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef",
"scope": "people",
"created_at": 1469553476
}
Use the access token for all API requests by passing it in the Authorization header, using the Bearer authentication scheme.
curl -H 'Authorization: Bearer 1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef' https://api.planningcenteronline.com/people/v2/people
For the full link to the documentation - https://developer.planning.center/docs/#/introduction/authentication
I just need to get started and I'm not sure where. Most of the examples out there are hard to understand and doesn't give enough details.
Any help would be appreciate it.
Thank you in advance.
In the authorization code flow you need to make two requests in order to get a token back from the authorization server. The first one is made to the authorize endpoint where the user is asked to login. After successful login the client will get back a code from the authorization server, hence the name authorization code flow, to be used in the second request to the token endpoint. By sending a valid code, the server will send a response with the access token so you can access the protected resource with it.
You can get more information from the sequence diagram in the auth0 web site:
https://auth0.com/docs/flows/authorization-code-flow
can anyone help me I am trying to call below request
curl https://rtm.zopim.com/stream/{resource} \
-H "Authorization: Bearer {API access token}"
initially, I tried with basic auth (adding id : password in the request) response was unauthorized,
then I generate access token with postman like in below screenshot
and when call API with that access token then the response is 403 forbidden
I can successfully hit and get response other api like ( https://www.zopim.com/api/v2/chats) with the same access token
but not the specific "rtm.zopim.com/stream/"
The Real Time Chat API is available on Enterprise plans only, so if you are not on the Enterprise plan you will receive a 403 Forbidden error.
I was using apim 3-m18 previously and post'ing to localhost:9443/api/auth/oauth2/v1.0/token?grant_type=password&scope=apim:api_view with the basic auth token of clientid:clientsecret returned from /api/id4entity/oauth2/dcr/v1.0/register endpoint worked fine in giving me the oauth token for admin api's - e.g. the logic laid out at wso2 API-M 3.0 - how to get oauth token for product/admin api calls
However, I upgraded to latest rev (m24) and the dcr register endpoint still works fine, but when I then hit the token api with the base64-encoded clientid:clientsecret from dcr, the request hangs before i get a timeout error.
When I exit m24 and restart m18 and make the exact same requests (dcr call for clientid/secret, then token api call), it works. Then switching to m22 fails with same requests.
I didn't see any documentation or issues in github on this, so was curious if anyone knows what I might need to change to get the oauth token. Thanks.
Could you please use the following curl command
curl -X POST -H "Authorization: Basic N2Y4MzM0ODEtNjk1ZS00OWY4LTg0OTgtOGU0NjUwNzhmYjljOmU1NmZlOTM3LTQwZjYtNGEwMy04MDIzLTE4ZGE0YmZmNWU3OA==" -H "Content-Type: application/x-www-form-urlencoded" -d 'username=admin&password=admin&grant_type=password&scope=scope' "https://localhost:9443/api/auth/oauth2/v1.0/token" -kv
Authorization token is Base64 encoded(clientId:clientSecret)
I am using OAuth 2.0 for Authorization process.
I have requested for Authorization Code with this url:
https://www.box.com/api/oauth2/authorize?response_type=code&client_id={MY_CLIENT_ID}
Then I was redirected to box.net login page for authorization.
I have entered credentials for my Box.net account.
Granted access for account.Then I got Authorization code which I encoded in URL and sent a request with this:
https://www.box.com/api/oauth2/token?grant_type=authorization_code&code={AUTHORIZATION_CODE}&client_id={MY_CLIENT_ID}&client_secret={MY_CLIENT_SECRET_ID}
I got this response:
{"error":"invalid_client","error_description":"The client credentials are invalid"}
I have checked my Client Id and Client Secret Id many times. Those are correct. What can be reason for such an error message?
As the official documentation states:
To get the access_token, you’ll need to make a POST request to https://www.box.com/api/oauth2/token with the following parameters...",
Although all the parameters including client_id, client_secret, grant_type and code are right, if you don't make a POST request to the url, you will get error: "invalid_client".
Try:
curl https://www.box.com/api/oauth2/token \
-d 'grant_type=authorization_code&code={your code}&client_id={your client id}&client_secret={your client secret}' \
-X POST