I am trying to get access token for OneDrive API. I'm using following details for getting access token:
https://login.live.com/oauth20_authorize.srf?client_id=CLIENT_ID&redirect_uri=REDIRECT_URI&response_type=token&scope=wl.skydrive_update
and got this response:
?lc=2057#access_token=EwCAAq1DBAAUGCCXc8wU/zFu9QnLdZXy%2bYnElFkAAcigT92GxO3G9HB%2bKArednttIIIc7hIoMK3NKFGj9/BVQDn%2b%2bGBgvhLMyDlPg%2bPwaklDCVaXEM/j8DS57USZmwMyGYwlyjRnAgQ%2bplHwWmEU2QqbWHWNkpP4QEuC4nuQllB3owSA309d2WeOoVHD%2b0AS86s20FvZy9FT3slOcAHG3iI1jBEIzB6AqyksR/rOdnE3dz4sEKd1TLK8m0dzR72Myv5G9ltYlGRZbojfZwybQE254OihyflOI8/ZGx%2b5HRqjL8eZqu1tpwgWfq0/4p8czUNtSb8pvj12CosWN1PlLl3yWQrMYprja7v0gY6GE7pDXxo6y%2busYOkHfwv6PRUDZgAACBXNy30OOl1qUAFudoejdTAjLDNk1GgVfsEw2pt0ho2jbnOm3BfYwB5BMyyN/vbsx8ATOvbUWZHAcLEghcZP7nEoQsP6Oqw4SVzbsLOXX4ZeFjJDkeeH2hxYAfYPmKcq%2be3lUd75sFa4JkEQk9LHL9GIhWniPTXmsBRvoU0RSt3VI7ZFkS6Fw5iYgRrKPkcLbQDwyHgBayVhvLZlzpwefvx%2bj3KuEHdRNSjlxn2DvikKxduBKrAFSKfBj4E3h0lapNXLimZEzfanyJxu9yz/YR546I1%2b2VNqF3vTBplPMax9rjGIQjHL0Z2qW3NX/0OV3p2CMVNZRVmv6DE52E7sr222gRoeJZL4HyW%2bEZ6qt3Kk4OsmguPrpGux4%2bEHIqEVvljG%2bHaKHnsS3sMKJ1AVQEDMNvc28/dwBAAxGmOyyMEL%2bBlx55gPDw3%2bhyyRxTabeC/XiQzBi5g7l7poAQ%3d%3d&token_type=bearer&expires_in=3600&scope=wl.skydrive_update%20wl.signin%20wl.offline_access%20wl.basic&user_id=992501247416dbdab653d966ad62c6fd
But now I'm confused to find access token, because response access token is too long.
Can any one give me any idea how to get access token?
The response is the in the form of a query string so you can use a query string parsing library to parse the data and allow you to retrieve the access_token by name.
More info here: http://en.wikipedia.org/wiki/Query_string
Related
I am trying to integrate Power Automate (Workflow service) with SmartSheet using OAuth 2.0
I have got the auth code successfully and when I finally try to get the token, it throws the message - 'You are not authorized to perform this action.' with error code 1004
I tried in Postman with the same result.
I believe the problem is that you're specifying all 5 values via the Request Header. Only Content-Type is specified via the Header -- the other four parameters (client_id, client_secret, code, and grant_type) should be specified via the query string. You're getting the not authorized error because Smartsheet is looking for the value of client_id etc. in the query string but not finding it there.
For example, here are screenshots from Postman that show setting Content-Type via the Headers and the other four parameters via the Params:
Trying to post events to user calendars for our organization. Getting a 401 error.
Azure admins created an app/user, and gave permissions
Delegated Graph Permissions: Calendars.ReadWrite
App graph permissions: Calendars.ReadWrite
I can connect to the OAuth token generation end point, and retrieve a token. Using that token, I can't send my JSON payload and create a series of calendar events, I get a 401. The JSON is known good - I can copy/paste it into the graph explorer tool and get correct results.
I've examined a generated token using jwt.ms and I'm not seeing anything related to permissions, calendars, etc.
Our Azure logins use empIDnumber#example.com and I've been told that is what our userPrincipalName is
I've tried changing the URL end point with no change-
/v1.0/users/empIDnumber#example.com/calendar/events
and
/v1.0/users/empIDnumber#examplecom.onmicrosoft.com/calendar/events
Where should I look next?
Solved.
Slight typo in the content of the JSON I was sending, was only able to find it by doing the POST using postman. Java was throwing an exception, not showing the returned string as well as the exception message, but postman showed the returned JSON with content regarding malformed date/time.
Still got 401 exceptions though, so The Fix Part II was to add an Accept-Encoding property set to application/json to my http client request options array.
Still no claims showing up in my tokens, but that is a non-issue apparently.
I use django-allauth to get an access token.
Then i make this call :
https://graph.facebook.com/v2.8/10153430807524570/?access_token=' +
access_token
And i get this error message :
{'error': {'type': 'GraphMethodException', 'code': 100, 'fbtrace_id':
'GILhd/N+d7D', 'message': "Unsupported get request. Object with ID
'10153430807524570' does not exist, cannot be loaded due to missing
permissions, or does not support this operation. Please read the Graph
API documentation at https://developers.facebook.com/docs/graph-api"}}
when i use the access token from the Graph API explorer, it works.
The 2 access tokens are different.
Got an answer for my problem.
It is a matter of permissions : Django-allauth access token and the one i get from Graph explorer are not giving the same permissions.
I am using Google OAuth Playground to generate tokens to test my REST API. I enter profile,email in scope text field of playground. It returns the id_token and use this id_token to get userinfo from link
https://www.googleapis.com/oauth2/v3/tokeninfo?id_token as stated here in documentation https://developers.google.com/identity/sign-in/web/backend-auth.
But it doesn't return any userinfo in JSON.
User info can be retrieved using the below endpoint using your access ID.
https://www.googleapis.com/oauth2/v3/userinfo
What you are doing is retrieving token info using id_token which is different from retrieving the user's info (although some returned data overlaps).
Hoping someone can help me out here. I'm using Google Contacts API to fetch a list of contacts. To my understanding, this is done by sending a GET request:
https://www.google.com/m8/feeds/contacts/default/full?alt=json&max-results=9999&oauth_token=OATH_TOKEN_HERE
However, this is wildly insecure as any intruder can gain access to the oauth_token in the URL. To combat this, I'm trying to send this as a POST request with my parameters (alt, max-results, oauth_token) as the data. However, I simply get an error that "Authorization is required". I've tried adding "Authorization: OAuth" to my headers but to no avail (get an error that authorization type is not recognized).
Any advice? I need a secure way to send the oauth token to Google such that my security software won't complain about a security hole in my program ...
Thanks!
To answer your question directly, even though security is irrelevant as you are using HTTPS, you cannot POST to Google to get a list of contacts. Google requires you use Get.
The proper formatting for authorization (Because you can still use a Get and not pass the oauth_token as a query string is to use an HTTP Header formatted:
Authorization: Bearer 1/fFBGRNJru1FQd44AzqT3Zg
Using OAuth 2.0 to Access Google APIs