So, I am throwing a hail Mary pass here, to see if anyone can catch it. I checked on Twitter and came up empty.
I added the following meta tag to the head of a website:
<meta property="twitter:account_id" content="3XXXXXXXX" />
I then confirmed that the tag is in the source HTML in between the head tags
Then from inside my account panel on Twitter there is a "Verify website" tool.
When I enter the URL and click "Verify website, I get the following:
Website ownership cannot be verified. Please add the metatag to your site.
Perhaps someone else has grappled with this and solved the issue? Thanks
I had the same issue. I assume your websites is "https" to fix this you need to temporarily set your website not to display "http" in the address. Once you hit verify it should work and you can change it back to "https" when verified.
Solved!
So I tried the following, to no avail:
Remove the middleware to redirect http:// URLs to https:// URLs (such that the site runs on HTTP without redirecting to HTTPS).
Unfortunately, this change did NOT seem to work by itself... so we clicked on the "Help?" button at the upper-right of the ads.twitter.com account dashboard.
After explaining the issue to the Twitter support staff, they were able to change something in their system (likely, invalidate some cached record somewhere) and the validation successfully went through. So don't be afraid to reach out to Twitter for support!
After verification, we were able to re-introduce the HTTP -> HTTPS middleware on our site, while remaining verified with Twitter.
Related
I'm writing very simple application that uses Instagram basic display to show user's pictures uploaded to IG. However, the first step during OAuth authorization, after succesful login/authorization takes user to https://www.instagram.com/ instead of redirect_uri specified in GET parameter of request.
I followed the docs multiple times, tried different IG users, but without any effect.
I'm using this link to authorize user:
https://api.instagram.com/oauth/authorize?client_id=my_instagram_app_id&redirect_uri=https://localhost/api/ig/proceed/&scope=user_profile,user_media&response_type=code
Application settings:
Settings > Basic > Website > Site URL = https://localhost/
Instagram basic display > Basic display > Valid OAuth Redirect URIs = https://localhost/api/ig/proceed/
Roles > Roles > Instagram testers = My account is added and confirmed in instagram settings.
Apache server runs at localhost and acts like reverse proxy (to provide HTTPS, as it's required for all redirect urls).
ProxyPass "/api" "http://127.0.0.1:8080/api"
ProxyPassReverse "/api" "http://127.0.0.1:8080/api"
I have some unrelated records in etc/hosts, but nothing affects this.
Tried this on all browsers I have - Firefox, Chrome, Edge. The weirdest thing is that it worked on FF for the first time, but no matter what I tried to do (annonymous browsing, recreate the whole app in meta devs, remove authorization from user) I wasn't able to reproduce the right behavior.
Another weird thing is that it works fine on safari browser on iPhone, however I cannot display logs or anything, so I have no idea why. And the redirection ends on localhost (which is obviously not running anything).
The whole thing puzzles me gravely and I'm out of ideas why is this extremely simple use of well documented API is broken (probably just for me)
It was probably caused by short term issue with the Instagram authentication API itself. The problem went away after several days, now everything works flawlessly. I didn't have to take any steps to solve it.
How do I test the Google OAuth 2.0 on my app with localhost, since Google requires a top private domain as the authorized domain?
I tried to look up solutions, but all the solutions given have been a while ago, and I think Google has changed their service since then.
localhost is not a valid top-level domain, and it won't let you generate credentials without setting up a consent screen. You can add more than one authorized domain if you'd like, but you can't leave it empty. But you CAN delete the field if you have no domains / would not like to add domains for now. you just can't LEAVE it empty.
Notice the description -- "When a domain is used". so it's not an obligation to add authorized domain for consent screen. Moreover, the authorized domain here is only related with consent screen. Authorized origins and Authorized redirect URLs needs to be specified in the credentials part, which is all that matters; specifying the origin from which requests will be accepted and where it will be redirected. So just omit the authorized domain in the consent screen.
So how to delete it? Just in case if you haven't noticed, just hover over the field and this little man will pop up. delete it. that's all. Now you should be able to save and continue, where it might ask you to setup scopes.
I know it's really late, hoping it might help others..
After about an hour banging my head against the wall I found this article that has a step by step solution that works (as of July 2020).
Basically you need to create a service account, share the sheet with that account, and then it should work.
All of the other auth methods I tried either raised nonsense errors, or simply silently didn't work.
The list of authorized domains is required before you submit a request for app verification. If you want to configure a localhost redirect URI, that is configurable in your web OAuth client ID configuration.
In case anyone has struck out on the suggestions above, this answer did the trick for me. Set my authorized JavaScript origins URI to http://localhost:8080 in the google API console then emptied my Chrome cache.
Just add an OAuth-consent-screen from here without a domain or valid domain that's up to you, after that create Credentials from here, then select OAuth client ID and enter your from here you can add javascript origin url and there you go you've done.
You add your final domain for when you are ready to become verified. Until then you will generate an OAuth client ID and enable https://localhost:3000 in "Authorized JavaScript origins"
Simple screenshot of the field you can enter localhost
Not beautiful, but works!
I've made local website(domain) on Xampp like test1.com, added that domain in Authorized domains and started Chrome from separate shortcut with parameter --ignore-certificate-errors
Note, that when you start with this flag, Chrome must not be running!
It cause Chrome to open web site in the xampp\htdocs folder and I was forced to go to folder test1.git and then to public folder, where finally site opened and the url was: https://test1.com/test1.git/public
ps. Use port 80 in httpd-vhosts.conf and not 443!
We integrated our application with LinkedIn for sign on over 6 months ago and it's been working fine. Today, we went to developer.linkedin.com for our application to update the "OAuth 2.0 Redirect URLs" to add an additional URL. We previously had the production domain, test domains, and localhost entered. Now, when we save, we receive the "One or more urls are not allowed." error message. Through process of elimination, it appears to not approve our test domain "relode-dev.azurewebsites.net".
I've checked with SURBL and none of the domains we're entering are blacklisted.
Can someone explain why "relode-dev.azurewebsites.net" is no longer valid when it was for 6 months?
After experimenting some more, it looks like LinkedIn doesn't allow any *.azurewebsites.net domains any more. I'm not sure why they created this policy. For now, the workaround seems to be adding your own custom domain to your Azure website and using it in the LinkedIn OAuth 2.0a Redirect URL. You can follow the article at http://azure.microsoft.com/en-us/documentation/articles/web-sites-custom-domain-name/ to set up your custom domain.
If LinkedIn reads this, it would be nice if you notified third-party developers when you make policy changes like this. We've had to scramble for the past few days to workaround this change.
edit: fixed the url to the azure help page (it had an extra word on the end causing it to 404).
I want to start my Dropbox-app by linking to a dropbox account as specified here:
https://www.dropbox.com/developers/datastore/tutorial/js
However, dropbox won't redirect back to my website and throws "Invalid redirect_uri"
I specified various redirect urls and double checked my app_key, but i could not get it to work. What am i doing wrong?
Thanks in advance!
When I had this issue, I realized that when refreshing the dropbox app console page, it hadn't saved my domain value. Apparently, ONLY HTTPS prefixed domains will work. When I added https it worked fine and saved my value, then I was able to get that to work with my javascript, but I was wishing that I didn't have to setup a server with a cert just to test. Security security, I guess.
http://blah.com // didn't work
https://blah.com // did work
Make sure the full, exact URL is registered as a redirect URI. (E.g. https://www.mydomain.com/mypage.html) The error message in the browser should tell you the exact URI that was attempted, so you should be able to match it perfectly.
I am brand new on this and ran into the same issue today attempting to follow the "Dropbox Datastores and Drop-Ins" tutorial on net.tutsplus.com
My setup is on a local system as well with the solution in a sub directory called "todo".
By trial and error, I got through to the authorisation screen by adding this URI in the Dropbox Developer Console: "http://LH.LH/todo/" (without quotes, AND because of comment restrictions on this board, please replace "LH.LH" with "localhost")
Btw I can see in the console, that there are some other issues with the code, but I will be looking into that.
I'm facing the same issue. It works fine locally, but not on production. I find it to be because of the redirection URI: it adds the 'http://' bit, while you can't add this to the list of supported URI in the Dropbox app list.
Try changing the url manually from the browser, removing the http:// and leaving only the domain. Does it work? If so, you have the same problem as I do... which I still don't know how to fix :(
I have been trying to put twitter's new tweet button on my wordpress blog. I have tried code provided on official twitter website, and couple of wordpress plugins to add tweet button on the blog. But on every try I am running into same issue. When I click on tweet button it goes to the twitter website but says
url' parameter does not contain a valid URL.
Could anyone please suggest me the way out for the same. thanks in advance!
Use this plugin: http://wordpress.org/extend/plugins/wp-tweet-button/
It works fine for me, and has couple of options to choose from.
hmmm.....I don't know why this is happening but I think you are using a local server and your url contains some ip address so that when you are clicking on the tweet button it will take your ip address also to connect with tweer site.
So it make url invalid, work on live site I think it will work.all the best.....