I am using Google Picker inside of my project. Now, it has to use the OAuth token or you get the message ("Invalid credentials (missing or invalid oAuth token)").
I want to get that token from my user. I don't know how to do it.
I know it has to use OAuth 3-legged to get permissions of my client.
Can you help me, please?
Diego.
Well, I have manage my problem using OAuth 2.0 and this library. Ask me if you have any problem.
Related
I got the access token using Oauth 2 in Quickbooks Intuit developer apis.
The scope is com.intuit.quickbooks.accounting
I was able to get access token and refresh token using Quickbooks authentication and authorization endpoint.
Then I tried to get companyInfo with calling this api.
https://sandbox-quickbooks.api.intuit.com/v3/company/companyId/companyinfo
When calling this api or others, I am always getting this error.
Message: message=AuthorizationFailed; errorCode=003100; statusCode=403, Detail: The access token does not have sufficient scope
I am sure access token is right. but I am not certain why I got this error.
Please help me.
Thanks
I faced the same problem and then I came to know that my quickbook client was initializing with empty client_id and client_secret. it worked after i changed those to right values.
Having trouble finding the information in OneLogin regarding client_credentials.
I'm just looking to setup the flow for an API that we have.
A client app will request a token using client_id, client_secret, then use that token to access our API. Was hoping that OneLogin was a token provider, and could even assist in some way.
I've gotten as far as setting up a developer account, then creating an API, but I have been unable to obtain an access token from the API - and even if I did it seems to be a token I would use to access the other features in the OneLogin API.
Can anyone tell me if what I'm trying t achieve is possible with OneLogin?
Machine to Machine, or client to API communication.
Thanks in advance!
I'd recommend setting this up with OpenID connect:
https://developers.onelogin.com/openid-connect/api/password-grant
This will generate a token (and refresh token) that can be validated against OL.
Hello kind people of the internet.
Does Google OAuth2.0 support an OAuth-flow for a Resource Owner Password Credential Flow?
...and if so, then:
A.) can this type of OAuth flow be tested on the Google OAuth2 Playground?
B.) are there any examples of the "Resource Owner Password Credential Flow" with Google OAuth2.0 and the Google APIs?
Per an OAuth presentation recently in Oslo NDC 2013, this subject flow apparently skips the authorization end point all together and directly talks to the token end point of the OAuth2 server. The request syntax incantation would supposedly look something like this:
grant_type=password&
scope=resource&
user_name=owner&
password=password&
My understanding is the Resource Owner Password Credential Flow is for trusted applications in a back-end enterprise type of situations (where a name-password pair could be securely stored).
This particular OAuth flow would require no end-user consent interaction (no pop-up of a browser to Accept, then get a returned authorization-code, etc). In this subject flow the access & refresh token are directly returned, again: with no end-user interaction (albeit after an entry of a username-password).
Looking through the Google OAuth documentation ( link to Google OAuth2 docs ) there does not seem to be any mention of anything resembling Resource Password Credential Flow, but not sure that necessarily means it is explicitly not supported by Google.
Any help or advice would be much appreciated.
thanks in advance
Dear kind internet person,
it is true that Resource Owner Password Credential Flow is not supported on Google but google suggests you use the Installed Application Flow, which is described in: https://developers.google.com/accounts/docs/OAuth2InstalledApp.
You would need to create an Installed Application in the Google Console (https://code.google.com/apis/console), when you do that you can fetch the client_id and build a GET request with the parameters, which would look like so:
https://accounts.google.com/o/oauth2/auth\?
scope\=<scope>\&
redirect_uri\=urn:ietf:wg:oauth:2.0:oob\&
response_type\=code\&
client_id\=<client_id fetched from google console>
You would construct this URL and navigate to it on your browser, allow access for the app and google would give you what I believe is a code which you can use to get credentials. You can use those credentials to get an access token and refresh it, and this credentials is permanent. There's a good example of that on github. Note that you only need to get those credentials manually once, and then you save those credentials somewhere and keep using them to get/refresh tokens.
Hope this helps!
As far as I know, No. The OAuth 2.0 stuff is for Google accounts, for which Google does authentication.
I am trying to get a request token from twitter, and I've been having some problems with it. I used twitter4J to see if it would work with that and it does, but when I use the twitter oauth tool to get a valid authorization header, and copy and paste it as the authorization header for http://api.twitter.com/oauth/request_token in the twitter developer console I get a 401 error ("failed to validate signature and token"). I have tried this same copy and paste method for other requests that require authentication and it works but it just won't work for this request. Any suggestions as to what is going on?
Ok I figured it out! The problem was that the oauth access token is included in the header when you use the twitter oauth tool, with the access token being that of the twitter account related to your application. But if you are using the request_token url you shouldn't already have that, and that is why it throws the error. Thus the twitter oauth tool is useless for a request to this url.
I have successfully implemented user authentication using GITKit and I was wondering if it's possible to get OAuth access tokens to be able to access user's gmail account, address book etc...
Could you guys, help me to figure it out ? Thank you very much !
If I understand correctly, verifyAssertion has parameter returnOauthToken which will add oauth token to the data returned by it.