Salesforce webserver Oauth 2.0 integration - oauth

I am developing a google app engine - java project where I want to integrate Salesforce APIs.
I want to authorize user with Oauth 2.0 and want to retrieve contacts of the authorized user.
Salesforce API returns code in response of the first request and then again I request for the access token from the code.
With the access token when I call any of the service API it gives me following error
[{"message":"Session expired or invalid","errorCode":"INVALID_SESSION_ID"}]

I found the issue.
In configurations Administration Profile was missing to be connected with Apps whose client ID and secret I was using.

you are not getting valid access token.
generate the proper url to get the access token
https://developer.salesforce.com/page/Digging_Deeper_into_OAuth_2.0_at_Salesforce.com
For more proper information, you can have a look of this

Related

How to get access token via rest template call for docusign in springboot app?

I am new to the Docusign integration in springboot gradle application. I am trying to get access token in spring boot app using Rest template but there is no way we do that as per their docs and all. We can only get access token by generating URI using integration key and other things and the we have to copy that uri and paste it to the browser to get code token which we can use to then get JWT access token through API call.
Can we not create JWT access token through rest API calls in application only, please I need all your here...
Thank you in advance!!!
Auth Code Grant requires a browser and user interaction (log in)
JWT authentication does not and you can use this to have your app generate an access token without the user having to open a browser.
However, a one-time consent is required for JWT as well and you can do that manually once and no need to worry about this again.
I would strongly suggest to use the Java quickstart, because not only it gives you working code, it configures everything for you automatically.

AWS Cognito Authorization Code grant securing API gateway with access token iOS app

I used Serverless to create API gateway endpoints + lambda functions. I want to secure API gateway endpoints using the access token oAuth. I am trying to provide credentials (sign up and sign in) in my iOS native app. Here are the facts I learned.
I want to secure my API gateway using OAuth and access token.
Because I have already created API gateway endpoints and lambda functions, Signup and Sign in using Amplify is not the best idea. I can't use Amplify's access token in the API gateway because in the Cognito user pool (under App Client Settings) I have selected Authorization Code grant (instead of implicit which is not that secure and client credentials are for the machine to machine) type OAuth flow.
I have in app Sign up and Sign in UI and don't want to use Hosted UI.
I want to authenticate and authorise users of my app.
My question is:- Can I use the Authorization code grant type without using Hosted UI or web browser? i.e. make a rest call with username and password and get the Authorization code. Once I get the Authorization code then make a call to the token endpoint to get the access token. Once I get the access token then call API gate with that access token. All of the above natively without using a browser or hosted UI.
Thank you very much in advance.

How to generate oauth token using QuickBooks API and postman?

Can anyone help me on generating OAuth token using QuickBooks API and postman?
I am not able to create one using API.
and can u help me to get sample account data from an account QuickBooks API ?
You can refer the following blog which shows how to generate OAuth1 tokens using OAuthPlayground tool and use those tokens in POSTMAN to make any API calls.
https://developer.intuit.com/hub/blog/2016/04/25/quick-start-to-quickbooks-online-rest-api-with-oauth1-0
You can try the entire QBO POSTMAN collection from the link below.
https://developer.intuit.com/docs/0100_quickbooks_online/0400_tools/0012_postman?isExpand=false#/1500
You can't generate OAuth tokens via Postman.
The whole point of OAuth is to give the end-user a UI-based process to click through and provide tokens.
Use the UI components Intuit provides to get your tokens.
https://developer.intuit.com/docs/0100_quickbooks_online/0100_essentials/000000_quickbooks_online_overview
I recently had to download QBO's postman collection to debug an integration issue with my app. I use OAuth2.0 with Authorization Code as the grant type to authenticate a user from my app to QBO. This is what QBO offers now and its not upto the app developer's discretion.
You can download the QBO's Postman collection from here.
To access QBO's endpoint from Postman, you must first create and register an app entry with QBO. Doing so will give you ClientID and ClientSecret which are needed for authentication purposes. Also put https://www.getpostman.com/oauth2/callback as the RedirectURI for your app since you will be authenticating using Postman. If you have your website up and running, you can put the link to your website as the RedirectURI.
Once you open the collection in Postman, open the Accounts endpoint and switch to the Authorization tab
Click on Get New Access Token.
CallbackURL is going to be what you put in the RedirectURL you registered your sample QBO app with.
AuthURL and AccessTokenURL are taken from the QBO link I mentioned above. Paste these as is.
ClientID and ClientSecret are the keys you get once you register your sample app with QBO.
Scope can be used as is since you need to access the accounting endpoint.
State can be any string that is returned intact after a successful authentication with QBO. It is something that your app can use for an extra check to ensure that you got a response from the right authorization server. Put any length string(do not leave it blank) in this case because we are only accessing the endpoints using Postman.
ClientAuthentication is set to Send client credentials in body as instructed by QBO.
Once you click on Request Token, you will be redirected to QBO's login page inside Postman itself in a new popup window. Successful authentication will close the popup window and give you an Access Token. Clicking Use Token will set the token in the body at the time of Send Request.
Make sure you know your companyid and that you are targeting the right baseurl. Notice that Im using minorversion 9 because thats what my app uses. You can choose to stick with 14.
Hitting Send Request should get you some accounts objects in the response.

Using REST api and oAuth2 with iOS app

I'm a complete beginner in RESTful services in general. I am required to make an app that would require a user to log in with his credentials and then use the oAuth token to access the provided api.
I registered the app that I made and I have the Client ID and Client secret.
Now I have two questions:
How should the URI look like when I try to get the oAuth token?
What is the redirect uri used for?

Google Developer Console Doesn't List Mail API

The Google Developer Consoles (even the old version) no longer lists the Mail API in the list of available APIs.
I'm trying to develop a web application which acts on behalf of users to manage their Gmail, like Mailbox. This requires using the Gmail IMAP API with XOAUTH2 authentication with an OAuth 2.0 access token. The documentation instructs provisioning OAuth 2.0 token with a https://mail.google.com/ scope. Provisioning credentials for a web application then requesting a token with this scope yields a 403 response with an accessNotConfigured error. There are options in the developer console for configuring other APIs, but there is no option to configure access for the Mail API.
Attempting to provision the mail scope in the Google OAuth Playground using their client credentials works correctly and the resulting access token can be used to access Gmail IMAP with XOAUTH2.
Have Google disabled OAuth 2.0 authentication for Mail using new credentials, or is it just hidden? I can't find a way to contact them and ask for Mail API access.
Just create any client id it doesn't matter what API you select. When you make the authentication request send the scope of https://mail.google.com/. That will get you the access token you need to login to the imap server.

Resources