I am integrating Yammer in my application and I am using OAuthConsumer Component of cakephp.
After yammer authorization it is not redirecting me to the callback url.
The token generated by get_request_token function is an array having key and secret. After generating token it is redirecting me to Authorize page of Yammer but once i click Authorize button, it is displaying the code there. I am passing the callback url (http://localhost.com/test/yammer/callback) in the get_request_token also.
Related
What should I enter for callback URL when trying to generate a new access token in Postman? I'm using a Client ID and Client Secret from my Twitter Developer account.
It should be the same callback URL that you registered on Twitter when generating a client ID and secret. If you haven't provided any URL there, then you can use anything (e.g. http://localhost).
If you're calling the token endpoint from postman (as I think you are), so you want to exchange the code for tokens, then you should use the same callback URL that you used in your authorization request.
I'm using Postman a lot for API development. Most of time I use OAuth 2.0 for authentication. As this post says, the Authorization Code flow steps are as below:
The application opens a browser to send the user to the OAuth server
The user sees the authorization prompt and approves the app’s request
The user is redirected back to the application with an authorization code in the query string
The application exchanges the authorization code for an access token
In step 3, I think the user is redirected back to the application by using the redirect url. But what we always provided in the request is the configured url for real application that should get the auth code instead of Postman. I'm quite confused how can Postman get the auth token as the redirect url has no info about it.
The identity provider will create the authorisation code and return it to the redirect URI as a query string parameter, in a parameter named code the url will be yourdomain.com/app?code=authorisation-code
In postman it is possible to retrieve an access token for a Authorisation Code flow client.
Click the authorisation tab for a request, in the type select oAuth 2
Then click the orange Get Access Token button, it will prompt a new window where you can input your client & idp information.
When you click the request token button it will prompt you to enter your credentials at this point it will retrieve the authorisation code and automatically exchange it for an access token using the client id, secret and scopes that you configured on this screen, if everything is successful then you will receive your access token.
I am currently tracking a question on how to automate this process to be executed as part of the execution runner: Postman - Access Token Retrieval using Authorisation Code grant type
I am using the below link https://github.com/okta/samples-js-react/tree/master/okta-hosted-login from GitHub to create an application for okta react. it works fine but when I am trying to access the application from okta tile with the below configuration in okta:
"Send ID Token directly to app (Okta Simplified)"
Then I am getting error cannot post in react UI.
The value of Initiate login URI is http://localhost:3000/implicit/callback
Send ID Token directly to app (Okta Simplified): When the end-user clicks on the application chiclet at Okta dashboard, Okta mints an id_token and makes a POST request to the 'initiate_login_uri' with the id_token in the body of the POST request.
You could handle POST request in your server and then redirect to a page in your app.
I'm using the LinkedIn Javascript SDK on my website in order to allow users to register and log in via Linked In.
I want to achieve this without redirecting the user to Linked In, but instead via the popup window.
The issue is, I'm not sure how to securely get an access token, which I can then use to get the users profile and create an account.
Currently, via the Javascript SDK, I can log the user in without redirection, and receive a oauth_token, which I then post to by backend. My Here is my code:
IN.User.authorize(function(){
$.ajax({
type: 'POST',
url: '/auth/li/'+IN.ENV.auth.oauth_token,
});
});
This succesfuly sends the token to my server, but how do I use it to then get an access token in order to use in the backend?
I tried to simply convert it to one using the LinkedIn API with
https://www.linkedin.com/oauth/v2/accessToken
but I get an error
Unable to retrieve access token: appid/redirect uri/code verifier does not match authorization code. Or authorization code expired.
I sort of understand the error, as with the javascript SDK there is no redirect URI.
With the Facebook SDK/API, on successful authorisation via the Javascript API, a cookie encrypted with my app secret is stored, and my backend can decrypt and read it, and then finally create an account.
Is there something like that in LinkedIn that I missed?
I have the same issue, with Google and Facebook SDK I can get access_token but linkedin SDK auth_token is not working. I think we need access_token but don't know how to get that with linkedin SDK.
I have come up with a solution. I ended up not using the javascript API. What I did was generate a login URL on my server and retrieved it via AJAX. I then created a javascript popup window and aimed it at the login url. One the user authenticates, linkedin redirects to my selected redirect URL within the popup, and I can then authenticate on my side (and close the popup).
I've a Login with salesforce functionality enabled in my application. When I generate a login oauth url which consists of app secret and ket and after sending a get request using browser It redirects me to a previously used cache instance url.
It should redirect to https://login.salesforce.com/?ec=302&startURL=%2{someurl}
but instead it's redirecting to https://myinstance.salesforce.com/?ec=302&startURL=%2{someurl} although I'm logged out of salesforce and this url only accepts my login credentials which are linked with my instance where as login.salesforce.com accepts anyone's login credentials.
if I use incognito window it works fine and I've even tested the oauth url using postman the response is a html file which has javascript function which redirects to login.salesforce.com/?ec=302&startURL=%2{someurl}
Is there anyway I can solve this issue or force my oauth url to redirect to login.salesforce instead of cached url.