The twitter api keeps refusing my credentials, no matter what shared library I use. Is there any reason for this?
Twitter no longer allows BASIC AUTHENTICATION on its API. You need to do OAUTH authentication. This is most likely the problem you are having. If you need further help, you need to post some code, what library you are using, and exactly what part of the API you are trying to access.
Related
i am currently searching for a way to login into the Twitch-API using an already given id-token (oauth or even better oidc) with or without a NodeJS backend.
Background: I am using firebase connecting to various services next to Twitch-API such as Youtube (Google API), Twitter and Co. I want to use my id-token for each service.
The official documentation doesn't tell if that is possible or maybe i just couldn't find it.
Hopefully there is a solution just not yet documented.
I will struggle with the same problem using the other services aswell.
Thanks alot
You absolutely would need to create your own OAuth token as it is tied to the same Client-ID as the account that generates it.
https://dev.twitch.tv/console
Authentication has it's own flow and endpoints with the way kraken v5 and helix work.
https://dev.twitch.tv/docs/authentication
With the latest changes to the API everything now requires both the Client-ID and OAuth before it will return the requested values.
https://discuss.dev.twitch.tv/t/requiring-oauth-for-helix-twitch-api-endpoints/23916
I'm not sure exactly what "id-token" is but i'm going with "twitch-user-id and access-token".
If you have a valid access token, you have access to whatever the scopes were defined when that token was generated, you can update the token with the refresh token if you need to.
You would need to supply the Client-ID of the application the token was generated for aswell.
Unless "id-token" is meant for a different system.
Im really just looking for some guidance here.
My goal is to create (for instance) a webpage, client will then enter there authentication details on that site, which will talk to the wso2 Identity server, which in turn will talk to either facebook, or some oauth provider and authenticate the user. The user will then be allowed to use that site.
What im looking for is the url for the wsdl. I've read quite abit an notice alot of people talking about the wso2 API Manager. Do i need to install that?
Thank you in advance.
p.s: I asked a similar questions here. The answer got me pretty far, however using soapUI on the RemoteUserStoreManagerService wsdl, i am unable to auth facebook users. Also i will be using php to write this website.
I have had a search around stackoverflow, but was unable to find an answer to my question, so I thought I'd ask.
I'm currently working on an iOS app where I would like to get a feed of a public timeline without the user of the app being required to have a twitter account.
I am successfully able to do this using twitters v1.0 of the API and all works perfectly. Simply making a request to http://api.twitter.com/1/statuses/user_timeline.json?screen_name=username retrieves all the information that I require.
However, since v1.0 has been deprecated and V1.1 requires authentication for each request, I get a bad authorization error using this API. Having looked at the Twitter documentation and how to generate OAuth request headers, I don't fully understand the "Getting a signing key" section of the documentation in the link below. (this is my first time working with Twitter's API and OAuth, I'm trying to gain a good understanding, before I start the implementation)
https://dev.twitter.com/docs/auth/creating-signature
As I understand it, the consumer secret can be found when logging into twitter.com/apps but I'm not sure where I would get the "OAuth Token Secret" in order to generate a valid signing key.
Since this is an iOS app, I know I could use the TWRequest class, but to my understanding, this would require the user to have twitter setup on their device.
I hope the above makes sense and any help would be appreciated.
Thanks
If you go to the Twitter application you have set up https://dev.twitter.com/apps
You should see your Access token secret under the heading Your access token. If you don't see this then you probably haven't generated an access token yet.
I wanted to build a simple WP7 app to learn how to use Silverlight, so I thought I'd create a very simple yammer app. As a starter it would have two screens - Login (Username & Password) and Feed.
Yammer user OAuth for its authentication but I just dont get it! i appreciate you need to request a token to use the REST interfaces, but I dont want my users (even if its just me) to need anything other than their login credentials, as they would use on the website. In my head the token can be used in a similar manner as a forms auth token in asp.net
Am I missing something? But I cant see anything in the yammer documentation about logging in.
The process for OAuth is as follows
You do a token request to Yammer. If needed they will ask for yammer credentials and send a token back to a URL of your application
You must use that token to sign all your petitions.
You can't stop Yammer asking for credentials because that's the idea of OAuth. Yammer does not trust you and it's impossible for you to keep any user Yammer's credentials. That way they can't be stolen from your site. The more you can store is a temporal token.
There is a very good guide to using OAuth on hueniverse, which features an example workflow. It's not completely up to date with the latest version of the spec, although this probably doesn't matter too much for your purposes.
Greetings!
I have some troubles enabling OAuth authentication for my web
application running on Ruby on Rails. I am using authlogic and
authlogic_oauth and that is, in the end, using OAuth gem and therefore
I decided to ask here. So shortly:
I succesfully "register" (i.e. obtain the first Access Token for the
user) but then, whenever I try to "login", I receive a differenct
access token for the same Google Account, the Authlogic-oauth plugin
fails to find the user and the login crashes. Maybe I don't understand
it right but is not the AT supposed to be the same every time. And can
it be a problem that I am accessing Google from http://localhost even
though the Customer keys are for different domain?
anyway, thanks for any reply ... I spend already 2 days with that
issue and debugging doesn't seems to lead me anywhere
Jakub
PS: I sent that question on Google Group oauth-ruby - sorry to anyone reading both channels
The AT is supposed to be different every time. OAuth is not an authentication protocol, it is an authorization delegation protocol. Try using OpenID instead: http://code.google.com/apis/accounts/docs/OpenID.html
Twitter does not give out different tokens which allows OAuth to be used as an authentication mechanism. LinkedIn doesn't do that meaning you may only use OAuth as an authorization protocol (which is what it was intended to do).
However, there is a useful API for pulling in data from LinkedIn. Of particular interest could be the Profile API.