Citrix: Bad Request on refreshing the access token for ShareFile - authorization

We have been using ShareFile API for downloading the Citrix Attachment. We are using Oauth 2.0. The general flow is - our clients will authorize the our Citrix ShareFile App to grant permission for accessing their files. OUr ShareFile app should already have the required permission\scopes because with the same app we are successfully downloading attachment files of our customers. However, we are having some problem with a client.
When we tried to get Share items of this client with the access token, we are getting the following error:
Request:
https://clientdomainname.sf-api.com/sf/v3/Shares(se552cbfffda144619419696b8b12f88b)/Items
Response:
{
"code": "Unauthorized",
"message": {
"lang": "en-US",
"value": "You must log in to view this link."
},
"reason": "NotAuthenticated"
}
And when we tried to refresh the access token, we got the Bad Request (error code 400) with invalid_grant error using the refresh token
Request:
https://clientdomanname.sharefile.com/oauth/token
Response:
{
"error": "invalid_grant"
}
Any help would be highly appreciated!

Related

Auth0 API Create User returns Client ID Not Found

I am using the Auth0 Management API page to test creating a user.
https://auth0.com/docs/api/management/v2#!/Users/post_users
I am sending the following body to POST:/api/v2/users:
{
"email":"me#test.com",
"password":"123DEDed1!",
"connection":"My-Users"
}
However I get the following response:
{
"statusCode": 400,
"error": "Bad Request",
"message": "Sandbox Error: Client: '{{REDACTED}}: Client id not found'"
}
Obviously the client ID does exist. Any ideas what I am doing wrong?
We found the issue was actually internal to another script we had configured in the Action Login Flow

Amazon Advertising API throws HTTP 401 Unauthorized

I am trying to generate ads reports
The create report API gives response as
{
"reportId": "amzn1.sdAPI.v1.p44571.6153E22B.2825ae5c-126d-422c-bf10-53d2d601189a",
"recordType": "campaigns",
"status": "IN_PROGRESS",
"statusDetails": "Report is being generated."
}
but the get report status API gives UNAUTHORIZED error
{
"code": "UNAUTHORIZED",
"details": "HTTP 401 Unauthorized",
"requestId": "6C1XJ33DSF546P3XZSD"
}
My first suggestion would be to ensure you’re using a valid access token.
You should also verify correct scope value and clientID in your header.

Getting Forbidden 403 error while creating OnlineMeeting using Microsoft Graph api

I am trying to create online meeting through https://graph.microsoft.com/beta/communications/onlineMeetings .
initially i got the 403 Forbidden error. then i give the Delegated and Application permissions(OnlineMeetings.ReadWrite,OnlineMeetings.ReadWrite.All) on my registered app on azure.then 403 error is gone and i got new error 400 bad request(Organizer.Identity.User.Id missing).
then i supply Online meeting post request as follows-:
{
"startDateTime":"2020-04-20T14:33:30.8546353-07:00",
"endDateTime":"2020-04-20T15:03:30.8566356-07:00",
"subject":"Application Token Meeting",
"participants": {
"organizer": {
"identity": {
"user": {
"id": "cb6d6636-1c9e-457c-b904-5da8265a8927"
}
}
}
}
}
again i got 403 Forbidden error.
i created user with the help of https://graph.microsoft.com/v1.0/users and https://graph.microsoft.com/beta/invitations.
user is created in my app on azure and i give the permission (User.ReadWrite.All, Directory.ReadWrite.All, Directory.AccessAsUser.All,User.ReadWrite.All, Directory.ReadWrite.All)
but error(403) did not change.
My question is that how to give user authorization in microsoft graph API.
The required permission is Delegated Permission: OnlineMeetings.ReadWrite. See reference here.
403 error means your access token doesn't include the required permission. You can add it like this:
Don't forget to click on "Grant admin consent for {your tenant}".
You should implement Get access on behalf of a user and get an access token to call /communications/onlineMeetings endpoint.
The http sample for your reference:
POST https://graph.microsoft.com/beta/communications/onlineMeetings
Content-Type: application/json
Authorization: Bearer {access token}
{
"startDateTime":"2019-09-09T14:33:30.8546353-07:00",
"endDateTime":"2019-09-09T15:03:30.8566356-07:00",
"subject":"Application Token Meeting",
"participants": {
"organizer": {
"identity": {
"user": {
"id": "550fae72-d251-43ec-868c-373732c2704f"
}
}
}
}
}
You can learn more details about Use the access token to call Microsoft Graph. Don't forget to put Authorization: Bearer {access token} in the request headers.

call Google auth API using Apache HttpClient

I would like to know if it is possible to call a Google API that requires auth such as the Google Calendar API using the Apache HttpClient, and no Google code or libraries. (and need the code to do it)
This is the code I have so far, its gets an auth error,
What do you use for the user/password?
HttpPost request = new HttpPost("https://www.googleapis.com/calendar/v3/users/me/calendarList/primary?key=mykey");
DefaultHttpClient client = new DefaultHttpClient();
client.getCredentialsProvider().setCredentials(
new AuthScope(AuthScope.ANY),
new UsernamePasswordCredentials(user, password));
HttpResponse response = client.execute(request);
Error:
"errors": [
{
"domain": "global",
"reason": "required",
"message": "Login Required",
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Login Required"
You don't use Login and password you need to be authenticated once you are you will have an access token then you can call something like this.
https://www.googleapis.com/calendar/v3/users/me/calendarList/primary?access_token={tokenFromAuth}
You can authenticate to Google with any language that is capable of a HTTP POST and a HTTP GET. Here is my walk though of the Auth flow to Google http://www.daimto.com/google-3-legged-oauth2-flow/ you will need to create a Oauth2 credentials on Google Developer console to start. Then its just a matter of asking the user for permission to access their data and requesting the access.

Google + access token insufficient permission

Using OAuth code i am able to generate access token for google+ API .
using this access token in oauthpalyground iam getting JSON response .
When I paste this this URL into a browser am get an error message.
https://www.googleapis.com/plus/v1/activities?query=%22great%22&access_token=xxxxxxxxxxx
Error Message
{
"error": {
"errors": [
{
"domain": "global",
"reason": "insufficientPermissions",
"message": "Insufficient Permission"
}
],
"code": 403,
"message": "Insufficient Permission"
}
}
Can anyone explain to me why?
You can not query directly from browser sending the access_token as a querystring. You must send access_ token in headers this way:
Authorization: Bearer <access_token>
Try it with Fiddler or some similar software.