TD Ameritrade API unable get the Access/Refresh token to work - api

I have been trying unsuccessfully for a couple of days to call the TD Ameritrade api to get an access/refresh token. I am getting the error "The API key in request is either null or blank or invalid."
I created the App on their site and it says status approved. I
I am 100% my redirect_uri is correct and encoded (I have been trying to get this to work for 2 nights now) In my app, it is "http://127.0.0.1" I am also sure I am not misspelling my Consumer Key. I have verified these against my app numerous times.
This is the URL I tried in Postman:
https://auth.tdameritrade.com/auth?response_type=authorization_code&redirect_uri=http%3A%2F%2F127.0.0.1&client_id={{My CONSUMER KEY}}%040AMER.OAUTHAP
I have also tried it in Python:
import requests
MYCLIENT_ID='...'
headers = {"Content-Type":"application/json"}
r = requests.post(
'https://api.tdameritrade.com/v1/oauth2/token',
data={
'response_type': 'code',
'client_id': MYCLIENT_ID,
'redirect_uri' : 'http://127.0.0.1',
}, headers = headers
)
r.json()
{'error': 'The API key in request is either null or blank or invalid.'}
Tried calling the TD Ameritrade API to get an access token.

Related

Any POST or GET requests from the Revue API return 401

I am trying to add subscribers to my newsletter using the Revue api. According to the documentation, I need to add a header called 'Authorization' and value 'Token MY-TOKEN' in my requests.
In order to test out the API I am using Postman as seen in the screenshot below:
Any request I do to any url, ends up with a 401.
What am I missing here? The token value is copy pasted from the bottom of https://www.getrevue.co/app/integrations ('Your API key is xyz') as the documentation mentions. Double checked that there are no extra spaces added.
You cannot use the API (or at least certain entry points) without first verifying your account
If you fail to do this, your requests end with a 401 status.
Verify your account
There is no explicit option to verify your account. Instead, you need to import an existing mailing list. If you don't have a list to import, you can enforce this step by creating an artificial list, containing just your email. To do so, visit your Revue dashboard, Subscribers section, and click "Import from file":
.
Then, enter your email and two commas to skip your first and last name:
Submit and fill the next form.
When completed, a top ribbon indicates that the review is on its way:
You need to wait for the review to be completed.
Perform a request
To get your API key, visit your Revue dashboard, Account settings, Integrations, and scroll down to the bottom of the page:
Run something like:
const revueApiKey = "[your API key]";
const result = await fetch('https://www.getrevue.co/api/v2/subscribers', {
method: 'POST',
headers: {
Authorization: `Token ${revueApiKey}`,
'Content-Type': 'application/json'
},
body: JSON.stringify({ email: "john#example.com", double_opt_in: false })
});
If you have the following when you log in to Revue
"We are reviewing your account."
You will not be able to make API calls and will get a 401.
I've talked to support on the issue and unfortunately, it's undocumented at the moment.
Took nearly a week for me to get reviewed but it's working fine now. It is at the end of the Christmas period so I am hoping they are only temporarily that slow at reviewing accounts.

intermittent error from rally 'Not authorized to perform action: Invalid key' for POST request in chrome extension

I developed a chrome extension using Rally's WSAPI v2.0, and it basically does the following things:
get user and project, and store them
get current iteration everytime
send a post request to create a workitem
For the THIRD step, I sometimes get error ["Not authorized to perform action: Invalid key"] since end of last month.
[updated]Error can be reproduced everytime if I log in Rally website via SSO before using the extension to send requests via apikey.
What's the best practice to send subsequent requests via apikey in my extension since I can't control end users' habits?
I did see some similar posts but none of them is helpful... and in case it helps:
I'm adding ZSESSIONID:apikey in my request header, instead of user /
password to authenticate, so I believe no security token is needed
(https://comm.support.ca.com/kb/api-key-and-oauth-client-faq/kb000011568)
url starts with https://rally1.rallydev.com/slm/webservice/v2.0/
issue is fixed after clearing cookies for
https://rally1.rallydev.com/, but somehow it appears again some time
later
I checked the cookie when the issue was reproduced, and found one with name of ZSESSIONID and its value became something else rather than the apikey. Not sure if that matters though...
code for request:
function initXHR(method, url, apikey, cbFunc) {
let httpRequest = new XMLHttpRequest();
...
httpRequest.open(method, url);
httpRequest.setRequestHeader('Content-Type', ' application\/json');
httpRequest.setRequestHeader('Accept', ' application\/json');
httpRequest.setRequestHeader('ZSESSIONID', apikey);
httpRequest.onreadystatechange = function() {
...
};
return httpRequest;
}
...
usReq = initXHR ('POST', baseURL+'hierarchicalrequirement/create', apikey, function(){...});
Anyone has any idea / suggestion? Thanks a million!
I've seen this error when the API key had both read-only and full-access grants configured. I would start by making sure your key only has the full-access grant.

eBay Browse API: shopping cart add item doesn't work

Working with Ebay's Browse API I'm having an issue with the /shopping_cart/add_item method, when I call it, it systematically returns an error 204.
I'm working on the API's sandbox. The calls are made from an iOS application in Canada. Until then, I had no issues requesting and retrieving data from responses.
Here's how I proceed:
Using the sandbox, I retrieve mock items with /item_summary/search.
The user goes through the OAuth process and grants his shopping cart access to my app. It returns a user access token that I use for the following request.
Finally, I call add_item with the following parameters:
Request JSON parameters:
{"quantity": 1, "itemId": "v1|110385018358|0"}
Request headers:
Authorization: Bearer [sandbox user access token from step 2.]
Content-Type: application/json
X-EBAY-C-MARKETPLACE-ID: EBAY_US
Then I get an empty response (aka error 204), while it shouldn't as mentioned in the documentation.
The response I get only contains headers which are the following:
{
Status Code: 204, Headers {
Connection = ( "keep-alive" );
"Content-Encoding" = ( gzip );
"Content-Length" = ( 0 );
"Content-Type" = ( "application/json" );
Date = ( "Thu, 22 Nov 2018 15:14:32 GMT" );
RlogId = ( "t6q%60ktkjvdbwrfsl%2Bbmsgcufboja%7Ct6n%3C%3Dsm%7Eufhuoluefqqgwj%284%3F34%3F11%2Busqdrrp%2Bufmadh%7B%2Bceb%7Ce4-fij-1673bfca0ca-0x133" );
"Set-Cookie" = ( "dp1=bu1p/QEBfX0BAX19AQA**5dd7fb58^;Domain=.ebay.com;Expires=Sat, 21-Nov-2020 15:14:32 GMT;Path=/" );
"X-EBAY-C-REQUEST-ID" = ( "ri=LVOZVdAO%2FSpS,rci=n76DxeaOd61P0WBf" );
"X-EBAY-C-VERSION" = ( "1.0.0" );
"X-EBAY-REQUEST-ID" = ( "1673bfca0a9.a0962ac.25e7e.fffdc702!/buy/browse/v1/shopping_cart!10.9.98.172!esbnewesbngcos[]!add_item!10.9.103.137!r1remshopcartapi-envadvcdhidzs5k[ItemClient[!Ginger.ViewItemServiceV1.litedetails!10.9.99.212!r1viappsvc-envadvcdhidzs5k[]]!ShopcartServiceClient[!Ginger.shopcase.v2.POST!10.9.101.40!r1scartsvc-envadvcdhidzs5k[]]]" );
"X-EBAY-SVC-EP-COOKIELET" = ( "321=0001542899671242" );
"X-EBAY-SVC-TRACKING-DATA" = ( "<a>nqt=AA**&!_epec=7,6,8&nqc=AA**</a>" );
}
}
Moreover, logged in the ebay sandbox website with the test user I used above, if I open the cart, I get an error page stating:
We were unable to load your cart. Please try again. If the problem persists, contact Customer Support or send us feedback.
Still from the sandbox website, when I open any item, I get another error stating:
Unfortunately, access to this particular item has been blocked due to legal restrictions in some countries. [...]
I still hope the problem is on me and not on Ebay as their API is still a Beta.
Well ... It was nowhere in the API documentation, but hidden somewhere on the Sandbox website page "unsupported feature list for the sandbox":
Cart is not supported. You may see some functionality working, like adding items to your cart, but please do not depend on or expect cart to function properly.
Although it states that AddItem may work, it actually does not, so I guess it is expected and that I should take this as the answer to my question.
Quite frustrating...
I guess I all I can do is to wait for Ebay's partnership approval.

Deleting Webhooks

I have a shop with permission to read|write both orders and products. I setup some Webhooks and now I want to delete them. I am getting back 401 errors.
Starting with 4 webhooks
Trying to delete webhook 1982492
Error nil, Failed. Response code = 401. Response message = Unauthorized.
Trying to delete webhook 1982494
Error nil, Failed. Response code = 401. Response message = Unauthorized.
Trying to delete webhook 1982496
Error nil, Failed. Response code = 401. Response message = Unauthorized.
Trying to delete webhook 1982498
Error nil, Failed. Response code = 401. Response message = Unauthorized.
Ended with 4 webhooks
So, how does one delete Webhooks set on products and orders?
Webhooks (and ScriptTags) that are created by an app are automatically removed when the app is uninstalled. It looks like that might be what is happening here.
If you are doing this in response to an app/uninstalled webhook, there is no reason. It's already handled!
If you remove the endpoint that the webhook connects to, it will be deleted after 19 attempts to connect to it.
From the shopify docs (http://wiki.shopify.com/WebHook#Automatic_Retries_and_Deletion)
If an error is returned or a timeout occurs when sending a webhook,
Shopify will retry the same request for 48 hours using an exponential
back-off approach. In total 19 attempts will be made to deliver the
information.
You can also just delete the app, it will remove the webhooks
Here’s a conversation with my Shopify console to show it working correctly:
$ shopify console
using iliketurtles.myshopify.com
irb(main):001:0> include ShopifyAPI
=> Object
irb(main):002:0> w = Webhook.create topic: "orders/create", address: "http://whatever.place.com", format: "json"
=> #<ShopifyAPI::Webhook:0x007f8ff1895778 #attributes={"topic"=>"orders/create", "address"=>"http://whatever.place.com", "format"=>"json", "id"=>2026848, "created_at"=>"2012-08-10T15:11:25-04:00", "updated_at"=>"2012-08-10T15:11:25-04:00"}, #prefix_options={}, #persisted=true, #remote_errors=nil, #validation_context=nil, #errors=#<ActiveResource::Errors:0x007f8ff18948c8 #base=#<ShopifyAPI::Webhook:0x007f8ff1895778 ...>, #messages={}>>
irb(main):003:0> w.destroy
=> #<Net::HTTPOK 200 OK readbody=true>
As others have mentioned, I think your issue is permissions related.

Twitterizer 2; Argument null exception

I 'm a newbie to twitter api/twitterizer. I get the following exception for the code shown below. The error occurs when i request access token. Any suggestion on how to fix this??
I downloaded the latest dll(2.3.1) from the twitterizer website.
{"Value cannot be null. Parameter name: String"}
Dim OAuthTokens As New OAuthTokens
Dim accessToken As New Twitterizer.OAuthTokenResponse
accessToken = OAuthUtility.GetAccessToken(ConsumerKey, ConsumerSecretkey, "oauth_token", "oauth_verifier")
thanks
As I said on the forums, the oauth_token and oauth_verifier are given to you in previous steps of the authorization process. Calling the GetAccessToken method is the last step in the process.
Here's an over-simplification of the steps:
1. Get a request token
2. Send/Redirect the user to the authorization/authentication url
3. (The user logs in, grants you access, and Twitter directs them back to your application)
4. Exchange the request token for an access token