I've been attempting to utilize the Yahoo API to connect to fantasy sports data. I don't have a web URL to connect to when I attempt to create an app, and everything I've read has mentioned that I should select "Installed Application" to avoid using a URL.
This option is not available to me.
Yahoo Developer Screenshot
On the official documentation this is what I see here
Yahoo Developer Documentation
Not sure if it makes a difference but I'm based out of Canada.
Thanks!
It's hard to find the documentation for it, but what you want is called oob (out of bounds, out of band). To get this to work, the steps are a little different (there is no such thing as installed application from what I'm aware of):
Add oob as one of the redirect uris
Make your normal request to the auth/login uri
This will give you a new page that provides you with a token. At this point, you need to manually use this token when you request the /auth/token uri
This last step just replaces the redirect to https://your-redirect.com/token and you will end up in the same position as before.
Now, you still shouldn't put your client_secret in your application if you plan on releasing it, but if you're using it internally or letting others provide their own secret then you should be good.
If you find the original documentation with the PHP source code, you can follow this flow.
Related
I have a couple of different apps hosted on netlify using google APIs that have broken now because netlify changed their hosting to point to xxx.netlify.app instead of xxx.netlify.com
When I attempt to add the new domain to my oauth client IDs under "Credentials" I get an infinitely hanging wheel of death when I click "save"
I thought that wheel of death is caused by the new URL not being registered for the app, so I went to the settings for my application and tried to add the new domain, but it is failing as well.
I go to OAuth Consent Screen -> Edit App which then has another list of "authorized domain."
In the list, I see my old domain name:
foo.netlify.com
I try to add the new name:
foo.netlify.app
However, that auto-corrects to just plain netlify.app
I try saving that and get the following inscrutable error
Error
The request failed because one of the field of the resource is
invalid.
Tracking Number: c4522674593257747
I don't see any way to read more about the error or to use the tracking number to find out more information.
Any troubleshooting pointers would be appreciated. I'd rather not start over from scratch, but at this point it looks like my best bet would be creating a whole new application and starting the whole credential/API Key process over for all of my apps that were hosted on netlify.
I got the same problem and posted it in the google group. I have a reply from google cloud support which states that only top private domain is allowed as stated here Setting Up OAuth2.0
As the error clearly denotes and explained in this document, you can use any Top Private Domain as an Authorized Domain. So it seems to be the intended behavior.
I suppose that means only the domain owner can get a credential now.
I am trying to make a post call in Exact Online REST API. I'm trying to create a SalesInvoiceLine. I can perfectly do a GET call via my browser. I am logged in in Exact Online so I don't need authentication since this should be passed via a cookie. I tried POST via a browser. The browser prompts me to login, when I do nothing happens. I've also tried this in Postman:
I am 100% certain these initials are correct, I can login with them in Exact Online. What am I doing wrong?
If this is not the way, how can I post data to Exact Online? There are not that many concrete examples to find online.
You can't log on to the Exact Online REST API with Basic authentication, the mode you are using now.
The web service uses OAuth as authentication mechanism, meaning you have to acquire a token first. The steps to do so are outlined in the official documentation.
It will need some work on your end to register an app, get the flow up and running. Depending on your business needs, you might be helped with one of the apps for Exact Online by the company I work for.
You need to retrieve the CurrentDivision through GET Request https://{Base Uri}/api/v1/current/Me only from OAuth then you need to assign
CurrentDivision to whatever may be the API call .../api/v1/{CurrentDivision}/../....
Without authorization by Auth 2.0, neither is impossible.
To authorize the ExactOnline API calls you have to do the following:
Register the app in the developer portal. Bear in mind that you have to do a separate registration for French, UK or Dutch version of ExactOnline (this is indeed a pain).
In case you want your application to be used by other accounts than yours, you have to submit the app for validation, this usually takes 2-3 weeks.
EO uses standard OAuth 2.0 schema (very similar to what Google is using with their services). You have to use endpoint GET /api/oauth2/auth for building an authorization link and endpoint POST /api/oauth2/token for obtaining both access and refresh tokens.
Please bear in mind that many Auth 2.0 services are proving long-lasting refresh token. This is not the case of EO. The refresh token is invalidated every time when the access token is requested (endpoint POST /api/oauth2/token). With access token new refresh token is supplied, so make sure you update you refresh token as well.
The access token is placed in HTTP header as "Authorization: Bearer {{ACCESS_TOKEN}}"
In case you want to automate the EO API calls and do not want to code anything on your own, you can try one of the pre-build Exact Online API connectors, created by the company I work for.
I want to know how to use photobucket api. I successfully created a login in photobucket.
I am following the guidelines given http://api-portal.anypoint.mulesoft.com/photobucket/api/photobucket-api/docs/getting-started
The first step i am failing is that http://developer.photobucket.com is redirecting to different page.
As it is written
Go to the Photobucket developer web site at developer.photobucket.com, agree to the terms of service, sign up, and get the API key.
I am not able to open developer.photobucket.com.
I also see a redirect from developer.photobucket.com to photobucket.com. It seems that they incorrectly configured the redirect. The information about using Photobucket API required link was found in the support section:
Our engineers are working on a new API, with lots of changes, however,
this won't be available to users for a couple more months. Here is the
documentation on the current API.
If you'd rather not wait for this updated API, and would like the
current iteration now, please send an email to our API request email
address with the following information:
Your Photobucket username (This is the username for the account that
you have already created on Photobucket): Your application name
(whatever you would like): Do you require the key for commercial or
non-commercial purposes:
All three of these answers are required!
Send the API request to: pbdl-api#photobucket.com
The subject for the email should be: API Request
I'm looking to write a philips hue service that needs to allow users to register their hue bridge with my service. This service would change the color of bulbs based on an event. I'm aware that I can use IFTTT but in this scenario, I'd like to not use IFTTT and I'd like to register my website with philips hue's apps.
Any idea how I can do this? Your help is very much appreciated. Thanks!
EDIT: Not sure why I was down voted but I definitely did do my research. I looked on philips hue's developer website and couldn't find anything that was explicit on their APIs. I also looked through the iOS SDK and didn't see any methods that would trigger the pairing routine for remote devices. So far, the only example I have of this working (outside of Philips' products is the IFTTT service, which allows for an entry to be added into the 'My Apps' section).
TLDR: I wrote an API: https://github.com/jarvisinc/PhilipsHueRemoteAPI
I answered this question on my technical blog (http://blog.paulshi.me/technical/2013/11/27/Philips-Hue-Remote-API-Explained.html), which I will post here:
The question actually comes as two part:
Authentication
Remote Control
Authentication
I haven't figure out a reliable way to do authentication automatically. The following procedures needs to be automated: The idea is to fake as official iOS APP which has the ability to control remotely when enabled. We will need to get BRIDGEID and ACCESSTOKEN to pass the authentication step for remote control.
Find your BRIDGEID from https://www.meethue.com/api/nupnp. (or in My bridge page on the meethue website and by clicking on "Show me more")
Get ACCESSTOKEN
www.meethue.com/en-US/api/gettoken?devicename=iPhone+5&appid=hueapp&deviceid=**BRIDGEID**
Right click on "BACK TO THE APP" and write down ACCESSTOKEN inside the link it redirect to
phhueapp://sdk/login/**ACCESSTOKEN**
Basically it is a hack to get your access token. You fake your app as the official iOS Hue App, and ask for access token that way. I am not sure there is an easier way out there, if you do know one, please do comment below.
You can potentially automate it by doing simulated log-in session and grab the the ACCESSTOKEN by scraping the page content. But I consider it highly unreliable because any change to the official page will likely break it.
I wrote this script that allows the automation of getting ACCESSTOKEN as of today, but I don't guarantee it will work tomorrow for the reason I explained above :P
Currently, this OAUTH process only works with official apps. There might be a slight chance that they will open it to other 3rd party apps.
Remote Control
Once authentication is done, this part can be done automatically. There are 2 known private endpoints for sending control command and getting all the status related to the hue bridge.
Sending Command Endpoint:
POST https://www.meethue.com/api/sendmessage
Getting Status Endpoint:
GET https://www.meethue.com/api/getbridge
Sending Command Endpoint
URL: https://www.meethue.com/api/sendmessage
Method: POST
URL Parameters:
token=**ACCESSTOKEN** (which you obtained earlier)
Request header
content-type=application/x-www-form-urlencoded
body
clipmessage={ bridgeId: "**BRIDGEID**", clipCommand: { url: "/api/0/**APIENDPOINT**", method: "**METHOD**", body: **JSONCOMMAND** } }
BRIDGEID is the same one you obtained earlier
APIENDPOINT the same as official API /api/<username>/*** by removing /api/<usename>/ part
METHOD PUT/GET/POST/DELETE the same 4 method as official API. Despite GET really doesn't work since all response from the Sending Command Endpoint is 200 explained in the following part, while DELETE is not tested
JSONCOMMAND The actual command body for example {"on":true}
Getting Status Endpoint
URL: https://www.meethue.com/api/getbridge
Method: GET
URL Parameters:
token=**ACCESSTOKEN**
bridgeid=**BRIDGEID**
Request header
content-type=application/x-www-form-urlencoded
Limitations
Current limitation is you cannot immediately know from the response whether your control command succeeded like the official API. All the response you get from calling the Sending Command Endpoint is pretty much always <200> if you are doing it correctly. But you can always pull all the status related to the Hue bridge from the Getting Status Endpoint.
Remote Control API
I wrote Philips HUE Remote API to specifically solve the remote control problem.
Enjoy :)
Paper
For full documentation please refer to this excellent paper:
Hacking Lightbulbs: Security Evaluation of the Philips Hue Personal Wireless Lighting System by Nitesh Dhanjani
I did some investigation by following the steps of #paul-jianer-shi however the access token are not shown in the generated HTML.
I think the Hue Portal has been updated and removed the way it potentially shows the access token.
I wrote a blog post about doing Remote Hue operations by reusing the access token of another application, like IFTTT. The main change is how to get your hands on that access token. The token in shown in the 'My Apps' section of the Hue Portal. Check the (De-activate) link. It contains the access token.
Next step will be to let Hue Portal trust my own app.
Philips plan to make the remote API available to 3rd parties(it's already used by IFTTT and meethue.com).
There is currently a form on the developer website to request an early access(must login):
http://www.developers.meethue.com/content/remote-api
I am developing a REST API, and have found a very interesting problem.
When I access the resources in a web browser (in my case Chrome), everything works fine. However, when I access the resources using a REST client (Google Chrome plugin, web-based client, and a Java applet), NONE of the variables pass to the API. This happens both with GET and POST methods.
I have absolutely no idea why this would be the case, and it's proving very difficult to test the methods before putting them into production (especially with POST methods).
Please help!
At first glance it sounds it could be 2 things:
You are not correctly passing API parameters via your client or
applet
A problem with authentication or cookie management. Does the API require any type of authorization?
Are you forgetting to set a necessary HTTP header?
Do you have control of the API also or is it a third party API? If so, do the params arrive at all or do they arrive empty? What's the error code? - a 403 not authorized (which would make sense if the key doesn't pass) or something else due to missing params.
Try the intermediate step of doing it with CURL form the command line - that'll give you more detail on what's coming back.