Following this similar question, posted a year ago, Where is the official documentation on how to retrieve an access token? I saw the two answers to the prior question were vastly different in methods. Other APIs I've worked with had a much simpler way to obtain a bearer/access token.
Could someone currently working with Sharepoint API provide how they request an access token for requests like this:
GET https://{site_url}/_api/web/lists/GetByTitle('List Title')
Authorization: "Bearer " + accessToken
Accept: "application/json;odata=verbose"
Related
I want to work with an API that uses OAuth 2.0
In short, I need to obtain an access token which I will have to include in every subsequent request so the server can confirm my identity.
How would the architecture look like doing this in an application? Can anybody recommend an article?
Currently I am inefficiently fetching a new Token from the API on every request in order to perform the request.
Is there a best practice to save a bearer token and reuse it until it expired?
I want to use Vue.js for my application.
As you said, requesting a new token on every request has no sense.
The best approach, once logged-in, is to store the returned token in your localStorage, so no matter if the user refreshes the browser, the app will grab the Bearer from the storage.
Once you accomplish that, you should attach the current valid Bearer token in every axios request. IE:
axios.defaults.headers = {
common: {
'X-Requested-With': 'XMLHttpRequest',
'Access-Control-Allow-Origin': '*',
'Authorization': 'Bearer ajsyHjdjkakl;ds......'
}
}
FYI, there are many packages that help you to handle this, otherwise, be prepared to face some headaches. I personally use this one since time ago: https://websanova.com/docs/vue-auth/home
Zapier has been a handy way to connect to API's like quickbooks. However there is very little documentation on how to set this up, which caused me to spend weeks figuring it out (hopefully for you this will help!). This is a Q&A post, however if anyone has input that will improve this information please feel free to share here.
If you find yourself in a situation like mine and you are looking on how to also make an 'action' or 'trigger' for quickbooks just leave a comment and I can work on a tutorial for those as well.
If I have posted this in the wrong format for Stack Overflow please let me know and I will correct that or move it to a blog.
Depending on how things go I may end up submitting my zap for public use (My zap finds estimates by their ID and returns everything, useful for when you have a web-hook on Quickbooks). Anyway, all the information presented in this post is for the OAuth2 setup.
Here is the documentation I used:
API OAuth 2.0
Playground
Question: How do I connect Quickbooks API to a custom app in Zapier Developer with OAuth2?
To start this answer assumes you have a Quickbooks and Zapier dev account. It also assumes you have begun to setup your first Zap and are now working on authentication.
In Zapier Dev, choose Authentication tab and select OAuth2
Leave "Configure your Fields" blank and press continue
In "Enter your Application Credentials" enter your credintials from your Intuit keys page
Now in "Add OAuth v2 Endpoint Configuration" enter the following as shown for the Authorization URL section:
Next define your scope, I used com.intuit.quickbooks.accounting openid email profile
We also have to get the "Access Token Request", set it up like this:
Finally add the refresh request:
Set "Automatically Refresh Token" to checked.
Now, the next part is custom, but I set up my test request to a random query (you can do the same if you want)
const options = {
url: 'https://sandbox-quickbooks.api.intuit.com/v3/company/ENTERYOURREALMID/query?query=select*from Invoice&minorversion=38',
method: 'GET',
headers: {
'Authorization': `Bearer ${bundle.authData.access_token}`,
'content-type': 'application/x-www-form-urlencoded',
'accept': 'application/json'
},
params: {
},
body: {
}
}
return z.request(options)
.then((response) => {
response.throwForStatus();
const results = z.JSON.parse(response.content);
// You can do any parsing you need for results here before returning them
return results;
});
Just toss in your RealmID in the http link (you can get the REALMID by clicking myaccount in Quickbooks, this is the same as Company ID).
Once you connect and run it should enter the HTTP Headers for you. If not, then for all sections they are same:
content-type: application/x-www-form-urlencoded
accept: application/json
That's it! Connect your account and you should be good to go!
NOTES:
-Quickbooks will require a refresh each 100 days.
-Remember that you must use backticks ` over single quotes ' if you are using a
Zapier variable.
I am new to pulling data via APIs, so I hope this question is reasonable. In general, I have experience retrieving the data via json once passed through a url: eg. http://api.open-notify.org/astros.json. From there I can obtain the data I need, simple enough.
Where I am struggling is understanding how to implement this with an Oauth authentication. I have four keys, the app key, secret, access token, and access token secret.
I've read that this needs to be implemented in the following manner:
via the authorization header
Authorization:
OAuth realm="http://sp.example.com/",
oauth_consumer_key="xxxxx",
oauth_token="xxxxx",
oauth_signature_method="HMAC-SHA1",
oauth_signature="xxxxx",
oauth_timestamp="137131200",
oauth_nonce="xxxxx",
oauth_version="1.0"
which comes from: https://oauth.net/core/1.0/#signing_process
Is there a 'url' type way to obtain the data I need in json format? I certainly have all required information, I just am not sure how to implement it.
(I'm using SAS)
My requirement is to push real time data into Power BI using Python to first read from a database and then send the data inside a Streaming dataset in Power BI.
The first thing I want is to make a simple "get" call to Power BI.
The official documentation explains the processes of connecting to Power BI via the REST API for either a Client App or a Web App.
However, I'm using Python - not sure if that is either a client app or a web app.
Anyway, I am able to get the accessToken using the adal library and the method .acquire_token_with_client_credentials, which asks for authority_uri, tenant, client_id and client_secret (notice this is not asking for username and password).
By the way, I've also tried getting the accessToken with .acquire_token_with_username_password, but that didn't work.
Unfortunately, when I use the below code with the obtained accessToken, I get a response 403.
#accessToken is received using the adal libary
headers = {'Authorization': 'Bearer ' + accessToken, 'Content-Type': 'application/json'}
read_datasets = requests.get('https://api.powerbi.com/v1.0/myorg/datasets', headers=headers)
#shockingly, this will result in a response 403
After reading other stackoverflow posts and looking at console apps, I believe the reason this doesn't work is because there is no user sign-in process.
This thread mentions that using Client Credentials is not enough (it is enough to get the accessToken, but not enough to use the APIs)
Not sure how to proceed, but what I need is perhaps a way to keep using this adal template that gives me the accessToken, and also to provide my username and password (if required), and together with the accessToken, to access the APIs.
I see that you've answered this over on the PowerBI forums:
https://community.powerbi.com/t5/Developer/Access-Power-BI-API-with-Python/m-p/190087#M6029
For future reference of anyone visiting this in the future:
Get your token using the python adal library and the appropriate method. Once you've got your token, you pass that in as part of your request headers like so:
url = f'{self.api_url}/v1.0/myorg/groups/{self.group_id}/datasets'
headers = {
'Authorization': f'Bearer {self.token["accessToken"]}'
}
Where api_url is https://api.powerbi.com, group_id is your group_id and token is the token dict you got from acquire_token_with_username_password.
From there you'll be able to make all the PowerBI API calls you need.
I'm trying to build me first app with office 365 API and have one big problem.
I'm trying to get main info about user with Office 365 API and Azure Active Directory and for that I'm doing:
1) Get access token. The http post request to https://login.windows.net/common/oauth2/token for token:
HEADERS:
Content-Type: application/x-www-form-urlencoded
POST DATA:
grant_type = authorization_code
client_id = *my_client_id*
client_secret = *my_client_secret*
session_state = e5fb6cd5-28f7-4dfc-b793-9ce8522534ac
code = *code_that_i_got_to_my_callback_url*
resource = https://outlook.office365.com/
I get response with access_token, refresh_token, id_token, resource etc.
2) I'm trying to get main info about user with access token:
Get request to https://outlook.office365.com/api/v1.0/me with
HEADERS:
client-request-id: *some_random_id*
return-client-request-id: true,
authorization: 'Bearer ' + *access_token*
Accept: '*/*'
But I get:
{ error:
{ code: 'ErrorAccessDenied',
message: 'Access is denied. Check credentials and try again.' } }
My app in AAD has max permissions for everything (sorry for russian):
I'm doing everything like here:
http://blogs.msdn.com/b/exchangedev/archive/2014/03/25/using-oauth2-to-access-calendar-contact-and-mail-api-in-exchange-online-in-office-365.aspx
And the most interesting moment is that one week ago everything worked good (except that sometimes response time was about 30 sec) and I could get information about users.
And last thing.
On that page (http://blogs.msdn.com/b/exchangedev/archive/2014/03/25/using-oauth2-to-access-calendar-contact-and-mail-api-in-exchange-online-in-office-365.aspx) you can find request to https://login.windows.net/common/oauth2/token with parameter prompt=admin_consent. It was working also week ago, but now if you try you'll get Bad Request (400).
Thanks for your question and sorry to hear about the trouble you are having with your first app. Can you please check the permissions for Office 365 Exchange Online and make sure the permission "Have full access to a user's mailbox" is NOT selected? See attached image for more details.
This is meant for access to a user's mailbox using an older API called Exchange Web Services, and not intended for Office 365 REST APIs. I think you are getting "Access Denied" for your REST API request because you may have selected this permission.
Let me know if you are still seeing an issue after removing this permission. Let me know if you have any questions or need more info.
Thanks,
Venkat