I am using cognito social login for our application when I am trying to login using Facebook, after successful login it gives me code and using that code we generate token, but in the code I am getting special characters at the end of code due to that I am not able to generate token, in the postman it gives me error as invalid grant
Related
We are trying FusionAuth & looking to have a single step flow for Sign up + Sign In.
After user signs up, we want to show/land him directly to our application's dashboard page (without showing him login page in between the flow). The authentication should happen but internally i.e we are expecting OAuth2 standard IdToken in response to "WebApplication" so that web application can use IdToken to allow user to application.
Please note that we don't want to use approaches where we need to pass Username/password to our web application, don't want to handle user credentials. Also that we dont want to use Authentication Tokens returned in Registration flow because AuthenticationTokens are not that secure, looking to use OAuth2 based IdToken instead.
I have came across this post "https://fusionauth.io/community/forum/topic/165/taking-a-user-directly-to-the-registration-page/3" and tried following request, but it is showing Login page instead of registration.
/oauth2/register?client_id=<Configured_client_id>&redirect_uri=<Configured_redirect_uri>&response_type=code
(I have not used CSRF parameter though)
Please can you suggest why its showing Login Page?
You should be able to have a user register and be sent directly to your application, as long as you set the correct redirect_uri and put that on the registration URL:
https://local.fusionauth.io/oauth2/register?client_id=c50329fa-93e5-4618-8d9f-73d0ab069a23&response_type=code&redirect_uri=https%3A%2F%2Fapp.example.com%2F
The application will then receive a code that can be exchanged for an access token. You can call the userinfo endpoint with that token and get user information like email address, etc.
What you won't get that it seems like you might want is an id token. For that you'll have to send the user through the login process with a scope of profile. However, you could mind your own 'id token'-lite using the values from the userinfo endpoint and the JWT vending: https://fusionauth.io/docs/v1/tech/apis/jwt/#vend-a-jwt
I am using google ads api, I have generated Access Token, Refresh Token, I have CustomerId of my Ads Manager account, my developer token still getting this error. **My ultimate goal is to generate Keyword ideas using google ads api **
You have to put your generated token inside your request-header. With that token inside the header, every request to your API is authorized.
You can see that you have an "Authorization"-Token with the empty value "Bearer". There you have to put in your token, that your API can check the token and validate it. Same thing with the developer-token. Your requests sends empty header values.
I want to make a website which users can see their posted pictures on the page.
I have signed up for facebook API and have an app id and app secret.
https://graph.facebook.com/oauth/access_token?client_id={#}&client_secret={#}&grant_type=client_credentials
I send users to the oauth to get the user's access token but I don't know what to do next.
https://graph.facebook.com/v3.0/me?fields=id,name,posts&access_token={#}
I thought this would work but I had the error below
"An active access token must be used to query information about the current user.",
The URL you are using to get the Access Token is actually an App Token API.
To generate the Access Token Please replace
https://graph.facebook.com/oauth/access_token?client_id={#}&client_secret={#}&grant_type=client_credentials
with
https://www.facebook.com/v3.0/dialog/oauth?response_type=token&client_id={#id}&redirect_uri={#}&scope=publish_pages
add a redirection url here where the token is published.
OR
better option is to use the login button mentioned here.
https://developers.facebook.com/docs/facebook-login/web/login-button
Also you can read here about all Access Tokens
https://developers.facebook.com/docs/facebook-login/access-tokens/
In one of my iOS apps, I am using FBSDKfor Facebook login and it works correctly. But we would like to handle the case that the access token becomes invalid. If I have changed my password through some other Facebook login then as per the Facebook blog post, it should invalidate the access token, but while I am fetching the stored token using [FBSDKAccessToken currentAccessToken].tokenString, it appears that the token is still valid, based on the following:
[FBSDKAccessToken currentAccessToken].tokenString does not return nil.
Using the following url to validate the access token [NSString stringWithFormat:#"https://graph.facebook.com/APP_ID/permissions?access_token=ACCESS_TOKEN], as per stackoverflow post
How to verify the account password changed (and corresponding token invalidation) scenario for Facebook?
We want to detect the invalid token and ask the user to login again, if the account password has been changed through logging in to Facebook somewhere else and changing the password.
Any suggestion is appreciated.
Thanks.
Changing password won't invalidate the login. To invalidate the login, you need to go to Facebook->Settings->Security and Login. Find where you are logged in with the token and force log out.
I use a Google service account to access users of an organization using directory API and then use drive API to perform certain file operations on users.
It works fine for few users and for others, the drive API call is returning the following error when trying to list the user's files (For that matter any drive API call on that user is returning the same error).
https://www.googleapis.com/drive/v2/files?alt=json&maxResults=1000 returned "Invalid Credentials">
Quoting from this this documentation about 401 error,
"Invalid authorization header. The access token you're using is either expired or invalid. Suggested action: Refresh the access token using the long-lived refresh token."
I have a valid access token which is not expired. And the user for which this error message seen is not suspended either.
Are there any other reasons as to why Google sends this error?