Trello API: unauthorized permission requested - api

I'm trying to use the api to get the invitation secret to use it for creating share links. Here's my code:
URL = "https://trello.com/1/boards/" + boardid + "/invitationSecret"
query = {
'key': key,
'token': token
}
response = requests.request("POST", URL, params=query)
On execution, I get 'unauthorized permission requested'. I did checkout this post, but the solutions suggested there don't work for me.
Any help is appreciated.

You have to pay, free version can't write/post

Related

How to add redirect URL under linkedin developer APP with python code instead of linkedin developer portal

Thanks in advance.
I have created the app under linkedin Developer portal. added product as "sign in with Linkedin"
I would like to add more redirect URLs to my app with my python code.
Is there any solution for this.
I have tried with authorizing the linkedin APP by getting the access token.
and tried calling the below endpoint with python requests.
import requests
response = requests.post(
'https://www.linkedin.com/auxo-api/developerPortalApplications/205943064',
data = { "patch":{$set: {oauth2Properties: {allowedRedirectUrls: ["http://localhost:8000", "http://google.com"]}}}
headers = {
'Authorization': 'Bearer ' + 'AQWd13SvsGgJ79x5vw64-qsMiBRBQrrUiYYTVBJ2vKVNXn1y2OuajHnv_v8OxsL-I_T0HK2to47DIbf16qhaemCPEG-5ZGy4fUiWuwrlclU0piyXUhA3nDnbiZLRAHJxaowlTdhOMl4j6lXXXXXXXXXXXXXXXXXXXXXXXX-rLhTlXKUXqvOv0GYeZX5KLUBjXV1_SeB_bch_9NhcDwq4kKqL5XA'
},
)
print(response.text)

OAuth2: Unable to Authenticate API request

Been tasked to export forms and items from Podio using the API. Trying to do this with straight Python and Requests instead of the canned API tool. Am successful at retrieving the access and refresh tokens, but am unable to make the simplest Get request. The response has the error:
"error_description":"Authentication as None is not allowed for this method"
Tried this with 2 versions of using OAuth2 in Requests, both return that response.
What is it trying to tell me? Aside from giving the token, is there any other authentication attributes required?
client = BackendApplicationClient(client_id=CLIENT_ID)
oauth = OAuth2Session(client=client)
token = oauth.fetch_token(token_url=auth_url, client_id=CLIENT_ID,
client_secret=CLIENT_SECRET)
print('token:', token)
access_token = token["access_token"]
api_url = base_url + 'user/status'
r = oauth.get(api_url)
print(r.text)
headers = {'Content-Type': 'application/x-www-form-urlencoded;charset=UTF-8',
"Authorization": "Bearer " + token["access_token"]}
response = requests.get(api_url, headers=headers, verify=True)
print(response.text)
Here is full response:
{"error_parameters":{},"error_detail":null,"error_propagate":false,"request":{"url":"http://api.podio.com/user/status","query_string":"","method":"GET"},"error_description":"Authentication as None is not allowed for this method","error":"forbidden"}

403 access denied to the website with proper login/pass through google script

var url = "https://web-site_name/page/?format=json&var_data-organization_dates&xlsexport=true";
var payload =
{
"login" : "login",
"password" : "pass",
};
var options =
{
"method" : "post",
"payload" : payload,
"followRedirects" : false
};
var login = UrlFetchApp.fetch("https://web-site_name/page/" , options);
var sessionDetails = login.getAllHeaders()['Set-Cookie'];
Logger.log(login.getAllHeaders());
here is the part of the code I try to use, to automate export of the data from web-site, i do have proper login and password and able to download file in json (opened in xsl) manually, I've got the address to the downloaded file in network in developer tools, but i have a problem on the first stage - when trying to authorize to the web-site - access denied. I've tried the code, given in answers on stackoverflow, but it still doesn't work.
How to make an url fetch request correctly, depends on the website you want to access and the authentication they uses
In the simplest case, your website requires HTTP basic authentification, in this case the correct syntax would be
var authHeader = 'Basic ' + Utilities.base64Encode(login + ':' + pass);
var options = {
headers: {Authorization: authHeader}
}
If your website uses a different authentication form, you might need to provide an access token.
In any case: the authentication credentials go into headers, not into payload!
payload is the data that you want to post = upload to the website.
If you want export data from the website - that is download data - you do not need a payload and the correct method would be get, not post. Btw., if the method is get, you do not need to specify it.
Please see here for more information and samples.

API access to GitHub organisation repo using personal access token

I get refused access to my GitHub organisation's repos when trying to access the API using a personal token:
(Python)
GITHUB_API_TOKEN = 'XXX'
GITHUB_HEADERS = {
'Authorization': GITHUB_API_TOKEN,
}
issues = 'https://api.github.com/repos/my_org_name/my_repo_name/issues?state=all&page=1&per_page=100'
request = requests.get(issues, headers=GITHUB_HEADERS)
[{'message': 'Not Found'}]
Accessing a personal repo works.
I have full access to my org's repos.
What's the best way around this?
You need to set the Authorization header to token YOUR_TOKEN :
import requests
GITHUB_API_TOKEN = 'YOUR_TOKEN'
GITHUB_HEADERS = {
'Authorization': "token " + GITHUB_API_TOKEN,
}
issues = 'https://api.github.com/repos/my_org_name/my_repo_name/issues?state=all&page=1&per_page=100'
request = requests.get(issues, headers=GITHUB_HEADERS)
print(request.text)
Note that Bearer YOUR_TOKEN also works
Also you need the repo scope on your personnal access token

How to fix "The OAuth client was not found" error from a Bing Ads script

We've got scripts on Bing to automatically adjust ad bids based on ad performance and client goals, which are stored in a Google spreadsheet.
We had a contractor set this up initially, and it worked. But I guess that the contractor was using a temp Google account and when it went away the bidders stopped working. Because it did work before, it's likely a configuration error on my part that's breaking it now, but the contractor pointed us to the steps I was already following to no avail (https://learn.microsoft.com/en-us/advertising/scripts/examples/authenticating-with-google-services#option2).
Stuff already tried
double checked for errant whitespace around the client ID and client secret
created new client secrets
created new client IDs
made sure that the project name, application name, and OAuth client id name were all the same
created whole new projects from scratch (configured to match the article cited above) to see if that would kick something loose
tried a different token URL (https://oauth2.googleapis.com/token) that appears in the client_secret JSON downloaded from Google
function main() {
const credentials = {
accessToken: '',
client_id: 'REDACTED.apps.googleusercontent.com', // from Google developer console
client_secret: 'REDACTED', // from Google developer console
refresh_token: 'REDACTED' // created at https://developers.google.com/oauthplayground
};
var access_token = '';
if (credentials.accessToken) {
access_token = credentials.accessToken;
}
var tokenResponse = UrlFetchApp.fetch('https://www.googleapis.com/oauth2/v4/token', { method: 'post', contentType: 'application/x-www-form-urlencoded', muteHttpExceptions: true, payload: { client_id: credentials.clientId, client_secret: credentials.clientSecret, refresh_token: credentials.refreshToken, grant_type: 'refresh_token' } });
var responseCode = tokenResponse.getResponseCode();
var responseText = tokenResponse.getContentText();
if (responseCode >= 200 && responseCode <= 299) {
access_token = JSON.parse(responseText)['access_token'];
}
throw responseText;
// use the access token to get client targets from the spreadsheet
A JSON encoded access token is the expected response, but instead, we get HTTP 400 with the message "The OAuth client was not found."
Manually creating an access token on the OAuth playground (https://developers.google.com/oauthplayground) works as a stopgap, but this should work. This has worked. :P
The fix in this case switching the Application Type on console.developers.google.com > Credentials > OAuth consent screen to Internal instead of Public.
That wasn't in the steps provided by Microsoft, and I'm not sure if that will have implications down the road, but at least we're off the manual process for now.