We're using OAuth2 to allow users of our system to connect to Xero. Once the authorization succeeds, Xero provides an access token with information about the user who made the connection, including a xero_userid.
However, using this ID to find the user via the Users API fails with a 404. The Users API shows a different ID for the same user.
Is there a reason these are different? And how can we use the xero_userid returned in the Oauth2 flow to find to the Xero user via the Users API?
In XERO, the xero_user_id you extracted from access_token is the internal userID that XERO uses to recognize the contact. So If you use the same the GET API will return 404 as it is not accepting the internal user ID, instead of that If you pass the CONTACT ID of the User it will return 200 with details.
At the same time, If you want to get the login user details(contact information), better call the /User API directly with the token, it will return the details and the response contain the contactID of the user in UserID field (I know a bit complicated)
Please refer to the screenshot for more details.
Related
For example, I have access token of a user with some client id. When I try to get user information of same access token but with different client id, I get the information.
Is that okay or I am missing anything here ?
How can I validate if an access_token belongs to client id , I am using.
There was something called id_token, but Google has made that api deprecated, and in new API I don't get id_token.
Account Linking provides several ways of linking users to their own accounts such as their Google account or Twitter account.
I chose OAuth in Actions on Google website to do OAuth 2.0 Authorization Code Grant for obtaining access token in exchange for data resources. When I linked a user to a Google account Google Sign-In enabled, the fetching of user information was easy because the data is stored under payload, but OAuth implementation does not seem like it produces user data under payload inside User object.
So should I make an API call to the third party to fetch the user data and store that personal data to a database in this case? I wondered if there is a way that Google prepares on behalf of developers. If not, then greeting a user who visits my app again by saying 'Hello, {person name}' gets tedious...
You have two options with Account Linking.
In the case you describe, you're providing an OAuth endpoint and getting an auth token from the Assistant, and you are responsible for taking this token and using it to determine who the user is so you can get whatever you know about him. The token is one that you issue and control, so presumably you have that info in your database already. If you are reusing a token from another service, that service should be able to tell you who they are.
It sounds like you're using using a Google Sign In, however, in which case it is easier to use Google Sign In for Assistant. Once the user has signed into your service (either through an app or webapp) and granted permission to your service, then they will also be able to gain access through the Assistant. You will get an id token which can be decoded to get profile information about the user including their Google ID and name.
I have a static list of music artists and i want to get the id or screen_name of each one of them in Twitter.
I found this api endpoint: users/search which allows to run a query on Twitter and get all the accounts that match with the query. For example:
https://api.twitter.com/1.1/users/search.json?q=muse
will return all the accounts that match the query "muse".
I need to call this endpoint in client_credentials flow, i don't need any permission by the user (which is only me in any case). The problem is that Twitter returns the following response when i try to access the endpoint in client_credentials flow:
"message": "Your credentials do not allow access to this resource", "code": 220
I have tested other API endpoints such users/show, statuses/retweets, statuses/user_timeline and they all works in client_credentials, just the one i need doesn't work.
Is there anything i can do about that? Or i must change the OAUth flow?
mentioned error,
"{"errors":[{"message":"Your credentials do not allow access to this resource","code":220}]}"
comes when requesting an end point which requires a user context (such as statuses/home_timeline) using application only token.
You can verify whether or not same error comes for end points like statuses/home_timeline or statuses/retweets_of_me. These end points work only in some twitter user context. The end point that you want, users/search, also requires user context.
I am suspecting some issue in obtaining oauth token and secret. How are you getting authorized tokens for a given twitter user account?
I need to get logged in user's ID on a web page where user is authenticated via OneLogin. We need to use OneLogin's REST API endpoint that can give me logged in user's details.
https://api.domainname.onelogin.com/api/1/users/:id
For above REST API I need user's ID.
Can you please help me figure this out?
Are you saying the user has a OneLogin session? Or that you are using the API to authenticate the user using the delegated authentication API?
If you are using this: https://developers.onelogin.com/api-docs/1/users/create-session-login-token
The user ID is in the response.
If the application you're writing supports SAML then part of the SAML assertion you got from OneLogin should be a unique user attribute (email or username)
Your best bet is then to get that user from OneLogin by using that attribute -
https://api.<us_or_eu>.onelogin.com/api/1/users?email=user#test.com
or
https://api.<us_or_eu>.onelogin.com/api/1/users?username=testuser
And since that value is unique, it will only return the one matching record (i.e. The current user)
In my application I retrieve OAuth token as per standard procedure. I know that the proper way to 'resolve' token to user information (including ID) is via:
https://graph.facebook.com/me?access_token=<token>
However this method appears to return 'false' for the so-called gray/advertising Facebook accounts. It so happens that I also need to deal with such accounts.
How can I retrieve user ID or any other useful user information for such accounts if the only information I have is OAuth access token? Should I resort to parsing the token to extract user ID a la http://benbiddington.wordpress.com/2010/04/23/facebook-graph-api-getting-access-tokens/ ?
Well, I still have no idea how to do it via Graph API.
Via 'legacy REST API' you can at least invoke this: users.getLoggedInUser
This will give you user ID (uid).