I am using laravel 8.40 and passport 10.3. I want to generate token without authorization. for that I have followed the laravel passport documentation. But when I try to generate token using the following sippent
grant_type:password
client_id:959f0346-0848-4aca-af63-ed77daba2561
client_secret:lLSI6Yg4RRh5ZaH00fAaVhcU9C5Zd8ITfe9XTO8H
username:admin#test.com
password:password
scope:*
though my credentials are correct I test on my web guard, I am getting this response
{
"error": "invalid_grant",
"error_description": "The user credentials were incorrect.",
"message": "The user credentials were incorrect."
}
Just replace
"grant_type":password
to
"grant_type":client_credentials
Related
I am using the twitch api just to test it out to fetch the top games
I get my app access token after making an app by passing in a POST to:
https://id.twitch.tv/oauth2/token?client_id=<my client id>&client_secret=<my generated secret>&grant_type=client_credentials
I then take the access token (token_type: bearer) to the actual data fetching API and do a GET request on postman to
https://api.twitch.tv/helix/games/top?Authorization=Bearer <access token form above>&client-id=<client-ID>
This is my output:
{
"error": "Unauthorized",
"status": 401,
"message": "OAuth token is missing"
}
I have tried this with and without the client ID. The documentation here says that it can take an OAuth token or an app access token as the authorization parameter.
What gives?
The ClientID and Authorization items are headers not query string parameters
So in postman you have provided them in the wrong place
I used OAuth 2.0 Client Credentials Flow (2-Legged) to get access token and I followed each step as described in https://developer.linkedin.com/docs/v2/oauth2-client-credentials-flow.
But when I send the API request to get access token I received following response
{
"error": "access_denied",
"error_description": "This application is not allowed to create application tokens"
}
https://medium.com/#ellesmuse/how-to-get-a-linkedin-access-token-a53f9b62f0ce
you may check this way to get linkedin access token
Please don't confuse this question with this one: Migration from OAuth1 3L to OAuth2:
I have been migrating my system users from google OAuth1 to OAuth2 as specified here.
The usual problem with this migrations is the building of the base_string which was a problem for me before asking this question. After fixing the base_string build up I did migrate 95% of my users but a small amount of users kept returning a 400 error:
{
"error": "invalid_request",
"error_description": "Invalid authorization header."
}
Here are the most important fields to check on:
base_string:
POST&https%3A%2F%2Fwww.googleapis.com%2Foauth2%2Fv3%2Ftoken&client_id%3DXXX%26client_secret%3DXXX%26grant_type%3Durn%253Aietf%253Aparams%253Aoauth%253Agrant-type%253Amigration%253Aoauth1%26oauth_consumer_key%3DXXX%26oauth_nonce%3D178143337915967474871427127026%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1427127026%26oauth_token%3D1%XXX
URL: https://www.googleapis.com/oauth2/v3/token
I have to say, this users do work with OAuth1 at the moment so they are fully valid connections. An invalid/expired connection returns me this 500 error:
{
"error": "invalid_token",
"error_description": "Either the token is invalid or we could not decode it."
}
We got the following exception for our customers while trying to get AccessToken using signed JWT for the scope "https://www.googleapis.com/auth/admin.directory.group.readonly" through this protocol(https://developers.google.com/accounts/docs/OAuth2ServiceAccount?hl=fr#makingrequest).
{
"error": "access_denied",
"error_description": "Requested client not authorized."
}
It was worked earlier. We are facing this issue from last 2 days.
But we got response for Admin-SDK users API using the scope "https://www.googleapis.com/auth/admin.directory.user.readonly" for the same app.
Please assist me.
TIA,
Riyaz A
I am using the PayPal REST API for the first time and trying to get an authentication token but keep getting an "Invalid credentials error".
I am following Step 2 in the documentation found here:
https://developer.paypal.com/webapps/developer/docs/integration/direct/make-your-first-call/
I am using the Chrome extension "Advanced rest client"
Here are the values entered in the rest client:
Header:
content-type:application/x-www-form-urlencoded
Accept:application/json
Form data
grant_type:client_credentials
clientId:ASF6RRBP0uTq7FnC90tpFx7vfA-Pliw8uQDjv5RZ10Y_NVspuc88pUPLN6yM
secret: EAdx7BDKzWczDomYG2QDHu8jhaAXj4xDZLHadvL5aRfesjwo5c81zbSpRxuE
When I send the request I get the following error:
{
error: "invalid_client"
error_description: "Invalid client credentials"
}
Can anyone help me to figure what I am doing wrong here?
Form data should only contain
grant_type=client_credentials
and then add header
Authorization: Basic put base64of(clientid:secret)here
don't pass client id and secret in form data.