I am trying to add subscribers to my newsletter using the Revue api. According to the documentation, I need to add a header called 'Authorization' and value 'Token MY-TOKEN' in my requests.
In order to test out the API I am using Postman as seen in the screenshot below:
Any request I do to any url, ends up with a 401.
What am I missing here? The token value is copy pasted from the bottom of https://www.getrevue.co/app/integrations ('Your API key is xyz') as the documentation mentions. Double checked that there are no extra spaces added.
You cannot use the API (or at least certain entry points) without first verifying your account
If you fail to do this, your requests end with a 401 status.
Verify your account
There is no explicit option to verify your account. Instead, you need to import an existing mailing list. If you don't have a list to import, you can enforce this step by creating an artificial list, containing just your email. To do so, visit your Revue dashboard, Subscribers section, and click "Import from file":
.
Then, enter your email and two commas to skip your first and last name:
Submit and fill the next form.
When completed, a top ribbon indicates that the review is on its way:
You need to wait for the review to be completed.
Perform a request
To get your API key, visit your Revue dashboard, Account settings, Integrations, and scroll down to the bottom of the page:
Run something like:
const revueApiKey = "[your API key]";
const result = await fetch('https://www.getrevue.co/api/v2/subscribers', {
method: 'POST',
headers: {
Authorization: `Token ${revueApiKey}`,
'Content-Type': 'application/json'
},
body: JSON.stringify({ email: "john#example.com", double_opt_in: false })
});
If you have the following when you log in to Revue
"We are reviewing your account."
You will not be able to make API calls and will get a 401.
I've talked to support on the issue and unfortunately, it's undocumented at the moment.
Took nearly a week for me to get reviewed but it's working fine now. It is at the end of the Christmas period so I am hoping they are only temporarily that slow at reviewing accounts.
Related
I have two flat Feed Groups, main, the primary news feed, and main_topics.
I can make a post to either one successfully.
But when I try to 'cc' the other using the to field, like, to: ["main_topics:donuts"] I get:
code: 17
detail: "You do not have permission to do this, you got this error because there are no policies allowing this request on this application. Please consult the documentation https://getstream.io/docs/"
duration: "0.16ms"
exception: "NotAllowedException"
status_code: 403
Log:
The request didn't have the right permissions or autorization. Please check our docs about how to sign requests.
We're generating user tokens server-side, and the token works to read and write to both groups without to.
// on server
stream_client.user(user.user_id).create({
name: user.name,
username: user.username,
});
Post body:
actor: "SU:5f40650ad9b60a00370686d7"
attachments: {images: [], files: []}
foreign_id: "post:1598391531232"
object: "Newsfeed"
text: "Yum #donuts"
time: "2020-08-25T14:38:51.232"
to: ["main_topics:donuts", "main_topics:all"]
verb: "post"
The docs show an example with to: ['team:barcelona', 'match:1'], and say you need to create the feed groups in the panel, but mention nothing about setting up specific permissions to use this feature.
Any idea why this would happen? Note that I'm trying to create the new topics (donuts, all) which don't exist when this post is made. However, the docs don't specify that feeds need to be explicitly created first - maybe that's the missing piece?
If you haven’t already tried creating the feed first, then try that. Besides that, the default permissions restrict a user from posting on another’s feed. I think it’s acceptable to do this if it’s a notification feed but not user or timeline.
You can email the getstream support to change the default permissions because these are not manageable from the dashboard.
Or you can do this call server side as an admin permissions.
I developed a chrome extension using Rally's WSAPI v2.0, and it basically does the following things:
get user and project, and store them
get current iteration everytime
send a post request to create a workitem
For the THIRD step, I sometimes get error ["Not authorized to perform action: Invalid key"] since end of last month.
[updated]Error can be reproduced everytime if I log in Rally website via SSO before using the extension to send requests via apikey.
What's the best practice to send subsequent requests via apikey in my extension since I can't control end users' habits?
I did see some similar posts but none of them is helpful... and in case it helps:
I'm adding ZSESSIONID:apikey in my request header, instead of user /
password to authenticate, so I believe no security token is needed
(https://comm.support.ca.com/kb/api-key-and-oauth-client-faq/kb000011568)
url starts with https://rally1.rallydev.com/slm/webservice/v2.0/
issue is fixed after clearing cookies for
https://rally1.rallydev.com/, but somehow it appears again some time
later
I checked the cookie when the issue was reproduced, and found one with name of ZSESSIONID and its value became something else rather than the apikey. Not sure if that matters though...
code for request:
function initXHR(method, url, apikey, cbFunc) {
let httpRequest = new XMLHttpRequest();
...
httpRequest.open(method, url);
httpRequest.setRequestHeader('Content-Type', ' application\/json');
httpRequest.setRequestHeader('Accept', ' application\/json');
httpRequest.setRequestHeader('ZSESSIONID', apikey);
httpRequest.onreadystatechange = function() {
...
};
return httpRequest;
}
...
usReq = initXHR ('POST', baseURL+'hierarchicalrequirement/create', apikey, function(){...});
Anyone has any idea / suggestion? Thanks a million!
I've seen this error when the API key had both read-only and full-access grants configured. I would start by making sure your key only has the full-access grant.
Working with Ebay's Browse API I'm having an issue with the /shopping_cart/add_item method, when I call it, it systematically returns an error 204.
I'm working on the API's sandbox. The calls are made from an iOS application in Canada. Until then, I had no issues requesting and retrieving data from responses.
Here's how I proceed:
Using the sandbox, I retrieve mock items with /item_summary/search.
The user goes through the OAuth process and grants his shopping cart access to my app. It returns a user access token that I use for the following request.
Finally, I call add_item with the following parameters:
Request JSON parameters:
{"quantity": 1, "itemId": "v1|110385018358|0"}
Request headers:
Authorization: Bearer [sandbox user access token from step 2.]
Content-Type: application/json
X-EBAY-C-MARKETPLACE-ID: EBAY_US
Then I get an empty response (aka error 204), while it shouldn't as mentioned in the documentation.
The response I get only contains headers which are the following:
{
Status Code: 204, Headers {
Connection = ( "keep-alive" );
"Content-Encoding" = ( gzip );
"Content-Length" = ( 0 );
"Content-Type" = ( "application/json" );
Date = ( "Thu, 22 Nov 2018 15:14:32 GMT" );
RlogId = ( "t6q%60ktkjvdbwrfsl%2Bbmsgcufboja%7Ct6n%3C%3Dsm%7Eufhuoluefqqgwj%284%3F34%3F11%2Busqdrrp%2Bufmadh%7B%2Bceb%7Ce4-fij-1673bfca0ca-0x133" );
"Set-Cookie" = ( "dp1=bu1p/QEBfX0BAX19AQA**5dd7fb58^;Domain=.ebay.com;Expires=Sat, 21-Nov-2020 15:14:32 GMT;Path=/" );
"X-EBAY-C-REQUEST-ID" = ( "ri=LVOZVdAO%2FSpS,rci=n76DxeaOd61P0WBf" );
"X-EBAY-C-VERSION" = ( "1.0.0" );
"X-EBAY-REQUEST-ID" = ( "1673bfca0a9.a0962ac.25e7e.fffdc702!/buy/browse/v1/shopping_cart!10.9.98.172!esbnewesbngcos[]!add_item!10.9.103.137!r1remshopcartapi-envadvcdhidzs5k[ItemClient[!Ginger.ViewItemServiceV1.litedetails!10.9.99.212!r1viappsvc-envadvcdhidzs5k[]]!ShopcartServiceClient[!Ginger.shopcase.v2.POST!10.9.101.40!r1scartsvc-envadvcdhidzs5k[]]]" );
"X-EBAY-SVC-EP-COOKIELET" = ( "321=0001542899671242" );
"X-EBAY-SVC-TRACKING-DATA" = ( "<a>nqt=AA**&!_epec=7,6,8&nqc=AA**</a>" );
}
}
Moreover, logged in the ebay sandbox website with the test user I used above, if I open the cart, I get an error page stating:
We were unable to load your cart. Please try again. If the problem persists, contact Customer Support or send us feedback.
Still from the sandbox website, when I open any item, I get another error stating:
Unfortunately, access to this particular item has been blocked due to legal restrictions in some countries. [...]
I still hope the problem is on me and not on Ebay as their API is still a Beta.
Well ... It was nowhere in the API documentation, but hidden somewhere on the Sandbox website page "unsupported feature list for the sandbox":
Cart is not supported. You may see some functionality working, like adding items to your cart, but please do not depend on or expect cart to function properly.
Although it states that AddItem may work, it actually does not, so I guess it is expected and that I should take this as the answer to my question.
Quite frustrating...
I guess I all I can do is to wait for Ebay's partnership approval.
Getting this error (category: INVALID_REQUEST_ERROR code: ORDER_EXPIRED) from the checkout endpoint when a user clicks through, then comes back days later to pay. This is the endpoint that takes the order information and provides a unique checkout URL for the user.
How long do orders have before they expire? I'm not even clear on what exactly is expiring?
Not much sent over in the post. Trying to determine if I just need to alter the idempotency key "if an order has expired", which seems counterproductive.
$this->_order = ['redirect_url' => $redirectUrl,
'idempotency_key' => $this->_idempotencyKey,
'ask_for_shipping_address' => false
];
$this->_order['order']['reference_id'] = (string) "{$this->getInvoice()->getId()}";
Checkout urls expire in 24 hours. Square is working on updating the documentation to reflect this info.
I have a spreadsheet on my Google Drive and I want to download a CSV from another website and put it into my spreadsheet. The problem is that I have to login to the website first, so I need to use some HTTP request to do that.
I have found this site and this. If either of these sites has the answer on it, then I clearly don't understand them enough to figure it out. Could someone help me figure this out? I feel that the second site is especially close to what I need, but I don't understand what it is doing.
To clarify again, I want to login with an HTTP request and then make a call to the same website with a different URL that is the call to get the CSV file.
I have done a lot of this in the past month so I should be able to help you, we are trying to emulate the browsers behaviour here so first you need to use chrome's developer tools(or something similar) and note down the exact things the browser does like the form values posted, the url that is called and so on. The following example shows the general techinique to be used:
The first step is to login to the website and get the session cookie:
var payload =
{
"user_session[email]" : "username",
"user_session[password]" : "password",
};// The actual values of the post variables (like user_session[email]) depends on the site so u need to get it either from the html of the login page or using the developer tools I mentioned.
var options =
{
"method" : "post",
"payload" : payload,
"followRedirects" : false
};
var login = UrlFetchApp.fetch("https://www.website.com/login" , options);
var sessionDetails = login.getAllHeaders()['Set-Cookie'];
We have logged into the website (In order to confirm just log the sessionDetails and match it with the cookies set by chrome). The next step is purely dependent on the website so I will give u a general example
var downloadPayload =
{
"__EVENTTARGET" : 'ctl00$ActionsPlaceHolder$exportDownloadLink1',
};// This is just an example it may or may not be needed, if needed u need to trace the values from the developer tools.
var downloadCsv = UrlFetchApp.fetch("https://www.website.com/",
{"headers" : {"Cookie" : sessionDetails},
"method" : "post",
"payload" : downloadPayload,
});
Logger.log(downloadCsv.getContentText())
The file should now be logged, you can then parse the csv using hte GAS inbuilt function and dump the data in the spreadsheet.
A few points to note:
I have assumed that all form post values are static and can be
hardcoded, in case this is not true then let me know I will give you
a function that can extract values from the html.
Some websites require the browser to send a token value(the value will be present in the html) along with the credentials. In this case you need to extract the values and then post it.