I'm trying to implement TikTok login kit into my app.
I'm following this guide https://developers.tiktok.com/doc/login-kit-web and i'm stuck on point 2.1 because after succesfully login the user, and succesfully grant app permissions from the user i'm beeing redirect to this url : https://open-api.tiktok.com/platform/oauth/undefined
I'm pretty sure my url is correct because if i insert in it some errors on purpose i get an error page .. like wrong client key, wrong response type, scope, redirect url ecc..
Anyone knows what am i doing wrong?
thanks!
Ok i figured it out.
it was my fault because i created a tiktok-app for applications but by using oauth in browser you nedd to create a web based tiktok-app.
Related
I'm having trouble with Adobe Sign's OAuth authentication -- every time I try to get my access token with my Client ID and redirect URI, I get this message:
Unable to authorize access because the client configuration is invalid: invalid_request
This is the request that I have been making (with the proper substitution for REDIRECT and CLIENTID):
https://secure.echosign.com/public/oauth? redirect_uri=REDIRECT& response_type=code& client_id=CLIENTID& scope=user_login:self+agreement_send:account
I am fairly new to OAuth and don't understand what I'm doing wrong. Could someone please explain the issues that could result in this error message?
I was having the same problem. I solved it by including the correct shard in the URL after "secure." and before ".echosign". You identify your shard by looking at the URL where you created your application.
I found this information here.
Hope this helps.
Is OK to have spaces in that https request?
If you still have a problems with this.
I think your URL is not correct.
I using this one
https://secure.na2.echosign.com/public/embeddedWidget
for adobe widget.
Adobe require same url for OAuth
https://secure.na2.echosign.com/public/oauth
Check your domain, and try. You can create widget just to see your domain
This comment might get helpful for others who are facing issue in Adobe Sign access token invalid_request.
Developer Guide on Sign API: https://opensource.adobe.com/acrobat-sign/developer_guide/index.html
For the Outh process and the link to be used in user's browser:
https://secure.na1.adobesign.com/public/oauth/v2?redirect_uri=https://www.google.co.in&response_type=code&client_id=paste_your_client_id_here&scope=user_read:account
If any one using sandbox,
https://secure.na1.adobesignsandbox.com//public/oauth/v2?redirect_uri=https://www.google.co.in&response_type=code&client_id=paste_your_client_id_here&scope=user_read:account
Please ensure the correct environment identifier and shard. https://helpx.adobe.com/sign/using/identify-account-shard.html
https://helpx.adobe.com/sign/kb/unable-to-authorize-access-because-the-client-configuration-is-invalid-invalid-request-while-running-oauth-process.html
After pasting URL in browser and allowing the access to your API and getting code. Please use endpoint URL to get access token as below:
for developer account: https://api.na1.adobesign.com/oauth/v2/token
for sandbox account: https://api.na1.adobesignsandbox.com/oauth/v2/token
I would like to develop a desktop application.
Sadly I got stuck at login. I want to use a web view which be SoundClound login end point.
https://soundcloud.com/connect?client_id=my_client_id&response_type=token_and_code&scope=non-expiring
Using the above I received error : "invalid_client: The configured redirect_uri of the client application is invalid."
Would be nice if API would tell you which parameters are required and which are optional. As I read about OAuth 2.0, redirect uri is optional. This caused me confusion when received this error. I also tried curl version, same kind of error.
If I tried to add a random redirect_uri won't pass either. (I'm aware this is about security.)
I found this answer, but I doesn't work and I think is error-prone: it requires 2 text fields and you're asking the user to provide their credentials (then you're able to do what you want with them...)
Soundcloud API authentication without a web browser
I would like to do the flow this way:
Open a web view with SoundCloud login end point.
User is providing his credentials to SoundCloud Server.
SoundCloud Server is sending me a token.
Something similar to OAuth 1.0.
Is possible or is there something similar to achieve my goal?
After another few hours of research and keep trying to login I figured it out.
It works with redirect_uri after I did the setup for it on page "Your apps" on SoundCloud.
I have a plugin that need some instagram infos of my application.
This plugin just show photo feed.
I have created the application on the instagram developers and get my client id, but, what's the redirect url? I put my website link because i really don't understand what is that.
What i need is:
id: 'MY PROFILE ID',
redirectUrl: 'http://www.kyriosfestival.com.br',
clientId: 'MY CLIENT ID FROM MY APPLICATION',
accessToken: 'GENERATED FROM INTERNET'
And it's not working.
I have used a access token generated from internet, and i don't know if is this the problem.
What is the real form to use that?
Anyone?
Thanks!
Must be late, but will post an answer, so that maybe it will help anyone some day.
For all your Instagram API calls, you need to receive a valid access token.
You can get one by implementing authentication (client-side or server-side), full guide can be found here.
So for example, if you choose to go with client-side authentication,
you should direct a user to authentication URL, which will looks like this:
https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token
After that, user will be redirected to your redirect page (REDIRECT-URI). This REDIRECT-URI should match the URL you have specified in Manage Clients section.
After the redirect happens, you will get the access token in the URL of the page you've been redirected to.
http://your-redirect-uri#access_token=ACCESS-TOKEN
You can then extract your ACCESS-TOKEN from url and start making API calls.
Once again I am stuck! I am trying to implement a secure WebApi service with ASP.NET Identity using Individual Account. The WebApi service will be consumed by a mobile app developed with phonegap. My phonegap app uses facebook and twitter for login and I have implemented that on the client perfectly.
I have created a SPA project form the visual studio template and I have tested the login process monitoring the HTTP requests with fiddler and chrome dev tools. I have tried the following requests using postman
GET: http://localhost:49577/api/Account/ExternalLogins?returnUrl=/&generateState=true
RESPONSE:
[{
"Name": "Facebook",
"Url": "/api/Account/ExternalLogin?provider=Facebook&response_type=token&client_id=self&redirect_uri=http%3A%2F%2Flocalhost%3A49577%2F&state=jpePf27F3ufkCCEldFdoOVMEGBGTEO1CrRdUQ3bHEP01",
"State": "jpePf27F3ufkCCEldFdoOVHSGBGTEO1CrRdUQ3bHEP01"
}]
and then I call
GET: http://localhost:49577/api/Account/ExternalLogin?provider=Facebook&response_type=token&client_id=self&redirect_uri=http%3A%2F%2Flocalhost%3A49577%2F&state=jpePf27F3ufkCCEldFdoOVMEGBGTEO1CrRdUQ3bHEP01
which calls GetExternalLogin method of AccountsController. This then returns an instance of ChallengeResult when the user isn't authenticated.
This is where I an stuck.
Q1: ChallengeResult forces a 301 redirect to facebook login page with some querystring parameters. I don't want this, I want it to give me the parameters but let me handle the logging in my ajax request. I have tried commenting out this line of code
Request.GetOwinContext().Authentication.Challenge(LoginProvider);
but I end up getting a 401 with nothing else, how can I control what the response from ChallegeResult?
Q2. Also, I cannot quite figure out what next from here, after I get an access token from facebook, what webapi end point should I call for instance if I have already obtained the access token, what should I be passing to it?
I have googled all day but I cannot find anything that answers my question. Any help would be appreciated.
Thanks
UPDATE:
Regarding Q2; I have figured out the next step and that's
GET: http://localhost:49164/signin-facebook?code=...&state=...
This returns another 302 which redirects to
http://localhost:49164/api/Account/ExternalLogin?provider=Facebook&response_type=token&client_id=self&redirect_uri=http%3A%2F%2Flocalhost%3A49164%2F&state=7oGPd37EA-nmtXPtYEQ40qnretDeKjbPEM1gNkb2DuM1
which in turn returns another 302 which then redirects to
http://localhost:49164/#access_token=...
So how do I handle all there redirects from a mobile non browser client?
UPDATE
I am trying to find the controller action that handles
http://localhost:49164/signin-facebook?code=...&state=...
Can anyone help?
UPDATE
I have since posting this question learned alot about the facebool login flow, which maybe I should have done before!
I still have one question but I have created a different question for that here to keep down the clutter
The answer to this question is a very detailed one. So to make it easier, I am going to point you to a sample which shows you how you can have a SPA app and connect different clients (phone, tablets etc) and login with Social logins such as Facebook etc
https://aspnet.codeplex.com/SourceControl/latest#Samples/WebApi/Todo/ReadMe.txt
I'm trying to write a new application using the Flattr REST-API version 1 (not the beta v2). The application acquires a request token at first, which seems to work properly. But I run into a problem authenticating the user. The link created for authentication looks like this:
https://api.flattr.com/oauth/authenticate?access_scope=read,click&oauth_token=MY_REQUEST_TOKEN
Clicking the link everything seems alright. Information about the application and the scope requested is shown, but clicking "Authenticate", there's no pin code, but the following error from https://flattr.com/apps/pincode/MY_REQUEST_TOKEN:
Something went wrong. Please try again
BUT now the Application IS in the authorized application list of the user though that doesn't really help if the user can't get the pin code...
The Application type is set to client. It's the first time I try to work with the API so I'm not sure if I miss anything important? Would be grateful for some help.
Just as an update: We finally changed to API v2. Getting Authorization for our application feels a bit clumsy, as we set the redirecturi to some webpage, where we display the returned code and let the user copy&paste it into our client application... we kind of made our own pincode-flow :/
If possible, please use the v2 api, which uses oauth2 + bearer token.
However, the new API doesn't support authentication using the pincode flow.
As stated by Maike this is probably a bug that has surfaced yet again :(
I'll create an internal bug ticket and try to get it fixed.
The pincode isn't a feature planned. You can use the oauth2 "implicit grant" to authenticate the resources owner. This isn't documented at the moment but is possible.
When you do the request to https://flattr.com/oauth/authorize you pass the response_type token instead of code. This will append a access_token fragment in your callback URL. In your http client it might be possible to catch the 302 from our server and parse the access_token from the fragment.
All this requires a http client in your application whom you can control the flow inside your app.