When a user with NOPRICING role (not allowed to purchase) signs in, an error shows with the following message: "You are not authorized to perform this action. Please contact your administrator if you think this is a mistake." it happens when user is redirected to the landing page. even though MiniCart component is not provided for the user from the back-end, still the below call is made when user logs in.
The api call:
https://OCC_ENDPOINT/v2/SITE_CONTEXT/users/current/carts?fields=carts
The error message:
{ "errors" : [ { "message" : "Access is denied", "type" : "ForbiddenError" } ] }
can you please help me to stop above call on the landing page? alternatively does anyone know a reference on where initial calls on the landing page are made from so I can customize it for a NOPRICING user?
Related
I need to test with PostMan the API
https://learn.microsoft.com/en-us/graph/api/application-post-onlinemeetings?view=graph-rest-1.0&tabs=http
But always return 403...
{
"error": {
"code": "Forbidden",
"message": "",
"innerError": {
"request-id": "76cf26ec-0be3-4b51-a8a8-5c70d71e426c",
"date": "2020-05-25T15:38:50"
}
}
}
I have follow this articole to setup postman microsoft article and all work very well, except this API, and I don't understand why
For this problem, it was caused by the app doesn't have permission to create online meeting. When you click the "Get User Access token" in your postman, it will get the access token which includes the permissions you added to the app before. If you want to test the create online meeting api, you need to go to azure portal and add appropriate permissions for it. Please refer to the steps below:
1. Go to azure portal and click "Azure Active Directory" --> "App registrations" --> "All applications". Search the app by the ClientID which you set in your postman for the graph environment.
2. In you registration app, click "API permissions" and add the OnlineMeetings.ReadWrite permission for it.
After add the OnlineMeetings.ReadWrite permission, don't forget grant admin consent for it.
3. Now you need to get the user access token again in your postman, please click "Get User Access Token" in your postman. You can check the permissions by copy the access token to this page, it will parse the access token and you can check if the token contains the OnlineMeetings.ReadWrite permission.(As add the permission to access token requires a few minutes, so you'd better parse the access token to check if it contains the permission)
4. Then you can test this api in your postman (below I provide a create online meeting sample for your reference).
I have a project in Google Cloud Platform that uses OAuth 2.0 and a few scopes from Google. All was working well until recently when I noticed my users were seeing "App is not verified" when logging in with Google.
Visiting the OAuth consent form at https://console.cloud.google.com/apis/credentials/consent, I could see that it wanted me to enter new privacy and terms & conditions URLs, which I did. But clicking on Submit For Verification and going through the subsequent popup resulted in no feedback.
Looking in devtools, I could see that the call to the submitReview endpoint was resulting in this:
{
"error": {
"code": 400,
"message": "Request contains an invalid argument.",
"status": "INVALID_ARGUMENT"
}
}
The request body sent by the Google form was:
{"brandId":"XXXXXXXXXXXXXX","scopeRationale":"My rationale was here","additionalInfo":"","contactEmail":"email#domain.com","pendingScopes":[]}
Note that pendingScopes was actually empty (I'm not requesting any new scopes).
Any ideas?
If you've never been to the new OAuth consent screen configuration before, you need to add all the scopes your app is requesting: https://support.google.com/cloud/answer/6158849?hl=en#userconsent
I'm trying to access user contacts via the RingCentral API using password authentication of a Super Admin. I've given the app Contacts and ReadContacts permissions, but when I try to access the contacts list of a specific extension, I get this error:
"errorCode" : "CMN-408",
"message" : "[ReadPersonalContacts] permission required",
"errors" : [ {
"errorCode" : "CMN-408",
"message" : "[ReadPersonalContacts] permission required",
"permissionName" : "ReadPersonalContacts"
} ],
"permissionName" : "ReadPersonalContacts"
That specific permission isn't an option in the API Developer settings panel. Any idea how to give my app that permission?
Ben,
This error is related to user permissions rather than app permissions.
The reason you're getting this error is that you are trying to access the personal contacts of the extension user. Only the extension users can access their own personal contacts.
We have created a ticket to fix the error message and show a more appropriate message.
Thanks,
Pawan Venugopal
Does the member login feature in IAV require any separate settings to be enabled?
I was able to do a CoBrandlogin. Using the session token from cobrand when I try to do a member login, I am getting "Invalid User Credentials"
This is rest call is
https://rest.developer.yodlee.com/services/srest/restserver/v1.0/authenticate/login?cobSessionToken=08062013_2:b186c6c4dcac974227f273b9bc6dfc91daa90e2cfbc9699501545013096ff19f60b0493528fe682b5f5be40db145cf983e739b5034df02b3c1b5cb8238ff1c29&login=sbMem#####1&password=sbMem#####1#123
and the error is
"Error": [
{
"errorDetail": "Invalid User Credentials"
}
]
I am using one of the 5 accounts from sandbox.
When I am try to do member login using the Yodlee API (for aggregate functions) it works but fails with the above error for IAV
Thanks,
Ravi.
Have you tired clicking on the "Account Verification" if the logins are setup correctly by Yodlee then you will see the login screens for banks.
For IAV we don't have to enable anything for User Login.
Can you please try again with the below mentioned data-
Request method: POST
URL: https://rest.developer.yodlee.com/services/srest/restserver/v1.0/authenticate/login
login: sbMem#####1
password: sbMem#####1#123
cobSessionToken: obtained cobrand session token.
Hope this helps.
Regards,
Krithik
As you can see, some Facebook games have custom page for "Didn't allow" user action. It shows when applicataion try to install and user click "Didn't allow"
f.e. - Cityville by Zynga - http://gyazo.com/6e398bfa6b803a23cfc36a32a6956e48.
How can I make the same page for my app?
If the user did not "allow" your application, he/she will be redirected (via HTTP 302) to the URL specified in the redirect_uri parameter that you specified in the authentication parameters with the following data :
http://YOUR_URL?error_reason=user_denied&
error=access_denied&error_description=The+user+denied+your+request.
All you have to do is handle this data and display the message that you want to the user.
This information (and a whole lot more) can be found in the facebook authentication documentation