Where to use the API authorisation key in this API? - api

I am working with the following api:
https://www.football-data.org/documentation/api
I have gotten myself an api key and I tried to make the example request:
https://api.football-data.org/v2/teams/86/matches?status=SCHEDULED
of course I get the error
{"message":"The resource you are looking for is restricted. Please pass a valid API token and check your subscription for permission.","errorCode":403}
So the question is, is how do I give the website my api key to allow me to make these requests?
Looking at the python snippet they create a dictionary with the the api key as a value and pass that to the request. How can I make this in my browser?
I tried
https://api.football-data.org/v2/teams/86/matches?status=SCHEDULED&%22X-Auth-Token%22=%22MYAPIKEY%22
and it did not work.

You are passing your API key as a query parameter, which is not in line with the API specification.
The API needs the key as an HTTP header. You cannot easily do that in a web browser. I'd suggest getting something like Postman or to do it on the command-line:
curl -i -H "X-Auth-Token: MYAPIKEY" "https://api.football-data.org/v2/teams/86/matches?status=SCHEDULED"

You might have figured it out by now, but I am dropping this for anyone else looking on how to do it in Python:
import requests
from pprint import pprint
token = "" # Write the api key emailed to you here
headers = {
'X-Auth-Token': token,
}
r = requests.get('http://api.football-data.org/v2/competitions/EC/teams', headers=headers).json()
pprint(r, indent=2, depth=1, compact=True)

If you're using postman like #Jakob Löhnertz suggested.
You want to first enter the api
Then go over to the Headers tab, put in "X-Auth-Token" as your Key and your unique API token as your value. Hit send and you should be all good.
Finally, be sure to go through here to see the list of available competitions for a free account.

Related

How to define API Key in google apis explorer?

I am just testing out the Google Sheets API at:
https://developers.google.com/sheets/api/reference/rest/v4/spreadsheets.values/append
I'm using the Try this API section to fill in the request parameters and execute the request (appending a row to a sheet).
I have followed Step 1 here:
https://developers.google.com/sheets/api/quickstart/js
In order to:
Enable Google Sheets API
Create an API Key
I therefore have:
Client ID
Client Secret
API Key
In the Try this API > Credentials section, there are two checkboxes:
Google OAuth 2.0
API key
I tried to uncheck the Google OAuth 2.0 option so that i could just make the request using the API Key - however I cannot see where I can enter the API Key.
How can I define the API Key in the Try this API section so that I can make a request with only the API Key (and not Google OAuth 2.0 ).
How about this answer?
Issue and workaround:
Unfortunately, in the current stage, "Try this API" cannot be directly used by manually inputting the API key and access token. But in this case, there is a workaround. Please see the below figure.
This is the window of "Try this API". When you see this, you can see the clickable square box at the upper right as shown in the figure. Please click it. By this, you can see the expanded "Try this API" as following figure.
Here, please input the required parameters you want to use. By this, you can see the curl sample as follows.
curl --request POST \
'https://sheets.googleapis.com/v4/spreadsheets/SPREADSHEETID/values/RANGE:append?valueInputOption=USER_ENTERED&key=[YOUR_API_KEY]' \
--header 'Authorization: Bearer [YOUR_ACCESS_TOKEN]' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{"values":[["sample value"]]}' \
--compressed
By using this command, you can use the API by manually inputting the API key and access token.
But, here, there is an important point. At Google API, the API key cannot be used for the method except for GET method. The API key can use only GET method for the publicly shared contents. Please be careful this. So when you want to use "Method: spreadsheets.values.append" in Sheets API by manually inputting the API key and the access token, please use the access token. Because this method uses the POST method. By this, you can test the API. Also, you can see the required scopes at the official document.
By the way, when you want to use only the API key, you are not required to use --header 'Authorization: Bearer [YOUR_ACCESS_TOKEN]'. And also, when you want to use only the access token, you are not required to use &key=[YOUR_API_KEY].
At the expanded "Try this API", you can also see HTTP request and the sample script of Javascript there.
Note:
When you want to request the Sheets API using the API key, please publicly share the Spreadsheet. By this, the value can be retrieved using the GET method like "Method: spreadsheets.values.get", "Method: spreadsheets.get" and so on.
When you want to see the method for retrieving the access token, you can see it at the official documents like here, here.
Reference:
Method: spreadsheets.values.append
I think the correct answer to this question is: It is not possible to use the API Explorer to actually send a request to a Google API if that API requires any sort of API key. The Explorer appears to be for creating requests that you then copy and use in your code. There does not appear to be any way to add the API key (or anything else) directly to the Explorer interface.
This all begs the question of why the Explorer has an "EXECUTE" button if you cannot execute anything (except perhaps API requests that do not require any sort of access credentials).
It is bizarre. I would love to be proven wrong, but I don't think I am.

Survey Monkey API- Getting Long Lived Access Token

I am currently unable to figure out how to obtain my long-lived access token so I can create an API data feed from Survey Monkey to Alteryx.
Thus far I have been able to:
1) Go to the OAUTH page
https ://api.surveymonkey.net/oauth/authorize?redirect_uri=https:// www.surveymonkey.com&client_id=[MY-CLIENT-ID]&response_type=code
2) Authenticate access (I am not a robot: reCAPTCHA)
3) Get the Authentication Response with the short-lived code
https: //www. surveymonkey.com/home/?code=[CODE-FROM-RESPONSE]
4) Got stuck
From: https://developer.surveymonkey.com/docs/guides/oauth-guide/
To make the exchange, simply create a form-encoded ( Content-Type: application/x-www-form-urlencoded) HTTP POST request to https://api.surveymonkey.net/oauth/token?api_key=YOUR_API_KEY with the following encoded form fields: client_secret, code, redirect_uri and grant_type. The grant type must be set to "authorization_code".
This is not a "simply" for me, and would really appreciate the expression so I can enter that into my browser so I can retrieve my long-lived access token.
End goal is that I am using Alteryx to pull in the Survey Monkey data via API and creating a blended data set with additional system data. The combined data set will then feed a Tableau Dashboard. I'm sure it is a long-shot, but if anyone has an Alteryx workflow for Survey Monkey API that would solve all of my issues at once.
Thank you in advance for your insights/ guidance.
With gratitude,
Drew
(Note- I added spaces to a few of the links, as I do not have 10 reputation points; yet).
There is an example cURL request at the side of the docs here. You need to make a POST request to /oauth/token. It'll look something like this:
curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -d 'code=<code>&client_id=<client_id>&client_secret=<client_secret>&redirect_uri=<redirect_uri>&grant_type=authorization_code' "https://api.surveymonkey.net/oauth/token"
Filling in the values in <>. Or in Python, something like this should work:
import requests
url = "https://api.surveymonkey.net/oauth/token"
payload = {
"code": "<code>",
"client_id": "<client_id>",
"client_secret": "<client_secret>",
"redirect_uri": "<redirect_uri>",
"grant_type": "authorization_code"
}
headers = {
'content-type': "application/x-www-form-urlencoded"
}
response = requests.request("POST", url, data=payload, headers=headers)
I'm pretty sure the requests library will automatically convert the body to the right type, but if not payload just looks like URL params:
payload = "code=<code>&client_id=<client_id>&client_secret=<client_secret>&redirect_uri=<redirect_uri>&grant_type=authorization_code"
Essentially though, you just need to make a POST request to /oauth/token with the payload provided above (code, client_id, client_secret, redirect_uri, and grant_type). The main confusing part is you can't send in a JSON body, it has to be a form body that looks like my example above.
Hope that helps.
You should be able to take the response that General Kandalaft has provided and enter each of those into the Download Tool in Alteryx. Create a field for each of client id, client secret, code, redirect_uri & grant_type and then tick those fields on the Payload Tab.
Set the HTTP Action to POST on the same tab.
There are also some examples of Oauth processes on the Alteryx Community and Gallery.
In general, when converting cURL requests to the Download Tool, -d/-F will be payload tab and -H of course will be Headers tab. form encoded etc is normally correct already and only needs to be added/changed very occasionally.
As another note, if you can't figure out the conversion of a cURL request or it's more complicated (i.e. attaching a PEM file to the call), you will find a copy of cURL in your Alteryx install directory and you can use the Run Command Tool to run that.
Kane

To integrate with Silverpop

Can anyone guide how to integrate with Silverpop, using OAuth(tokens)?
I referred this link
connecting to web api using c#
and I was able to get access token. After this I don't know how to proceed.
Thanks.
Take a look at my github repo:
https://github.com/marcelluseasley/IBM-Marketing-Cloud-XML-API-Wrapper
It isn't finished, but I started working on an XML API wrapper for the Silverpop API. First of all, if you are trying to integrate with the API, you should be able to contact client support and get a copy of the API PDF.
In any case, you should have a client id, client secret, and refresh token. You will need these three things along with a header value of "refresh_token" for the "grant_type" header key.
So you will first sent a post to https://api(pod number).silverpop.com/oauth/token . This will return an access token in a json dictionary ("access_token").
Any subsequent calls made to the API endpoint (https://api(pod number).silverpop.com/XMLAPI will require that you pass this access token in the header section of your request:
"Authorization:" would be the header key and
"Bearer: (access token)" would be the header value
Looking at my code will make it clearer if you are using Python. Your best bet is to get a copy of the API documentation. You have to be a Silverpop client to get a copy though.
Good luck.
Check the follwing:
http://www.codeproject.com/Articles/758362/SilverPop-Integration
Follow the step by step guide.

Tumblr API - OAuth issues: OAuth verifier and RESTConsole

Trying to obtain blog followers using Tumblr's API and RESTConsole in Chrome (not building an app, just want to check a request response).
I'm new to Tumblr's API and to RESTConsole, so two sources of possible error here.
I've already ...
Registered an app on Tumblr, receiving OAuth Consumer Key and Secret Key in the process.
Entered into REST Console my target: http://api.tumblr.com/v2/blog/{blogname}.tumblr.com/followers
Entered into REST Console's "Setup oAuth" window my OAuth Consumer Key and Secret Key, along with Tumblr's Request Token URL, Access Token URL and Authorize URL.
Approved read/write access to my application when prompted by Tumblr.
Entered the provided Token Key and Token Secret into REST Console's oAuth window.
When I attempt GET requests for follower counts (on my own blog or others'), Tumblr returns 401, "Not Authorized." My blog's preferences page lists the application I'm trying to use as having access.
I've tried this placing base-hostname:{blogname}.tumblr.com in REST Console's request parameters fields; I receive the same error. I tried running a different OAuth method from Tumblr's API (queued posts) and receive the same error.
Help?
Thanks. Let me know if this isn't clear.
Edit: Sorry, meant to add -- I think I may need Oauth Verifier. I haven't been able to find this token, or understand how to obtain it.
Edit (2): So, turns out Tumblr's API needs a comma separator from the REST Console. Thanks all.
''
Zack
$conskey = "CONSUMER KEY";
$conssec = "CONSUMER SECRET";
$tumblr_blog = "myblog.tumblr.com";
$to_be_posted = "This is the text to be posted";
$oauth = new OAuth($conskey,$conssec);
$oauth->fetch("http://api.tumblr.com/v2/user/following", array('offset'=>0) ,OAUTH_HTTP_METHOD_GET);
$result = json_decode($oauth->getLastResponse());
foreach($result->response->blogs as $key){
echo $key->url;
}
The code above will retrieve your followers list.
Hope this helps.

Flickr API: API key keeps getting invalid?

I’ve a Flickr which I’m using to upload pictures from my phone and all images are public. On my blog I want to retrieve all the images to show and for that I’ve first tried to create an application to get my API key. I’m using the Flickr API flickr.people.getPublicPhotos. This API service is said to not require authentication and putting it all together I end up with this call:
http://api.flickr.com/services/rest/?method=flickr.people.getPublicPhotos&api_key=fc94274cd0335f3c171fe22c8490b7d9&user_id=5545356%40N04&extras=description%2Cdate_upload%2Cdate_taken%2Cowner_name%2Coriginal_format%2Ctags%2C+o_dims%2C+views%2C+media%2C+path_alias%2C+url_sq%2C+url_t%2C+url_s%2C+url_q%2C+url_m%2C+url_n%2C+url_z%2C+url_c%2C+url_l%2C+url_o&per_page=40&format=php_serial&api_sig=0c48e2b6b6d9a03521e5ca86a15cf471
The problem is that every around 10 hours I fails and returns the error message a:3:{s:4:"stat";s:4:"fail";s:4:"code";i:100;s:7:"message";s:31:"Invalid API Key (Key not found)";}
I tried to create the API call when logged in to Flickr and also with not logging in and in both cases I get the error message. It’s like the API key expires or stops working. Have a missed something on Flickr about the API key or what could cause this? It is really frustrating to renew the URL twice at day.
Thank you
Sincere
- Mestika
If I read the docs correctly, the &api_sig query string parameter is constructed using an authentication token, one that eventually expires. Remove that parameter (= do not sign your API request) and I think you'll be OK.
Mestika's comment seems correct. I was getting the same problem when using the API explorer. If you use your accounts API, or go in and create a new app, then use the API given for that, then the key doesn't change every few hours.
The url to request a key is:
http://www.flickr.com/services/apps/create/apply
I got the same problem.
This is how i solved it:
removed the auth_token and the api_sig parameters
replaced the api_key value with an app key
Hope this helps.
i met this issue before. with new api key, only accept https request.
Let's change your url to: https://api.flickr.com/services/rest/?method=flickr.people.getPublicPhotos&api_key.....
I am sure it will be work right know.
thanks