I'm getting a 403 when I try to post a message in teams via postman. It works via graph explorer with the same account. Clearly I have a permissions issue but I can't for the life of me find the right check box.
My app is registered and approved by admin. I got it approved by MS to make protected api calls as well for teams.
I can get a token on behalf of a user in postman, I can use that token to get the messages in a channel, but cannot post.
Here are the api permission:
Delegated Permissions
Related
I'm making a react-native app with the Spotify API, I'm using the Authorization Code Flow & and I'm on Development mode with only one user added in "Users and access" on my Spotify dashboard: my tester, who is a part of my Spotify Premium Duo.
The app is working fine on my part, but my tester can't see anything related to her account. The /me endpoint is sending a 403 error with this message in the body : User not registered in the Developer Dashboard. Top Tracks / Top Artists endpoints are working fine with her Access Token.
I can't see any email on her Spotify account, but can't change anything because it is linked to her Facebook account. I'm also logged in with my Facebook but it's working fine, and I can see my details when fetching the /me endpoint with my access token.
If you ever stumbled upon this kind of error, any help will be appreciated !
Thank you in advance,
You can see your info using the /me endpoint because you're the owner of the app and automatically registered in the project's dashboard.
In order to use the /me endpoint on other Spotify accounts you have to register them in the dashboard of your project under "Users and access" in the top right corner.
Once the user is registered, the /me should return a 200 response containing all the user's info.
This is probably due to the fact that you're app is in development mode.
The mail to use if the user is logged on Spotify via Facebook, is the Facebook one I'd say.
NOTE: You have to provide the user's real name to grant access: it's case sensitive.
Created a google project in Google Developer Console to have the necessary API credentials.
Configured OAuth2.0 API credentials in OAuth consent screen.
To get the Refresh token and Access token from https://developers.google.com/oauthplayground/
I got Authorization Error - 403 Access Denied when I tried to Authorize API
Authorization Error
Error 403: access_denied
The developer hasn’t given you access to this app. It’s currently being tested and it hasn’t been verified by Google. If you think you should have access, contact the developer (dummyemail#gmail.com).
Learn more
Any suggestions would be great.
Follow the following steps: -
Go to console screen
Select +Add Users
Enter your email in it.
Save it and you are good to go.
I am trying to authorize Sheets API v4 (including getting the credentials) through my webpage (let's suppose I have a button called "authorize google sheets"), so when anyone clicks that button they will be taken through the browser to authorize their google account (including creating credentials automatically), so that they do not have to go to console.developers.google.com/apis manually and create credentials.
Is there a way to do it or is there any way to not use credentials at all and authorize to sheets api?
I understand that you want to request some Sheets API operation to your webpage users. If that is the case, there is no need to access the users credentials. The users only need to login and approve your scopes for Google Servers to send you an authorization code to run the request. You can see a execution summary here:
First of all you would need to include the relevant OAuth 2.0 scopes in your server. Then you can ask users to login and consent your scopes. Here are the steps needed for asking for users approval, you could follow its examples as a guideline. Finally, you could use the generated tokens to call Sheets API. Please ask me any question if you have any doubt.
I have searched long and far for this on Google Identity documentation but my question seems to be out of it's scope (https://developers.google.com/identity/protocols/OAuth2).
This is what I have:
I have an app that is using Google's PHP Client library to authenticate a user via oAuth2. My application stores the retrieved token & refresh token from a user. I am able to use this token and refresh token to pull in information from various Google API's (Drive, Calendar, Mail, etc). I am also storing a cookie in browser to keep the user logged in to the application when the user closes the browser. I have created a simple way for users to login to the application via a QR code that matches up their stored token and refresh token. After the first login they are able to simply use a badge to login to the application.
This is what I want but don't know how to do
When a user logs into the application with their QR badge everything work perfectly (I am still able to pull in anything via the PHP Client Library/Google API's), however when a user goes to Gmail, Drive, or other Google service, Google is asking them to login (it's because they are not technically authenticated with accounts.google.com (only my application)). Is there a way to programmatically authenticate a user to accounts.google.com via a stored token/refresh token?
I was searching for a proper way to implement authentication of users with Google accounts into an app I'm developing. One thing led to another and I found this:
https://github.com/thephpleague/oauth2-google
They have a few implementations depending on how you may wish to implement OAuth2 (via separate repositories). I believe this directly answers your question, albeit 3.4 years later. Hopefully it will help someone else who is looking for this info.
Twitter API allows to update "the authenticating user’s current status", as explained in the documentation page.
What I'd like to achieve instead is to update another user's current status. Consider a magazine's twitter account. I'd like different people to be able to update the magazine's status. Tweetdeck allows this, but it also allows a whole lot of other things like access to Direct Messages. I only want to provide certain authenticated users an interface (similar to Twitter's post-a-tweet interface) to post status and images to the shared account.
I could not find a simple explanation of how to use Twitter API to achieve the above functionality. Could someone please help?
If you have an app that implements the status update API and it is delivered to different people and they authorize the app with the magazine's twitter account, then the app will update that status. I can show an example also with code if this is what you're asking. However the main point is that, once a user has authorized the app, she/he doesn't need to be connected with the shared login any longer because the app will do that on the magazine's behalf.
BTW, similar question here: Twitter API: post on behalf of whom?
Edit
Just to summarize the comments:
The standard OAuth authentication requires the following main steps
1) to develop an app (registered with OAuth consumer key and secret) that implements the API update status 2) to install and authorize the app: during this step the onwer will be requested to enter the credentials of the passive account in a Twitter link opened with the browser, 3) then - after a fallback - the app will store the access token and any user of the app will be able to update the status without login
Once you have developed an app that can post tweets on behalf of a passive twitter account using the standard OAuth, you could make that functionality available to the authenticated users of a website.