When I try to log in to our mailgun account I get the error message
The CSRF session token is missing.
I cannot start a support ticket without logging in. When I try to recover our account, it leads to an invalid url.
Any suggestions? Can anyone put me through to the support desk of mailgun?
Thanks
wf51
Use Firefox. In Chrome and Safari I have the same problem, but Firefox works fine.
Works on Chrome 77.0.3865.90 but does not work on Firefox 60.9.0 for me. Just tried today
Related
when I try to login to my Heroku account, after I enter my 2FA code, I get the green 'checkmark' as usual, but afterwards I am greeted with a Salesforce error screen, saying 'Problem Approving Your Request'.
Error Message Salesforce
I have tried multiple times over the span of an hour, but I still get the same error...
Is it an issue on my side? or is something broken at Heroku?
Thanks
I got this exact problem when using Waterfox. I switched to Chrome and was able to log in. If you're using a non-tracking kind of browser that might be the problem.
There is problem, i keep encountering in cloudflare. It says - authentication error (code 10000) while logging to my cloudflare dashbord.
don't know why that's happen,but
i searched for that problem on google,ask cloudflare help center, but did't get any response till now. I tried clearing catch, restart my device again, but still getting that error.
could any one please help me know, why i'm getting this error and how could solve this authentication error code 10000 because i'm unable to logged into my cloudflare account, i ran website and manage all thing from their
You will need to assign the right permission to your user, that is trying to access cloudflare.
Here is their Api permissions doc:
https://developers.cloudflare.com/api/tokens/create/permissions/
Recently, my app's google signin stopped working by throwing 400 Error. We were earlier using the old oauth endpoints and I updated to the new v2 endpoints for auth/token and it doesn't seem to help as well.
Upon sending the Auth request (using WS url in Scala) with the required parameters, the ahc response gives back the following URL to redirect to
https://accounts.google.com/ServiceLogin?continue=https%3A%2F%2Faccounts.google.com%2Fsignin%2Foauth%2Flegacy%2Fconsent%3Fauthuser%3Dunknown%26XXXXXXXXXXXXXXXXX.......
Instead of taking to the prompt screen to login the above url redirects to this 400 error page
https://accounts.google.com/signin/oauth/legacy/consent?authuser=0&part=XXXXXXXXXXXXXXXXXX......
Any insights on this is much appreciated!
Thanks,
Baskaran
I'm not sure if it will help, you, but I've had something like that in this bug issue discussion, that lead me to this same https://accounts.google.com/signin/oauth/legacy/consent URL.
TL;DR: A MITM is using/destroying your request.
The application tried to open a link to Google Auth, the desktop captured the link and either mangled the data or did a preflight on that one-time URL, which expired it, and then it opened the browser.
See if something between you and the web is "proxying" your requests the wrong way.
I'm having trouble with Adobe Sign's OAuth authentication -- every time I try to get my access token with my Client ID and redirect URI, I get this message:
Unable to authorize access because the client configuration is invalid: invalid_request
This is the request that I have been making (with the proper substitution for REDIRECT and CLIENTID):
https://secure.echosign.com/public/oauth? redirect_uri=REDIRECT& response_type=code& client_id=CLIENTID& scope=user_login:self+agreement_send:account
I am fairly new to OAuth and don't understand what I'm doing wrong. Could someone please explain the issues that could result in this error message?
I was having the same problem. I solved it by including the correct shard in the URL after "secure." and before ".echosign". You identify your shard by looking at the URL where you created your application.
I found this information here.
Hope this helps.
Is OK to have spaces in that https request?
If you still have a problems with this.
I think your URL is not correct.
I using this one
https://secure.na2.echosign.com/public/embeddedWidget
for adobe widget.
Adobe require same url for OAuth
https://secure.na2.echosign.com/public/oauth
Check your domain, and try. You can create widget just to see your domain
This comment might get helpful for others who are facing issue in Adobe Sign access token invalid_request.
Developer Guide on Sign API: https://opensource.adobe.com/acrobat-sign/developer_guide/index.html
For the Outh process and the link to be used in user's browser:
https://secure.na1.adobesign.com/public/oauth/v2?redirect_uri=https://www.google.co.in&response_type=code&client_id=paste_your_client_id_here&scope=user_read:account
If any one using sandbox,
https://secure.na1.adobesignsandbox.com//public/oauth/v2?redirect_uri=https://www.google.co.in&response_type=code&client_id=paste_your_client_id_here&scope=user_read:account
Please ensure the correct environment identifier and shard. https://helpx.adobe.com/sign/using/identify-account-shard.html
https://helpx.adobe.com/sign/kb/unable-to-authorize-access-because-the-client-configuration-is-invalid-invalid-request-while-running-oauth-process.html
After pasting URL in browser and allowing the access to your API and getting code. Please use endpoint URL to get access token as below:
for developer account: https://api.na1.adobesign.com/oauth/v2/token
for sandbox account: https://api.na1.adobesignsandbox.com/oauth/v2/token
We have Google oauth2 working fine on our website. However, often Chrome users complaint about 400 Bad request and we were able to reproduce it now. Based on the investigation, it indeed looks like a bug on Google side:
It only happens with users who were authenticated earlier and logged-in with multiple accounts on GMail
It doesn't happen when the same user uses incognito window.
This problem is universal and not only with our website. At this moment, I am not able to login using google oauth2 on any website including StackOverflow. Stackoverflow site also gives the same 400 Bad request error and I have to use incognito.
No additional information is present along with 400 Bad Request Error
To further confirm, I just loaded https://accounts.google.com/o/oauth2/auth without any parameters and it also gave 400 Bad request. However, if I load it in incognito, it gives Error: invalid_request. So there is indeed different behavior.
So We suspected that the problem might be with cookies sent along with request since incognito window has no cookies. So we cleared all the cookies for domain accounts.google.com and problem magically solved. This confirms that Google side of code is not able to handle their own cookies.
We really need to solve this. Please help. Do let me know if you need any information.
This might be caused only for the clients that have multiple google accounts logged in as described here Google OAuth2 returns Bad Request when logged with multiple accounts.
It is not clear to me if is a google bug or a miss-use of the api. Anyway stackoverflow is affected as well.