When we request to google or any 3rd party API, in this return url we getting this type of code.
?code=4/rAERtRkfXf--
The server doesn't accept this type code and it's showing 403 forbidden Error.
When I am talking with server support they told me about the security issue and it's mod_security issue.
Can anybody help me to solve this type of issue?
Try doing str_replace('/','%2F',$your_url) before submitting it to the server
Related
I'm trying to retrieve the asset info from a specific collection using the asset endpoint.
Example:
https://api.opensea.io/api/v1/asset/0x1a92f7381b9f03921564a437210bb9396471050c/2000/?format=json
Now, if you open that on your browser, it works flawlessly, but on your app or postman it just gives a 403 error by CloudFlare.
This is not a 401 error and we shouldn't need an API key for this.
So what is going on and how do I fix this? Any ideas?
I am getting 403 Access Denied error for http://www.example.com/rest/api/customers in Magento 1.9.2.4. Everything in admin side rest & admin roles and resources are proper and set to "All". Though http://www.example.com/rest/api/products is working but not able to fetch customers and getting Access Denied.
I tried with other Magento version setups also in same server but all gives 403 Access Denied error for customers and working fine for products.
Server is using SUPHP. What could be solution?
Thanks
How are you making the calls? Is it a php script or are you using something like this? You need to give this detail to identify the erroe
How to use POSTMAN rest client with magento REST api with Oauth. How to get Token and Token Secret?
I have found this tutorial is great to pinpoint where the error are ie the parameters not being encoded with the url etc
I am trying to get access_token using the instructions here developers.google.com/accounts/docs/OAuth2InstalledApp (which I have followed very diligently) but keep hitting the redirect_uri_mismatch error. What am I doing wrong?
First I create a installed app/other using the console (
Client ID for native application
Client ID ...
Client secret ...
Redirect URIs
urn:ietf:wg:oauth:2.0:oob
local host url
Got the authorization code successfully using the browser using
https://
accounts.google.com/o/oauth2/auth?client_id=818722811109-8ak0a1l3ooqqt3bd97bktr33ghenlptk.apps.googleusercontent.com&redirect_uri=http://:51551/Callback&response_type=code&scope=https://www.googleapis.com/auth/adexchange.seller.readonly&access_type=offline
curl -d "code=...&client_id=...&client_secret=...&grant_type=authorization_code&redirect_uri=urn:ietf:wg:oauth:2.0:oob" -X POST https://
accounts.google.com/o/oauth2/token
gives me error "redirect_uri_mismatch"
I'm at a loss what I am doing wrong. I use the redirect_uri from the console which is for the non-domain one, but can't get past this error.
Any pointers would be appreciated.
Thanks.
http://:51551/Callback is not a valid redirect_uri, so the link you mentioned can not get authorization code. So I doubt that the authorization code you get in this way.
Use this one:
https://accounts.google.com/o/oauth2/auth?client_id=818722811109-8ak0a1l3ooqqt3bd97bktr33ghenlptk.apps.googleusercontent.com&redirect_uri=urn:ietf:wg:oauth:2.0:oob&response_type=code&scope=https://www.googleapis.com/auth/adexchange.seller.readonly&access_type=offline
Sorry the problem is not in code. stackoverflow does not allow localhost in urls, hence I had to delete that domain to get the post to go through. The code works fine after clicking the accept button I do see the code= in the redirect url in localhost.
The problem is in the curl POST.
I'm using python-instagram library to get access to instagram api. But when I run my app (flask rest api application), my auth method which use InstagramAPI and get_authorize_login_url method raise 500 error:
raise OAuth2AuthExchangeError("The server returned a non-200 response for URL %s %s %s" % (url, response['status'], content))
OAuth2AuthExchangeError: The server returned a non-200 response for URL https://api.instagram.com/oauth/authorize?scope=basic&redirect_uri=http%3A%2F%2Fsocialservice.test.5-soft.com%3A8515%2Finstagram%2Fauth&response_type=code&client_id=c5095d88cee14bac91a9341e6e82ff8f 500 Sorry, an error occurred while processing this request.
In my local machine it works without any problems but in the production server with different IP I've got this problem.
I would be very appreciative if someone can help to solve me this problem
Thanks in advance,
Ron
Please clarify:
In my local machine it works without any problems but in the production server with different IP I've got this problem.
How can you be performing authorization on your local machine? Instagram's API requires a public url for redirect_uri.
Next, I haven't found any evidence to verify this, but I don't believe you can specify a custom port in your callback url (you've provided http://socialservice.test.5-soft.com:8515/instagram/auth).
Last, assuming it's your callback server that is the problem, that error usually occurs when you aren't returning the correct response back to Instagram. The server needs to echo out only the value of the GET parameter code as plaintext.
If I browse to here: http://socialservice.test.5-soft.com:8515/instagram/auth?code=test I get no response, which is likely the cause of your error.
I am trying to authenticate my application using Blogger API but when user grant access to the application and blogger api return the token and the token i use to exchange the by sending the request on https://www.google.com/accounts/AuthSubSessionToken it return an error called Error 403 Invalid AuthSub Token. Kindly help me in this regard to debug the problem and solve it. Thanks in Advance
after doing some experiment, here it is some advice :
change secure to zero
https://www.google.com/accounts/AuthSubRequest?scope=https://gdata.youtube.com&session=1&secure=0&next=http://www.example.com
make sure you are requesting from http for and request in http again in future
https://www.google.com/accounts/AuthSubRequest?scope=http://gdata.youtube.com&session=1&secure=0&next=http://www.example.com
it's worked like a charm for me...