I'm trying to integrate my app with OneDrive. I'm following this tutorial: https://learn.microsoft.com/en-us/onedrive/developer/rest-api/getting-started/?view=odsp-graph-online For oauth I'm using Azure AD v2.0 endpoint.
To get the access token, I'm calling https://login.microsoftonline.com/common/oauth2/v2.0/token and it successfully answers with some json:
{ token_type: 'Bearer',
scope: 'onedrive.readwrite',
expires_in: 3600,
ext_expires_in: 3600,
access_token: '...',
refresh_token: '...' }
When using the access_token that I received to call https://graph.microsoft.com/v2.0/me/drive/root/delta, I get this response:
{
"error": {
"code": "InvalidAuthenticationToken",
"message": "CompactToken parsing failed with error code: 8004920A",
"innerError": {
"request-id": "5eda75b0-c2d5-467f-a728-8006490c00b2",
"date": "2019-08-19T15:56:10"
}
}
}
This error is pretty cryptic and for the life of me I can't work out why that token won't work with this endpoint. Can someone help?
Never mind -- needed to set the scope as files.readwrite.all instead of onedrive.readwrite
Related
regarding tapkey token exchange flow:
when exchanging access tokens through https://login.tapkey.com/connect/token api, I get error code 400 with error message invalid_grant
I am aware of a similar question and the solution in: Tapkey returns 400 bad request invalid_grant
My jwt token contains of the following:
Header:
{
"alg": "RS256"
}
Payload:
{
"algorithm": "RS256",
"audience": "local",
"iat": 1633339589,
"exp": 1633343189,
"issuer": "tapkey",
"subject": "myIpUserID1"
}
Before I make the API call I generate the jwt token with "iat": Time.now.to_i and "exp": Time.now_to_i + 3600, the call is done a few seconds later, manually.
Beforehand I created a IdentityProviderUser via API with the "IpID": "myIpUserID1", and got a success response with a new User-ID (ID).
I also tried to make the https://login.tapkey.com/connect/token api-call with "subject" to be set to that returned User-ID, but that gave me the same error message.
The payload field for the UserId is expected to be "sub" not "subject"
I am trying to create online meeting through https://graph.microsoft.com/beta/communications/onlineMeetings .
initially i got the 403 Forbidden error. then i give the Delegated and Application permissions(OnlineMeetings.ReadWrite,OnlineMeetings.ReadWrite.All) on my registered app on azure.then 403 error is gone and i got new error 400 bad request(Organizer.Identity.User.Id missing).
then i supply Online meeting post request as follows-:
{
"startDateTime":"2020-04-20T14:33:30.8546353-07:00",
"endDateTime":"2020-04-20T15:03:30.8566356-07:00",
"subject":"Application Token Meeting",
"participants": {
"organizer": {
"identity": {
"user": {
"id": "cb6d6636-1c9e-457c-b904-5da8265a8927"
}
}
}
}
}
again i got 403 Forbidden error.
i created user with the help of https://graph.microsoft.com/v1.0/users and https://graph.microsoft.com/beta/invitations.
user is created in my app on azure and i give the permission (User.ReadWrite.All, Directory.ReadWrite.All, Directory.AccessAsUser.All,User.ReadWrite.All, Directory.ReadWrite.All)
but error(403) did not change.
My question is that how to give user authorization in microsoft graph API.
The required permission is Delegated Permission: OnlineMeetings.ReadWrite. See reference here.
403 error means your access token doesn't include the required permission. You can add it like this:
Don't forget to click on "Grant admin consent for {your tenant}".
You should implement Get access on behalf of a user and get an access token to call /communications/onlineMeetings endpoint.
The http sample for your reference:
POST https://graph.microsoft.com/beta/communications/onlineMeetings
Content-Type: application/json
Authorization: Bearer {access token}
{
"startDateTime":"2019-09-09T14:33:30.8546353-07:00",
"endDateTime":"2019-09-09T15:03:30.8566356-07:00",
"subject":"Application Token Meeting",
"participants": {
"organizer": {
"identity": {
"user": {
"id": "550fae72-d251-43ec-868c-373732c2704f"
}
}
}
}
}
You can learn more details about Use the access token to call Microsoft Graph. Don't forget to put Authorization: Bearer {access token} in the request headers.
I am trying to translate some text using GCP translation service with REST api https://translation.googleapis.com/v3
I'm using API key auth method.
url and
Body
https://translation.googleapis.com/v3/projects/my-translator-1122333:translateText?key=thisismykey
{
"content": ["Hello"],
"sourceLanguageCode": "en",
"targetLanguageCode": "ru"
}
However I got
{
"error": {
"code": 401,
"message": "Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.",
"status": "UNAUTHENTICATED"
}
}
Could anyone explain me what is wrong I do?
Thanks
I am trying to run a test on the Google Cloud Vision API to see how it fares to the client side Shape Detection API.
I am hoping to POST JSON with a base64 encoded image and get image text and barcodes returned.
I have created a GCP project and API key per the tutorial at (https://cloud.google.com/vision/docs/before-you-begin), but am getting an 401 error when trying to make requests.
error: {code: 401,…}
code: 401
message: "Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project."
status: "UNAUTHENTICATED"
The request is written in Polymer 2.x as follows:
<iron-ajax id="googleApi"
body="[[request]]"
content-type="application/json"
handle-as="json"
headers$='{"Authorization": "Bearer [[GOOGLE_API_KEY]]"}'
last-response="{{response}}"
loading="{{loading}}"
method="post"
url="https://vision.googleapis.com/v1/images:annotate">
</iron-ajax>
...
GOOGLE_API_KEY: {
type: String,
value: 'AIza0101010110100101101010'
}
...
getRequest(image) {
let encoded = image.toString('base64');
this.request = {
"requests": [{
"image": {
"content": encoded
},
"features": [{
"type": "LABEL_DETECTION",
"maxResults": 1
}]
}]
};
let request = this.$.googleApi.generateRequest();
request.completes.then(req => {
console.log('submission complete');
console.log(this.response);
})
.catch(error => {
console.log(error);
})
}
How do I resolve this authentication error?
It is an account admin issue? Improperly formatted code?
The authorization header is not needed, so the request should be in the form of:
<iron-ajax id="googleApi"
body="[[request]]"
content-type="application/json"
handle-as="json"
last-response="{{response}}"
loading="{{loading}}"
method="post"
url="https://vision.googleapis.com/v1/images:annotate?key=[[GOOGLE_API_KEY]]">
</iron-ajax>
I a requesting an API to get response but it gives below some "JWT_TOKEN_MiSSING" response:
{
"response": {
"ids": "",
"time": 1505890122982,
"error": "JWT_TOKEN_MISSING",
"status": "failure"
}
}
API is: "https://www.viu.com/api/container/load?appid=viu_desktop&iid=9fa3fec0-9457-11e7-bee5-ed8c9b3d7f48®ionid=all&ver=1.0&aver=5.0&fmt=json&contentCountry=in&contentFlavour=telugu&languageid=en&platform=desktop&vuserid=viu-guest-9fa3fec0-9457-11e7-bee5-ed8c9b3d7f48&userid=guest-9fa3fec0-9457-11e7-bee5-ed8c9b3d7f48&ccode=IN&geo=2&id=playlist-24926470&start=0&limit=20&geofiltered=false"
I tried passing all the headers but no luck.
It seems that this API use JWT TOKEN or other tokens (such as HTTP BASIC AUTHENTICATION) to authenticate, you need to know this and add it to your request headers.