Coschedule / LinkedIn API - api

A client is using Coschedule to push updates to LinkedIn via their employees' profiles. They noticed recently that Coschedule is giving error messages when they try to push updates to employee pages. The Coschedule technical team did some digging and determined it's an issue with LinkedIn's API, which they believe may have been updated recently (?).
Errors started occurring a couple weeks ago, the app was previously running fine.
They are hoping for more information on LinkedIn's API / how to resolve this as soon as possible as it's generating multiple error message and error emails per employee per day.
Thanks!
Tia

The outage we saw a few weeks ago was due to LinkedIn depricating the version of OAuth we used to connect LinkedIn profiles/company pages to Calendars. We've since switched to OAuth2, and if your client or your team is still having issues and seeing authentication errors when trying to send out messages, we recommend doing a hard reset of those LinkedIn profiles: https://help.coschedule.com/hc/en-us/articles/216529237-Hard-Reauthentication-for-Social-Profiles-When-Auth-Token-Keeps-Failing#LinkedIn
Best practice is to use an incognito browser window as well.
If you're still getting stuck, reach out to our support channel (support#coschedule.com)and we would be happy to take a closer look!

Related

Pinterest GET v1/me/boards Started Returning Authorization Failed in Approved App

UPDATE: Pinterest support got back to me and confirmed that the Ver. 1 API is broken. Instead of fixing it they have offered to expedite my new app approval. I heard back from them quickly, but it's been almost a week now from submitting the materials they requested for the new app. I submitted them the same day they asked for them.
I'm having essentially the same problem that this user was:
Pinterest Authorization failed
This is an app that has been approved and working for years and we have started getting this error just in the last week when sending a GET request to https://api.pinterest.com/v1/me/boards:
{"status":"failure","code":3,"data":null,"message":"Authorization failed.","endpoint_name":"get_own_boards"}
In the header I of course have the access token, which I had just received from Pinterest successfully:
"Authorization: Bearer Ah-ObYMmQFc-(REDACTED)"
The other strange wrinkle is that when I try the same request but with the access token from the Pinterest user that owns our app on Pinterest it works as expected.
I know that this has been an issue previously, but I didn't see anyone reporting it currently. The other thing is that this endpoints are being deprecated, but the new ones are only in Beta. I have an application in for the new API, which I would love to switch to, but I don't know how long that will take. Can anyone please help with this?
I went through the approval process for V2 but they denied it. They are very strict. I don't think that a App gets approval if it's not from a known brand or company. So, say goodbye as a single dev to use the Pinterest API anymore.
I'm getting the same thing with one of my apps, it seems that they shut down version 1 before opening up version 2. I've had an app that has been working flawless a while now and stopped working a couple weeks ago.
As of right now, i had to create a new app in the version 2 of their system and waiting for approval. It's been about 2 weeks and of trying to get approval but still waiting.
Create a new app and reach out to support is my best bet, haven't found any documentation for their new API or any blogs related to it being deprecated.
Pinterest support got back to me and confirmed that the Ver. 1 API is broken. Instead of fixing it they have offered to expedite my new app approval. I heard back from them quickly, but it's been almost a week now from submitting the materials they requested for the new app. I submitted them the same day they asked for them.

Google OAuth restricted scope verification denied for wrong reason

We have an application that currently supports users integrating their Google accounts to allow us to index their Gmail, Google Drive and Google Calendar content. We use the Google OAuth process to ask for these permissions, and had gone through Google's verification process in the past to support this.
Recently, Google rolled out a new OAuth verification process for restricted scopes (which now include reading gmail and calendar). We've been engaged in completing the new process for weeks now, and they've been very slow to respond, and have even temporarily blocked us from authorizing new users. Our latest communication with them had them claiming that we were a "development" app and that we should submit for verification when we are in production. I responded to them saying that we are a production application, just have an invite-only process to let new users in, but have 1000s of users and are expecting to grow very quickly in the new few months. Given the amount of frustration their support has already caused me, I'd really like to get in touch with a real person there. Does anyone have any suggestions for how to get in touch them?
If anyone from Google is on this forum, I'd also love to get some help. This is holding up us letting in new users into our product.
Have already responded to the thread saying that we're a production app. Have also forwarded the thread to oauth-feedback#google.com.

Too frequent security alert from Google due to "Unrecognised device" on Angular 7 web app

I am developer and maintainer of an Angular web app which uses Google OAuth. This works normally.
Last week the app users (me including) started receiving standard Security alert emails from Google (no-reply#accounts.google.com) on a daily basis. The Email says "Appname was granted access to your Google account". This is of course bad signal to the users.
When clicked on "Check Activity" in the Email it always says:
Unrecognised device
X hours ago
Unknown (location)
This is the case for all users tested on many different devices and IPs.
Recently I have upgraded from Angular 5 to Angular 7 if that might help.
Also recently I noticed absolutely the same behaviour when I sign-in to Dropbox using a Gmail. The application I am responsible for is not storing session data for privacy reasons so the users are asked to Sign-in with Google every time they want to use the app. I noticed this behaviour just a week ago (devices and locations not recognised) by Google.
The google group (https://groups.google.com/forum/#!forum/oauth2-dev) redirected me to Stackoverflow. Any help is much appreciated! :)
We are sending notifications to users when they approve certain scopes. That list is expanding and more apps will see the notification.
Thanks for the feedback. Looks like the unrecognized device was an issue and we have rolled back that experiment.
Ideally an app should see the notification only once and for non basic scopes (basic scopes being email, profile etc).

LinkedIN Encounter error: Your application has not been authorized for the scope "r_basicprofile"

I was able to connect to the LinkedIn API for about two months and everything was correct. Was wondering if there has been any change to the API lately to block my app like so?
The app was in development stage and mostly 5 hits a day against their API.
It's not you, it's LinkedIn. See others complaining about the same issue: https://twitter.com/search?q=linkedin%20oauth

Migration token from AuthSub to OAuth2

Recently, AuthSub died...?
Is it possible to migration from session_token of Authsub to refresh_token of OAuth2 ?
Please tell me how to do it if possible.
Its still supported, but is failing for us as well (and others if search twitter for it). I'm wondering if Google is experience a technical issue with AuthSub or if they made a change (e.g. patch/release) earlier this week that is causing the issues?
We see it working for some Google accounts and fail for others - starting on Dec 10/11. So, its not impacting every Google account.
We are currently not capturing the outgoing requests to google. We are using the library gdata-calendar-1.0.jar to make google calendar api calls using AuthSub and the library is throwing an exception with the exception message "Unknown authorization header". This worked perfectly up until Dec 10/11th or so for all of our users.
What is strange is now the same calls do work for certain gmail accounts but not for others.
In our testing we are seeing that turning off the enhanced security in our web application results in the warning displayed to the user on the Google Authorization page but makes the connection work for the accounts that are failing.
Here are the api calls we are making:
AuthSubUtil.exchangeForSessionToken to connect to the google account
CalendarService.query to get events
CalendarService.insert to insert events in calendar
CalendarService.getFeed to get the calendars
AuthSub is still supported by Google as per Google's deprecation policy.
As for a migration path to OAuth2, currently there is none.