Trello API: Getting invalid token on all calls - api

I have a weird situation, which I hope you can help with.
I am trying to setup a simple Trello application. What I do are the following:
I go to https://trello.com/app-key and get my KEY
I go to https://trello.com/1/authorize?expiration=never&name=SinglePurposeToken&key=MYKEY for a permanent server to server key
I authorize
I get a token
Now I'm ready, but then when I want to make a call such as:
https://api.trello.com/1/boards/BOARDID/actions/?limit=2&key=MYKEY&token=MYTOKEN
I get "invalid token".
Reason I post here on StackOverflow, and not Trello support, is because I assume there is something basic I am doing wrong!

I was wrong about step 2).
I should use this link instead:
https://trello.com/1/authorize?expiration=never&scope=read,write&response_type=token&name=APPNAME&key=KEY
This gave the working token. All is well!

Related

Invidious API create token

I try to use Invidious API with authenticated route. For this, i've generated new token with this URL : https://invidio.us/authorize_token?scopes=GET:preferences.
The response is like this : {"session":"v1:XXXXX","scopes":["GET:preferences"],"signature":"XXXX"}
But, the token generated (session) don't work. I try with simple GET on preferences route, and i've an error Request must be authenticated :(
Anyone have already use their API and work with auth route ?
Thank you !
I've actually been struggling with this the past week, and I even deployed a self hosted instance because I thought that would fix it... I was wrong of course.
Here's how the Authentication header should look like:
Authentication: {"session":"v1:XXXXX","scopes":["GET:preferences/*"],"signature":"XXXX"}
The full token is the json that is provided.
The scope needs to include a * or a specific identifier for example in the case of playlists as mentioned in the examples here . So your authorize_token request should look like:
https://invidio.us/authorize_token?scopes=GET:preferences*
or
https://invidio.us/authorize_token?scopes=GET:preferences/*.
If you want all scopes that would be :*. Make sure not to forget the colon.

Implementing OAuth2 with Socrata API

I'm implementing the Socrata API to be able to parse publicly-available data from the City of Chicago open data set. I am really just concerned about the data itself, so I did not initially think that I would need to implement OAuth2 through an app exposed via ngrok to be able to GET the data.
My initial attempt was to take the GET requests mentioned in their documentation and try to get responses through Postman.
Here's an example of such an attempt:
I also added my Socrata App Token as a param in the querystring, but the same message was shown.
So I tell myself, ok, maybe they deprecated GET requests without making the client go through OAuth2. If they didn't deprecate these GET requests, I would prefer not to have to deal with OAuth2, but I began implementing the authentication process and everything went successfully until I got to the following instructions found here:
I have every single value that needs to be included in that POST request except for 'authorization_type'. Where does this come from? I tried leaving 'authorization_type' in as a string, but received a response similar to the 'Invalid username or password' message in the top image in this question.
Are you only accessing public datasets from Chicago's data portal? From your screenshot it looks like you're trying to access the Building Permits dataset, which is public.
Authentication is only required for modifying datasets or accessing private data, so chances are very good you don't even need to authenticate. Just include an application token with your request for throttling purposes.
Glad to help you figure out your OAuth workflow, but it sounds like it might be unnecessary.

JIRA REST API to get work log - "You do not have the permission to see the specified issue"

I want to get work log of a specified issue on Jira. According to this document https://docs.atlassian.com/jira/REST/latest/#d2e774 I'm using this format giving my issue id:
/rest/api/2/issue/{issueIdOrKey}/worklog
Although I have logged in Jira, I got this error:
{"errorMessages":["You do not have the permission to see the specified issue.","Login Required"],"errors":{}}
Besides, I can see work log on Jira's interface. I don't think there is an permission constraint. Any help to solve?
You REST API request need to be authenticated. Please read Authentication paragraph (4th from the top): https://docs.atlassian.com/jira/REST/latest/
The easiest way is to use /rest/auth/1/session: https://docs.atlassian.com/jira/REST/latest/#d2e3737
I hit this issue when trying to use Cookie-Based authentication, I was following this guide from Atalassian; https://developer.atlassian.com/jiradev/jira-apis/jira-rest-apis/jira-rest-api-tutorials/jira-rest-api-example-cookie-based-authentication
The guide mentions the need for JSESSIONID but does not mention you'll also need to supply studio.crowd.tokenkey, really check what cookie elements you get back when you authenticate in case they change it again, and don't update documentation.
For my own sake I noted down all the code here.

Notification via open graph

I have a problem with adding notifications on Facebook.
According to:
https://developers.facebook.com/docs/reference/api/user/#notifications
I prepare request:
https://graph.facebook.com/FACEBOOK_USER_ID/notifications?template=hello&href=track_123&access_token=USER_ACCESS_TOKEN
but I get the response:
Sorry, something went wrong.
We're working on getting this fixed as soon as we can.
Is this request correct?
There is a slight problem in the above url , access token to be used is not of the user but of your app. First you need to get your app access_token by the use of the following get call.
GET https://graph.facebook.com/oauth/access_token?client_id=YOUR_APP_ID
&client_secret=YOUR_APP_SECRET
&&grant_type=client_credentials
This will return you app access token which you need to use in the above url.
Hopefully this will solve your problem.

Flickr API: API key keeps getting invalid?

I’ve a Flickr which I’m using to upload pictures from my phone and all images are public. On my blog I want to retrieve all the images to show and for that I’ve first tried to create an application to get my API key. I’m using the Flickr API flickr.people.getPublicPhotos. This API service is said to not require authentication and putting it all together I end up with this call:
http://api.flickr.com/services/rest/?method=flickr.people.getPublicPhotos&api_key=fc94274cd0335f3c171fe22c8490b7d9&user_id=5545356%40N04&extras=description%2Cdate_upload%2Cdate_taken%2Cowner_name%2Coriginal_format%2Ctags%2C+o_dims%2C+views%2C+media%2C+path_alias%2C+url_sq%2C+url_t%2C+url_s%2C+url_q%2C+url_m%2C+url_n%2C+url_z%2C+url_c%2C+url_l%2C+url_o&per_page=40&format=php_serial&api_sig=0c48e2b6b6d9a03521e5ca86a15cf471
The problem is that every around 10 hours I fails and returns the error message a:3:{s:4:"stat";s:4:"fail";s:4:"code";i:100;s:7:"message";s:31:"Invalid API Key (Key not found)";}
I tried to create the API call when logged in to Flickr and also with not logging in and in both cases I get the error message. It’s like the API key expires or stops working. Have a missed something on Flickr about the API key or what could cause this? It is really frustrating to renew the URL twice at day.
Thank you
Sincere
- Mestika
If I read the docs correctly, the &api_sig query string parameter is constructed using an authentication token, one that eventually expires. Remove that parameter (= do not sign your API request) and I think you'll be OK.
Mestika's comment seems correct. I was getting the same problem when using the API explorer. If you use your accounts API, or go in and create a new app, then use the API given for that, then the key doesn't change every few hours.
The url to request a key is:
http://www.flickr.com/services/apps/create/apply
I got the same problem.
This is how i solved it:
removed the auth_token and the api_sig parameters
replaced the api_key value with an app key
Hope this helps.
i met this issue before. with new api key, only accept https request.
Let's change your url to: https://api.flickr.com/services/rest/?method=flickr.people.getPublicPhotos&api_key.....
I am sure it will be work right know.
thanks