I am unable to obtain a LinkedIn Access Token. My setup is as follows:
I have setup an app on LI with this redirect URL http://localhost:5000/home
I request authorization from LI and get a response with the 'code'.
In under 10 seconds, I copy the code query param out of the URL bar and paste it into Postman.
In Postman, I have a setup as follows:
POST /oauth/v2/accessToken HTTP/1.1
Host: www.linkedin.com
Content-Type: application/x-www-form-urlencoded
grant_type=authorization_code&
client_id=<client id>&
client_secret=<client secret>&
redirect_uri=http%3A%2F%2Flocalhost%3A5000%2Fhome&
code=AQSbUzcWwSk_3sqQfusRZWEa4tZqU_x4fSQKub9c3eoeCzZwNO2ZH8uAzJc-T0T40WRv6qNxNpCDxckEjuXHqb56ZhKQqReB5mDjm1kZrCrLlBBYhzyymF5oRzwNgObylJukUVQ_0OiSuE0W0RQ
I have made multiple attempts but in response, I get the following error.
{"error":"invalid_request","error_description":"Unable to retrieve access token: appid/redirect uri/code verifier does not match authorization code. Or authorization code expired. Or external member binding exists"}
We have a LI login deployment that suddenly stopped working and started returning this error. On simplifying the use case, I find that Postman does the same.
What gives? What am I doing wrong? This used to work!
Related
I am trying to integrate a third party API. I was provided with a username and password.
When I use Postman to send a post request to the login webpage; the request header contains a postman token:
Postman-Token: vvvvvvvvv-wwwww-xxxx-yyyy-zzzzzzzzzz //this is not the real value
If I supply the postman token to every request after the login request (as shown below) then everything still works as expected:
If I access the api through my webpage, then everything also works as expected. My questions are:
What is the Postman token? I have looked already here: https://stackoverflow.com/questions/36883046/what-is-the-postman-token-header-attribute-in-generated-code-from-postman#:~:text=1%20Answer&text=This%20is%20primarily%20used%20to,random%20token%20avoids%20this%20issue.
What is the alternative to the Postman token when accessing the API though a webpage. I can see no token in the request when looking at it using Fiddler. Were is the bearer token in Fiddler?
Postman Token :
So it is just a custom header to track and debug postman requests in the receiving server
It doesn't do any authorization
Why no token in fiddler:
Because you haven't added it . You can add any custom header to the request you are sending
Why it works when used as bearer token
Because in your login call your session is cached . So for subsequent requests it is using cached session
To close the session , update the Connection header from keep-alive to close
Try setting second request to no auth:
and see if the request is still successful to confirm you are using cached session
I am attempting to rewrite a client app that currently connects to Dynamics 365 using JavaScript
let URL = "https://<company-name>.operations.dynamics.com/data/FinancialDimensionValues?cross-company=true";
let body = '';
var headers = {'Content-Type':'application/json'};
let response = ai.https.authorizedRequest(URL, 'GET', body, headers);
Currently this JavaScript application works and gets back JSON data. I am attempting to rewrite this application using C#. I am first starting with Postman to make sure I have all the authentication steps in place before moving on the writing the C# code.
Using Postman I am able to successfully obtain a JWT token using the "Client Credentials" flow where I pass the Client ID and the Client Secret to the Access Token Request URL. However, when trying to access an API endpoint within Dynamics 365 I receive back an HTTP 401 even though I am passing the JWT access token properly.
Here is the Access Token Request URL:
https://login.microsoftonline.com/722b0db7-9629-4304-92a0-dfb4a1debe62/oauth2/token?resource=https://<company-domain-here>.dynamics.com
I am thinking that I must be authenticating properly or I would not get back a valid access token. Also since the JavaScript application already in place works without issue I am assuming that Dynamics 365 is provisioned properly to allow API access.
What I am trying to figure out is what I might be doing wrong within Postman that results in my receiving a 401? What could be different between the working JavaScript request and what I am sending via Postman?
Issue is finally solved.
As mentioned follow the documentation mentioned.
If you face 401 Error, here is the last trick.
In postman Under Authorization--> Add authorization data to--> select Request Headers.
Now fire the query you shall have the 200 ok.
Ref Article which helped me figure it out.
I am trying QlikSense REST connector for connecting HubSpot's API. Following are the parameters I am using in REST connector as per HubSpot's documentation to generate access token:
method: POST
URL: https://api.hubapi.com/oauth/v1/token
authentication schema: Basic
skip server certificate validation: checked
:: query parameters ::
grant_type = authorization_code
client_id = xxxxxxxxxxxxxxxxxxxxxx
client_secret = xxxxxxxxxxxxxxxxxxxx
redirect_uri = https://www.example.com/
code = xxxxxxxxxxxxxxxxxxxxxxxx (this is the same code i got after authorizing the access to my app using this [https://app.hubspot.com/oauth/authorize?client_id=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx&scope=contacts%20automation&redirect_uri=https://www.example.com/] )
Content-Type = application/x-www-form-urlencoded;charset=utf-8
Now here's what the problem is :
When I use a totally refreshed code = xxxxxxxxxxxxxxxxxxxxxxxx for the first time and hit Test Connection on Qliksense REST window dialogue, I get connection successful but when I try to save that connection I get the following error
Now from this error, at first I thought maybe my auth_code has expired but when I do the same exercise again (getting a refresh AUTH_CODE), it (QlikSense) does the same thing i.e. at first tell me connection is successful and when I try to save it I again bump into the BAD_AUTH_CODE or error 400 (Bad Request).
F.Y.I. I have tested the API with the same parameters and setting in Postman, works like a charm but not here in QlikSense.
Any idea what's going on in here? I am sure it's not HubSpot it's something to do with the REST connector.
query parameters like "Content-Type" should be headers not query
Once you get the Access Token it should be passed to the API as a Header, not a parameter, as 'Authorization': 'Bearer {ACCESS_TOKEN}'
Today I have a problem with the resumable upload feature of OneDrive via the Microsoft Graph API, as described here. I have integration tests which previously worked, which now fail.
I successfully call createUploadSession and get an uploadUrl to use. I've replaced actual tokens with "XXX" here.
POST https://graph.microsoft.com/V1.0/groups/273c2c33-8533-445d-ae65-4b63be296995/drive/root:/c2fa1a83-74f3-444b-9263-c9539ee3eae2.txt:/createUploadSession HTTP/1.1
Authorization: Bearer XXX
{
"item": {
"#microsoft.graph.conflictBehaviour": "replace"
}
}
Response:
{
"#odata.context": "https://graph.microsoft.com/V1.0/$metadata#microsoft.graph.uploadSession",
"expirationDateTime": "2017-04-27T11:07:50.5650598Z",
"nextExpectedRanges": ["0-"],
"uploadUrl": "https://sageglodbizp.sharepoint.com/sites/SharePointTests/_api/v2.0/drive/items/01LQXPMG56Y2GOVW7725BZO354PWSELRRZ/uploadSession?guid='9d14ed72-e532-442e-94e8-70952b365527'&path='~tmp0B_c2fa1a83-74f3-444b-9263-c9539ee3eae2.txt'&overwrite=True&rename=False&access_token=XXX"
}
So the uploadUrl is there. Then, I try to PUT a chunk to this url but get a 401 Unauthorized in response:
PUT https://sageglodbizp.sharepoint.com/sites/SharePointTests/_api/v2.0/drive/items/01LQXPMG56Y2GOVW7725BZO354PWSELRRZ/uploadSession?guid='9d14ed72-e532-442e-94e8-70952b365527'&path='~tmp0B_c2fa1a83-74f3-444b-9263-c9539ee3eae2.txt'&overwrite=True&rename=False&access_token=XXX HTTP/1.1
Authorization: Bearer XXX
Response
HTTP/1.1 401 Unauthorized
As I'm using the URL provided by the Graph API, I believe this to be a bug. I'm passing the same bearer token to the second call as the first (I've also tried it with no access token, given that one is in the URL).
I have tried this with two different Office 365 tenants, both with the same result.
This has previously worked. Any thoughts on why this has stopped working? Is it correct that the uploadUrl points to my SharePoint endpoint rather than the Graph API?
I should also add, a non-resumable upload directly to the Graph API works fine.
Any suggestions most welcome.
EDIT:
This seems to be affected by the length of the filename to which you upload:
myfile-123100000000000000000000000.txt works successfully
myfile-1231000000000000000000000000.txt fails
This was confirmed as a bug by Microsoft and fixed on Saturday 29 / Sunday 30 April 2017.
Per the documentation:
Including the Authorization header when issuing the PUT call may result in a HTTP 401 Unauthoized response. The Authoization header and bearer token should only be sent when issueing the POST during the first step. It should be not be included when issueing the PUT.
If you remove the Authorization: Bearer XXX header from your PUT call should resolve this issue.
Hey guys I ran into a weird issue with trying to use the Yammer API's Download URL.
Since this is an API call, you would think that you could just append your users
access token to the end of the API URI to initiate a direct download of the file,
but it seems that this will lead to a 401 Unauthorized when trying to actually use it?
My api urls are set up as so
https://www.yammer.com/domain.com/api/v1/uploaded_files/{file_number}/version/{version_number}/download/somepdf.pdf?access_token={access_token}
Does anyone know why this does not work?
?access_token={access_token} will not work the token should be in the http header and not the url after authentication.
If you are trying to access Yammer programmatically from an application be aware of the following:
Around December 2013 Yammer has slightly modified the authentication process.
By then the access_token could be part of the URL as described in the question.
Calling the API with the old code results in a HTTP 401 error. By now it is important to transport a Bearer Token in the HTTP Request like this:
GET /api/v1/messages/following.json HTTP/1.1
Host: www.yammer.com
Authorization: Bearer abcDefGhi
abcDefGhi is the token gathered after the oauth authorization.
Source:
http://developer.yammer.com/authentication/