While refreshing the onedrive token before 5min of its expiry it is giving below error.
{
"error": "invalid_grant",
"error_description": "The user could not be authenticated or the grant is expired. The user must first sign in and if needed grant the client application access to the requested scope."
}
I am storing access token and refresh token in DB.
What could be the possible chance for this.
Thanks in advance.
Related
I am using laravel 8.40 and passport 10.3. I want to generate token without authorization. for that I have followed the laravel passport documentation. But when I try to generate token using the following sippent
grant_type:password
client_id:959f0346-0848-4aca-af63-ed77daba2561
client_secret:lLSI6Yg4RRh5ZaH00fAaVhcU9C5Zd8ITfe9XTO8H
username:admin#test.com
password:password
scope:*
though my credentials are correct I test on my web guard, I am getting this response
{
"error": "invalid_grant",
"error_description": "The user credentials were incorrect.",
"message": "The user credentials were incorrect."
}
Just replace
"grant_type":password
to
"grant_type":client_credentials
I used OAuth 2.0 Client Credentials Flow (2-Legged) to get access token and I followed each step as described in https://developer.linkedin.com/docs/v2/oauth2-client-credentials-flow.
But when I send the API request to get access token I received following response
{
"error": "access_denied",
"error_description": "This application is not allowed to create application tokens"
}
https://medium.com/#ellesmuse/how-to-get-a-linkedin-access-token-a53f9b62f0ce
you may check this way to get linkedin access token
When trying to refresh the access token when it expires, had an error:
Access Denied
You don't have permission to access "http://api.sonos.com/auth/oauth/v2/access" on this server.
Reference #18.cc5e0e17.1539959683.3844201.
Using request from Sonos API reference: https://developer.sonos.com/reference/authorization-api/refresh-token/
Authorization the same as in "Create token" request, and it works. And refresh token is from responce to "Create token" request
It looks like you've got the wrong URL. The path should be /login/v3/oauth/access. We did have a mistake in our documentation which likely led to your error.
I am using aspnetcore in visual studio 2015.
I've implemented JwtBearerAuthentication and I am successfully using token authentication. So users login and get a token.
Now, my tokens have an expiration time span. After they expire, users can no longer be validated. I want to be able to refresh the user's token silently in the client a couple minutes before the expiration. How can I achieve so in this setup? Is it possible with Microsoft.AspNetCore.Authentication.JwtBearer?
Yes it's possible. You can create a refresh-token (for example a random string) and set an expiration time more than your secret token. Send this token to your client, and save it in the client. Whenever the main token expires you can send the refresh token to server and check it,
instead of sending the user to the login page (and creating a new token).
If it has not expires yet, you create a new token and refresh token and set access to user, your header must contain:
This site says...
{
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJlUzl1NiJ9.eyJ1bmlxdWVfbmFtZ...",
"token_type": "bearer",
"expires_in": 119,
"refresh_token": "9b091854a9d3415c8ae12f07c333e5...",
}
We got the following exception for our customers while trying to get AccessToken using signed JWT for the scope "https://www.googleapis.com/auth/admin.directory.group.readonly" through this protocol(https://developers.google.com/accounts/docs/OAuth2ServiceAccount?hl=fr#makingrequest).
{
"error": "access_denied",
"error_description": "Requested client not authorized."
}
It was worked earlier. We are facing this issue from last 2 days.
But we got response for Admin-SDK users API using the scope "https://www.googleapis.com/auth/admin.directory.user.readonly" for the same app.
Please assist me.
TIA,
Riyaz A