Authorise Pinterest App - api

I have added a collaborator for my Pinterest app, however, when accessing the colaberators account and clicking on the application there is no 'authorise' button or anything similar. The "You still need at least 1 collaborator to authorize your app before you can submit" warning still shows on the collaberators account.
Ant help would be appreciated, thanks!

We had the same problem. You need to at least add two co-workers, one as collaborator and one as tester. These must be different people. And then, after some while (!) the authorize button has appeared.
The co-workers need to accept the invitation as well, of course.
After submitting, it will take some weeks (!) until you get the approval.

I had issue. By reading and following accepted answer, I waited 5 weeks and still submit for review button was not there.
What I did was I authorise my app for code which later I used for getting access token.
Once I successfully authorised my app using below authorisation URL the "Submit for review button " appeared in a second.
Authorisation URL:
https://api.pinterest.com/oauth/?response_type=code&client_id=XXXXXXXXXXXXX&redirect_uri=https://localhost:8000&scope=write_public read_public&state=abcdefg
Use your client_id to authenticate to your app. Once you are done with that you can see the "Submit For review button" after refreshing the browser.
Hope it helps!

for those who have this problem, note that you have to test your application before you could autorize or send to revision,
You need 3 Pinterest account, or 2 friends
register one as developer and another as tester
then, with the secret key and the app id, put it on your client application
after that, test the login,
finnaly go back to your pinterest app and the button for "send to revision" you wiil find it enabled,

Please confirm that you are using same App ID and App secret in your application which is in developer pinterest app.

Here is a quick 2019 year update:
You need two pinterest accounts, they should be following each other
and should be collaborators in the APP.
Have a ssl protected call back url, they only accept https urls.
Finally all collaborators should authorize the app through your
application/site. For this you need to already have the pinterest sdk
integrated in your project.
Now you can submit the app for review.

Related

Issue with OAUTH consent screen

I am trying to get an oauth 2.0 client id but I am redirected to the oauth consent screen. However the google oauth consent screen is giving me errors when I try to save my application name. I left the other fields blank as I was guided my my tutor to only fill up the application name and email field. I am having issues configuring the oauth consent screen. I keep getting an error that says
“the request failed because changes to one of the field of the resource is not supported.”
Its my first time using google oauth and I did everything my tutor did in the udemy course but I hit the save button, I get this same error all day! Please check my screenshots for more details. Any help will be appreciated..
try a unique name for your app
I had the same issue and it worked for me
It's an ongoing outage issue with Oauth Client Id Creation, you can see the banner here https://status.cloud.google.com/
Outage Banner
Should be fixed soon, hopefully!
If you created an api key before the redirection to the oauth consent screen for the app you want to integrate google sign in with, try adding the api key to the scope for google apis on the consent screen This worked for me.
It was a google server issue. I think their server was down at that particular time I was having the issue because the next day I tried it without doing anything different and it worked seamlessly.

Facebook OAuth2 - "Sorry, something went wrong"

Our web app allows users to log in via Facebook. Technically, we are using Facebook OAuth2. We have implemented this login process two years ago. It worked fine until 13th November 2015 but since that day it does not. When our server sends the request
https://graph.facebook.com/oauth/access_token
with appropriate parameters (client_id, redirect_uri, client_secret, code), the response from Facebook has HTTP status 400. The response body is a HTML page saying "Sorry, something went wrong".
On 13th November, there was some problem on Facebook probably.
I have found the following message:
http://www.independent.co.uk/life-style/gadgets-and-tech/news/facebook-down-site-breaks-for-many-people-though-not-for-everyone-a6732906.html
However, our server still gets this error response after a week. We have an instance of the system deployed in the production environment and one more instance in the test environment (with different Facebook account, i.e. with different client_id and client_secret). Currently, Facebook login works fine in the test environment. I am not sure if it worked on 13th November.
Do you have any experience with recovery from such problem? Why does Facebook login work in test environment and does not work in the production environment in the same app? Why did the production instance break on a particular day and is still broken a week later?
Thanks for any help.
I had the same issue. I believe that the issue stems from passing in invalid scope in your authentication requests. Try removing the scopes in your authentication request to see if that works.
One more corner case I found in 2022:
In the App Dashboard, if you choose Facebook login for Business, same error happens. It will go away as soon as you select Facebook Login one.
Finally, the issue was resolved by restarting the servlet container (Tomcat 7). However, I have no idea why.
All of this is using exclusively the login button. Not the API serverside and not FB.login(). It would work for me sometimes and sometimes not and I couldn't figure out why. I would open a new window and it may work, or may not - but it seemed like once broken it was broken.
There appears to be an issue when using the Chrome 'Device simulator'.
Looking at the SDK Javascript (that's to say the SDK that the Facebook Login button uses) it checks to see if the device is a 'touch' device and if so it will use the m.facebook.com domain when requesting the oauth token.
This domain fails m.facebook.com:
However if the mobile device mode isn't activated when the page loads then it uses www.facebook.com and succeeds:
So for me the current workaround is:
Assuming you are developing with the console active.
When you need to reload your page press Ctrl + Shift + M to deactivate the mobile device mode.
Refresh the page
Once the button has initialized press Ctrl + Shift + M to reactivate it again.
If you see m.facebook.com then you didn't do it fast enough, or maybe you're using something like Angular with hot reload and you need to manually refresh.

Netflix doesn't logout other open sessions with password change

I've recently been doing a bit of web development so I've been thinking more about authentication and stuff. On Netflix I noticed there is an extra option on the Account page to de-authorize other devices. My girlfriend changed her password but I was still able to use it without re-entering the password till she logged out other devices.
So my question is how does authentication for Netflix work if it doesn't have to locally store your password?
Netflix uses a version of Open autentication to allow a device to access an account. Once the device has been authorized it will then have access to that account until its has been deautorized.
Chaning password doesnt matter becouse the device has autorization already probably in the form of a refresh token stored someplace. So its not storing a password its storing an autorization token of some kind.
Lets use facebook as an example: (response to comment below)
https://www.facebook.com/settings?tab=applications
This shows a list of all the crap I have loged in to using my facebook account. Now I have probably changed my facebook password sevral times it wont matter I will still have access. Some of these are mobil apps i have installed on my cellphone at one time or another. Even if i dont use them they still have access.
This doesn't technically answer the question, but is related and, I think, helpful:
You can forcefully invalidate the previously-validated tokens for other devices by going to https://www.netflix.com/ManageDevices - as soon as you go to the page it will ask if you want to sign out other devices.
(from "Someone is using my Netflix account without my permission" at https://help.netflix.com/en/node/18)

How should I store login details with appcelerator?

I have built a website that uses Facebook, Google, Yahoo, Twitter and standard email/password for account signup. It all works fine on the web but my client wants to make the website an app. I've been experimenting with using webviews with appcelerator and it looks like it will work well. The problem is the websites session will expire after 30 minutes or so. The client wants to be able to stay logged in and prevent the users from having to re-loging in all the time.
I'm thinking I need to store the login details and automatically re-login when the session has expired. Would this be the best way to handle this?
I think this is solved. I've going to use asiviero's suggestion.

how to edit where facebook sends visitor after using the facebook "sign in" app

I have a site www.crazyfloridadeals.com and this is a licensed directory and it has a built in feature for "sign in" using your facebook account and in order to do this you need a developers App ID and App secret which I did set up, I got the app to work but two things need to be edited and I can't figure out how to do this,
After you use the app facebook sends the visitor to crazyfloridadeals.com/profile/#= which 404's how do I get the app to send them back to the Home page? I read every articl and forum but could not find anything - any suggestions are where to find this
When you use the facebook app it goues through the "permissions" and it asks do you want to all "my company" to post on your behalf? I don't need this as I am only looking for basic user info (just like screen shot attached) how can I adjust what permissions are being asked for?
I am new to this and am sorry if these are easy fixes
Having looked at your site, it appears that the FB login button is being passed the paramaters redirect_uri="http://crazyfloridadeals.com/members/facebookauth.php?destiny=http://crazyfloridadeals.com/profile/#="
and scope="email,user_birthday,status_update,publish_stream"
There should be a configuration screen if this is some sort of CMS for the FB login plugin. Otherwise there may be a configuration file somewhere in the code files itself. Of note, to remove the "post on my behalf" message, remove the 'publish_stream' from the scope variable. See this list for other FB permissions. You may need a FB Dev account to view it. Obviously, you will need to change "http://crazyfloridadeals.com/profile/#=" to just "http://crazyfloridadeals.com/"