When I try to authenticate against the Zendesk API as an end-user, and then list tickets, it always responds with 403 Forbidden:
e.g.
GET
https://mysite.zendesk.com/api/v2/requested.json
Basic Authorization
returns with a 403
{
"error": {
"title": "Forbidden",
"message": "You do not have access to this page. Please contact the account owner of this help desk for further help."
}
}
It appears that the "tickets" API (like above) is not for end-users. Instead they must use the "requests" API .
So use: https://mysite.zendesk.com/api/v2/requests.json instead...
Related
I'm trying to get data with SharePoint REST API but stucking with "System.UnauthorizedAccessException" error.
How can I fix this?
What I did is...
I got access token.
POST https://login.microsoftonline.com/{{tenantName}}/oauth2/v2.0/token
I tried to get sharepoint list items with the access token I got.
GET https://{{xxx.sharepoint.com}}/sites/{{sitename}}/_api/web/lists/GetByTitle('CSV')/items
With the 2nd command, I got error message like below.
"odata.error": {
"code": "-2147024891, System.UnauthorizedAccessException",
"message": {
"lang": "en-US",
"value": "Access denied. You do not have permission to perform this action or access this resource."
}
Check whether the site you requested matches the scope set by app permission xml.It is possible that the scope does not match and the requested site fails to authenticate the request.
I need to test with PostMan the API
https://learn.microsoft.com/en-us/graph/api/application-post-onlinemeetings?view=graph-rest-1.0&tabs=http
But always return 403...
{
"error": {
"code": "Forbidden",
"message": "",
"innerError": {
"request-id": "76cf26ec-0be3-4b51-a8a8-5c70d71e426c",
"date": "2020-05-25T15:38:50"
}
}
}
I have follow this articole to setup postman microsoft article and all work very well, except this API, and I don't understand why
For this problem, it was caused by the app doesn't have permission to create online meeting. When you click the "Get User Access token" in your postman, it will get the access token which includes the permissions you added to the app before. If you want to test the create online meeting api, you need to go to azure portal and add appropriate permissions for it. Please refer to the steps below:
1. Go to azure portal and click "Azure Active Directory" --> "App registrations" --> "All applications". Search the app by the ClientID which you set in your postman for the graph environment.
2. In you registration app, click "API permissions" and add the OnlineMeetings.ReadWrite permission for it.
After add the OnlineMeetings.ReadWrite permission, don't forget grant admin consent for it.
3. Now you need to get the user access token again in your postman, please click "Get User Access Token" in your postman. You can check the permissions by copy the access token to this page, it will parse the access token and you can check if the token contains the OnlineMeetings.ReadWrite permission.(As add the permission to access token requires a few minutes, so you'd better parse the access token to check if it contains the permission)
4. Then you can test this api in your postman (below I provide a create online meeting sample for your reference).
I am currently researching a way to use the Google Purchase Status API with just HTTP request calls, and I have hit a brick wall. I have an app setup with Google Play, and ownership of the Google Console account.
Basically, I just would like to check the status of a user's purchase on my server. The only information I should be using is the purchase token, product ID, and product package.
I have followed all the documentation on doing this at developer.android.com/google/play/billing/gp-purchase-status-api.html
The HTTPS request call I am attempting to make is this (product names and real strings substituted):
googleapis.com/androidpublisher/v1.1/applications/(com.product.myproduct)/inapp/(com.product.myproduct.product1)/purchases/(myproductpurchasestring)?access_token=(myaccesstokenstring)
and my response is always this:
{
"error": {
"errors": [
{
"domain": "androidpublisher",
"reason": "developerDoesNotOwnApplication",
"message": "This developer account does not own the application."
}
],
"code": 401,
"message": "This developer account does not own the application."
}
}
When polling my access token through this http request call:
googleapis.com/oauth2/v1/tokeninfo?access_token=(myaccesstokenstring)
this is my response:
{
"issued_to": "12345.apps.googleusercontent.com",
"audience": "12345.apps.googleusercontent.com",
"scope": "https://www.googleapis.com/auth/androidpublisher",
"expires_in": 3319,
"access_type": "offline"
}
So according to the documentation at https://developers.google.com/accounts/docs/OAuth2#webserver, I need to:
Authorise myself and retrieve a refreshable access token that is generated from 'Client ID for web applications' in the API access section of the Google API Console. I have done this.
Utilise this access token for google API calls in either of 2 ways: appending the string to the HTTP header 'Authorization', or as part of the HTTPS request itself with the property access_token=(mytokenstring). This part does not work for me, I always get an unauthorised message.
My question I guess would be: is it possible to use a simple HTTPS request call (without external library support) to retrieve the status of a purchased item without user interaction on backend servers?
I would really appreciate any help, most of the other threads are about how to go about getting a refresh token, but I have covered that already.
ok, I figured out my own problem with the help of a colleague. Basically, my access token was being generated under an account which wasn't linked to the project in any way. It would be safest to use the owner of the project's google account when generating the access token.
Phew!
I was able to retrieve access-token using Google Service account but when I tried to use the same access-token to retrieve GooglePlus User Profile API I'm getting the error mentioned below:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "notFound",
"message": "Not Found"
}
],
"code": 404,
"message": "Not Found"
}
}
I used scope value as https://www.googleapis.com/auth/plus.me while retrieving access-token using Google service account and I was able to fetch access-token, but then if I try to use the same access-token to request User profile API- I.e
https://www.googleapis.com/plus/v1/people/me?prettyprint=true I get the error above.
Can anyone help me on this?
This is most likely because the account that has done the authentication does not have a Google+ account/profile. For testing, you may wish to replace the "me" with the profile ID in question to verify this. In production, of course, you should catch this error and indicate that they don't have a Google+ profile.
If you need to check for a Google login, even if they don't have a Google+ profile, you can use the https://www.googleapis.com/auth/userinfo.profile scope. See https://developers.google.com/accounts/docs/OAuth2Login for more details.
I want to use Google Shopping Search API for products search. I have followed all the steps stated in document. First I created a google account, then went to GOOGLE APIs console to create a project and got an API key. I want to use this service as publishers in the Google Affiliate Network who can use the API to access product offers from their advertisers of choice.
Then I signed up at google affliate network to get pid. Then I send request to some advertisers to join their program from my affiliate admin panel. Now I have one advertiser approved. Now on this document, it states that to request feed to access products from google affiliate network advertisers of publisher I have to use the following url
https://www.googleapis.com/shopping/search/v1/source/products
Where source in the url is replaced by gan:mypublisherid after putting this my url looks like
https://www.googleapis.com/shopping/search/v1/gan:myid/products?key=mykey&country=US
But When I access this url i found following json error
{
"error": {
"errors": [
{
"domain": "global",
"reason": "conditionNotMet",
"message": "authentication is required for GAN",
"locationType": "header",
"location": "If-Match"
}
],
"code": 412,
"message": "authentication is required for GAN"
}
}
Now my question is how to get authenticated? Is my url is correct or there is some thing other way to do this?
Best Regards.
Read this article. The last part i.e. authentication.
You have to get an access token before using the API. You can either use OAuth or Client Login token. To get a token using Client login you can use cURL. Remember to put servicetype as shoppingapi as the document says.