I am trying to retrieve an authorization code for a token but keep getting a 401 error. I get the authorization code from my callbackUrl.
It believe I am sending the request properly. I am sending a base64 Bearer token in the authorization header using my key:secret. I am just not sure what to do from here to resolve things. I am new to oauth so I don't know if there is a way for me to determine the problem from my end of things? I'm completely stumped...
[callbackUrl]/?scope=READ&state=test&code=98LtBkcY
https://www.[testapi].net/v1/id/oauth/access_token?grant_type=authorization_code&code=98LtBkcY
Error:
HTTP/1.1 401 Unauthorized
Content-Type: application/json
WWW-Authenticate: Bearer realm="null",error='invalid_token",error_description='keymanagement.service.invalid_access_token: Invalid Access Token"
Content-Length: 116
{"fault":{"faultstring":"Invalid Access Token","detail":{"errorcode":"keymanagement.service.invalid_access_token"}}}
I'm working in VB.NET and creating my bearer token like this:
Authorization_Token = System.Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(ConsumerKey & ":" & ConsumerSecret)).ToString
I got it working. Their documentation told me to use the token as a Bearer token but tried it and worked with out it.
Related
I am using below mentioned API and keys to get access token from Postman :-
POST https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
client_id=6731de76-14a6-49ae-97bc-6eba6914391e
scope=User.Read%20CallRecords.Read.All%20Mail.Read%20mail.read
code=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq3n8b2JRLk4OxVXr...
redirect_uri=https://office365test.com
grant_type=authorization_code
client_secret=xxx
It is not showing access token and refresh token attributes and the status is 404 Not Found
Thanks in advance.
I haven't had an issue getting access tokens, but when I try to test my access token by requesting households, I am getting 'Invalid Access Token' as a response. My refresh token appears to be working fine, but even refreshed access tokens are failing for this request.
I may be setting up my curl incorrectly for this request, can you please let me know exactly which tokens/keys/values are to be placed in these 2 headers, I don't find the documentation to be clear:
Authorization: ***** Hidden credentials *****
X-Sonos-Api-Key: 00000000-0000-0000-0000-000000000000
Thanks
In the sample getHouseholds request, you need to provide your access token as a header in the format:
Authorization: Bearer <Access-Token>
and then your API Key (generated when you created your integration) in a second header:
X-Sonos-Api-Key: <Api-Key>
Be sure to also include the content-type header:
Content-Type: application/json
I am unable to obtain a LinkedIn Access Token. My setup is as follows:
I have setup an app on LI with this redirect URL http://localhost:5000/home
I request authorization from LI and get a response with the 'code'.
In under 10 seconds, I copy the code query param out of the URL bar and paste it into Postman.
In Postman, I have a setup as follows:
POST /oauth/v2/accessToken HTTP/1.1
Host: www.linkedin.com
Content-Type: application/x-www-form-urlencoded
grant_type=authorization_code&
client_id=<client id>&
client_secret=<client secret>&
redirect_uri=http%3A%2F%2Flocalhost%3A5000%2Fhome&
code=AQSbUzcWwSk_3sqQfusRZWEa4tZqU_x4fSQKub9c3eoeCzZwNO2ZH8uAzJc-T0T40WRv6qNxNpCDxckEjuXHqb56ZhKQqReB5mDjm1kZrCrLlBBYhzyymF5oRzwNgObylJukUVQ_0OiSuE0W0RQ
I have made multiple attempts but in response, I get the following error.
{"error":"invalid_request","error_description":"Unable to retrieve access token: appid/redirect uri/code verifier does not match authorization code. Or authorization code expired. Or external member binding exists"}
We have a LI login deployment that suddenly stopped working and started returning this error. On simplifying the use case, I find that Postman does the same.
What gives? What am I doing wrong? This used to work!
im trying to test the Survey Monkey api via the online test console but keep getting the following error:
https://developer.surveymonkey.com/io-docs (link)
It's asking me to enter the Authorisation:
Content-Type:
Authorization: bearer %s <--- not sure where to get this from? (Access token)
api_key:
JSON:
and so im getting a "errmsg": "Invalid \"Authorization\" data in request header"
Is this generated elsewhere.. or am i missing something
You get the access token when you perform OAuth - select the app from your existing client credentials, hit Authorize, log into your SurveyMonkey account, and it should auto-populate the 'Access Token' field. Then copy this into the Authorization header in the form "bearer (access token)" (without the quotes or parentheses).
Cheers,
Miles
The authorization header works for me with bearer XXXYYYZZ. Doc here: https://developer.surveymonkey.com/mashery/requests_responses
Hey guys I ran into a weird issue with trying to use the Yammer API's Download URL.
Since this is an API call, you would think that you could just append your users
access token to the end of the API URI to initiate a direct download of the file,
but it seems that this will lead to a 401 Unauthorized when trying to actually use it?
My api urls are set up as so
https://www.yammer.com/domain.com/api/v1/uploaded_files/{file_number}/version/{version_number}/download/somepdf.pdf?access_token={access_token}
Does anyone know why this does not work?
?access_token={access_token} will not work the token should be in the http header and not the url after authentication.
If you are trying to access Yammer programmatically from an application be aware of the following:
Around December 2013 Yammer has slightly modified the authentication process.
By then the access_token could be part of the URL as described in the question.
Calling the API with the old code results in a HTTP 401 error. By now it is important to transport a Bearer Token in the HTTP Request like this:
GET /api/v1/messages/following.json HTTP/1.1
Host: www.yammer.com
Authorization: Bearer abcDefGhi
abcDefGhi is the token gathered after the oauth authorization.
Source:
http://developer.yammer.com/authentication/