I was integrating ebay api and want to create payment policy. According to this guide
https://developer.ebay.com/api-docs/static/make-a-call.html
i generated token and send it this postman. But it is throwing a error
{
"errors": [
{
"errorId": 1100,
"domain": "ACCESS",
"category": "REQUEST",
"message": "Access denied",
"longMessage": "Insufficient permissions to fulfill the request."
}
]
}
Please is there help or proper guide to full fil.
Headers:
Ensure that you are using the correct access tokens. In eBay, the User Access Token and the Application Access Tokens are separate entities to be used for differing purposes. From the eBay docs:
Client credentials grant flow mints a new Application access token that you can use to access the resources owned by the application.
Authorization code grant flow mints a new User access token that you can use to access the resources owned by the user.
The one that you should be using in your call is the User Access Token.
The application access token is minted on calling https://api.sandbox.ebay.com/identity/v1/oauth2/token with the header grant_type:client_credentials. The User Access Token is minted on calling the same URL, however, with the headers grant_type:authorization_code or grant_type:refresh_token.
Try to refresh the user token with by calling https://api.sandbox.ebay.com/identity/v1/oauth2/token with grant_type:refresh_token header and use that to authorize your call instead
Related
I want to authorize in the report portal application using chromedriver in webdriverio.
So I'm retrieving the API token via:
GET http://reportportal.io/uat/sso/me/apitoken'
Get response:
{
"access_token": "D1aexc0a-d11d-067f-xx7c-3e2e0fb96332",
"token_type": "bearer",
"scope": "api"
}
My next step is to use this token in my steps to bypass authorization.
I've tried to set this token as a cookie and as CSRF token, but no chance to receive anything successful.
I would appreciate any help or advice on how to use token to authenticate in the application.
Sorry if something written wrong or inadequately I'm new in this.
I'm integrating my smarthome services on the Actions on Google platform and I have some problems during the authentication process.
I have an Amazon Cognito user pool configured that I'm using for authentication, and apparently works fine, but I never receive the token on any request sent from Google to my back-end services.
The official documentation says the following:
"When you have authenticated a user, the user's third-party OAuth 2 access token is sent in the Authorization header when smart home intents are sent to your fulfillment."
But in fact, I don't receive that token.
{
"inputs": {
"0": {
"intent": "action.devices.SYNC"
}
},
"requestId": "7597788060327530693"
}
My account linking configuration:
https://i.stack.imgur.com/hLaVN.png
What you've posted is the request body. The headers should exist as a separate object in your request, which will be a key-value pair of metadata. One datum should be Authorization.
I'm using the adal-angular library (but not with Angular) in my SPA to try to acquire an access token that I can use to call the SharePoint APIs (https://<my-tenant>.sharepoint.com/_api/).
I've registered an application in Azure AD and enabled the implicit flow in the manifest, and I'm now running my SPA locally, which is why there's a localhost redirect URI. The code below is being executed on startup:
const context = new AuthenticationContext({
clientId: '<my-client-id>',
redirectUri: 'http://localhost:3000/signin',
popUp: true,
loginResource: 'https://<my-tenant>.sharepoint.com',
callback: () => window.location.reload()
});
const user = context.getCachedUser();
if (!user) {
context.login();
} else {
context.acquireToken('https://<my-tenant>.sharepoint.com', (error, token) => {
console.log(error, token);
});
}
I'm already logged into the SharePoint site, so with this config everything happens automatically and I see a JWT access token logged to the console. However, when I inspect the token, I see that the audience is <my-client-id>. When making a call to https://<my-tenant>.sharepoint.com/_api/v1.0/me using the access token, I then get a 401 response with the following error message:
{"error_description": "Exception of type 'Microsoft.IdentityModel.Tokens.AudienceUriValidationFailedException' was thrown."}
I'm pretty sure this all boils down to me not understanding the OAuth2 flow properly, but... how can I acquire a token that SharePoint can actually be used with SharePoint? Am I thinking about this the wrong way? It kinda defeats the purpose if the token retrieved by my app can only be used to authenticate against my own app.
Getting an access token to SharePoint is well described here:
OneDrive for Business authentication and sign in
You should consider first getting a token to the Discovery Endpoint:
Using an access token received for resource
https://api.office.com/discovery/ you can make a request to the
discovery API to learn which services are available
If the call is successful, the response body contains JSON data with
information about the services available for the user and your app.
{
"#odata.context": "https:\/\/api.office.com\/discovery\/v1.0\/me\/$metadata#allServices",
"value": [
{
"#odata.type": "#Microsoft.DiscoveryServices.ServiceInfo",
"capability": "MyFiles",
"serviceApiVersion": "v2.0",
"serviceEndpointUri": "https:\/\/contoso-my.sharepoint.com\/_api\/v2.0",
"serviceResourceId": "https:\/\/contoso-my.sharepoint.com\/"
}
]
}
There you should get your valid Resource ID... but the issue here may just be that you did not include a forwardslash (/) at the end of the Resource URL in your sample code.
I want to use the new vimeo api to fetch videos based on a query, but I getting a 401 Authorization Required with this message "error": "A valid user token must be passed."
I'm using this code :
var urlX = 'https://api.vimeo.com/videos?query=elvis&client_id='+VIMEO_API_KEY;
$.getJSON(urlX, function(data){
console.log(data);
});
So obviously I have an authentication problem.
As client_id I'm using my "Client Identifier" from my app created in Vimeo's dashboard.
The error I keep getting mention "user token", do I have to generate one via Vimeo's dashboard or via php ?
I'm a bit lost here.
client_id through the querystring is not a valid method of making API calls against the Vimeo API.
First you must request an access token either through the oauth2 redirect worfklow: https://developer.vimeo.com/api/authentication, or by generating it on your app page.
Second you must provide that access token with your api request either through the Authorization header:
Authorization: bearer <your_token>
or the querystring
https://api.vimeo.com/videos?query=elvis&access_token=<your token>.
The authorization header is more secure, and will continue to work indefinitely. Some changes will be made soon to the querystring form which could cause problems with your application.
I have a client-side web app (no backend) that uses Google Javascript API.
I have an issue regarding the access-token that I got after the login is successful.
From the callback, we can see that the access-token is set to expire in 1 hour.
expires_in: "3600"
Question is, how can I "get a new token"?
From the documentation, I'm under the impression that after the token is invalid, we have to (and I quote) perform a new re-authorization flow with immediate set to true to get an up-to-date access token.
Source:
https://developers.google.com/+/web/api/javascript
However, when I tried to call again the auth method:
gapi.auth.authorize(parameters, callback)
I got the token object, but there's no access-token inside.
{
client_id: "{my_client_id}.apps.googleusercontent.com"
cookie_policy: undefined
expires_at: "1370371466"
expires_in: "86400"
g_user_cookie_policy: undefined
issued_at: "1370285066"
response_type: "token"
scope: "https://www.googleapis.com/auth/plus.login https://gdata.youtube.com"
}
Am I missing something? How do we usually get a refreshed token after one expired?
On client side, access token is temporary. This is by default online access to user resources. In order to get access tokens again, you need to redirect user for permissions again.
In the OAuth protocol, your app requests authorization to access resources which are identified by scopes, and assuming the user is authenticated and approves, your app receives short-lived access tokens which let it access those resources, and (optionally or more precisely on server side) refresh tokens to allow long-term access.
for server side apps and for offline access of user resource you need to have refresh token Refer to: Google Analytics API Automated Login
Also read: https://developers.google.com/accounts/docs/OAuth2WebServer
https://developers.google.com/accounts/docs/OAuth2UserAgent