I'm trying to post on an Event wall on a user's behalf. I have the publish_stream permission but am having trouble making a post request.
This doesn't work:
$http.post("#{url}/#{id}/feed", {message: message, access_token: token})
But these do:
1)
$http.get("#{url}/#{id}/feed?method=POST&message=#{message}&access_token=#{token}")
2)
$http.post "#{url}/#{id}/feed?access_token=#{token}&message=#{message}"
Any idea why the Facebook API would accept the latter but reject the post method (like the API requires)? The error I get with the $http.post is "this method requires an access_token"
I have limited idea about Facebook API but it seems that post method on $http is designed to send the data in the request body, whereas access token i think needs to be provided in querystring. post method would to parameter mapping for the url if the you provide it gets the same name token as here
$http.post("#{url}/#{id}/feed?access_token=#{token}&message=#{message}", {message: message, access_token: token})
Related
I've been using this this example to authenticate a user. The problem is that after a successful authentication I get a response like so:
http://127.0.0.1:8000/#code=0.AgAAv4j5c...
Which I can't exchange for a token because my server can't handle the #. I should get ?code=, but I can't get it! I already specified responseMode: "query" in the msalConfig object with no success. Please help!
I am using caspio rest api to authenticate my users in a mobile app. Upon authenticating, I was given an access token to which I included in my AJAX call under the parameter 'Authorization' : Bearer [access token].
I understand that I can renew the token with the refresh token given to me where I can use the POST call.
My question is: prior to using the POST call for a new token, must I store the access token?
Also, the Caspio website advised this format for the POST call:
Method: POST
URL: Token Endpoint
Body: grant_type=refresh_token&refresh_token= [token value]
Header parameters:
Authorization: Basic [string "Client_ID:Client_Secret" encoded in Base64]
Content-Type: application/x-www-form-urlencoded
Should I also include the client ID and client secret in the parameters? Upon using Firefox's rest client, I'm getting a bad request (400) error.
Thank you for the help!
I never using caspio rest api before. The answer base on my OAuth experiences.
My question is: prior to using the POST call for a new token, must I store the access token?
YES! The OAuth 2.0 using the access token to switch the refresh token at first time.
Should I also include the client ID and client secret in the parameters? Upon using Firefox's rest client, I'm getting a bad request (400) error.
According to the api document. You should include the client ID and client secret in your request, like most OAuth 2.0 do.
The bad request (400) error you may see the rfc6749 to find further information.
I've deployed a Let's Chat application for my own server.
However, instead of using currently built, original Let's Chat web application I would like to develop my own, using its API.
And according to Let's Chat wiki:
Revoke an API Token
In the top-left dropdown menu:
Select "Auth tokens"
Click "Revoke token"
Choose "Yes". This will delete any previously generated token.
Basic Authentication
Use the API token as the username when authenticating. The password
can be set to anything, but it must not be blank (simply because most
clients require it).
So far I've generated own token and tried to send GET request to retrieve all rooms that I have in the app, but I've got an error: 401 - Unauthorized - I've tried to send this request with { data: my_token, password: my_random_password } credentials but without success. So my main question is: how exactly I can authenticate with Let's Chat API using ajax request?
I couldn't find any API url / endpoint dedicated for such task - please help.
EDIT:
I've tried also setting headers but it still doesn't work:
$.ajax({
url: CHAT_URL + 'rooms',
beforeSend: function(xhr){
xhr.setRequestHeader('username', 'NTczYzZ1111111111111111111JiMWE3MGUwYThiNzZhYjhmYjFjOWJkOTQ5ZDQ2YjhjNWUyMzkwNmMzYjhjMQ==');
xhr.setRequestHeader('password', '123qwe');
}
}).done(function(resp){
console.log('1');
console.log(resp);
}).done(function(resp){
console.log('2');
console.log(resp);
});
From that wiki page:
Use the API token as the Bearer token.
This is done by setting the header Authentication to the value bearer YOUR_TOKEN_HERE
So,
xhr.setRequestHeader('Authentication', 'bearer NTczYzZ1111111111111111111JiMWE3MGUwYThiNzZhYjhmYjFjOWJkOTQ5ZDQ2YjhjNWUyMzkwNmMzYjhjMQ==');
If you want to use basic authentication, this answers that question
How to use Basic Auth with jQuery and AJAX?
I want to use the new vimeo api to fetch videos based on a query, but I getting a 401 Authorization Required with this message "error": "A valid user token must be passed."
I'm using this code :
var urlX = 'https://api.vimeo.com/videos?query=elvis&client_id='+VIMEO_API_KEY;
$.getJSON(urlX, function(data){
console.log(data);
});
So obviously I have an authentication problem.
As client_id I'm using my "Client Identifier" from my app created in Vimeo's dashboard.
The error I keep getting mention "user token", do I have to generate one via Vimeo's dashboard or via php ?
I'm a bit lost here.
client_id through the querystring is not a valid method of making API calls against the Vimeo API.
First you must request an access token either through the oauth2 redirect worfklow: https://developer.vimeo.com/api/authentication, or by generating it on your app page.
Second you must provide that access token with your api request either through the Authorization header:
Authorization: bearer <your_token>
or the querystring
https://api.vimeo.com/videos?query=elvis&access_token=<your token>.
The authorization header is more secure, and will continue to work indefinitely. Some changes will be made soon to the querystring form which could cause problems with your application.
I want to load in a user's home timeline after authenticating through 'sign it with twitter' using OAuth. I'm using this library to handle the authentication part https://github.com/jmathai/twitter-async
The authentication part is working fine but I'm unclear about how to send requests to twitter api as the given authenticated user. I want to make an ajax request for for the user's home timeline like this:
// this call produces "is not allowed by Access-Control-Allow-Origin" error
$.getJSON("http://api.twitter.com/1/statuses/home_timeline.json", function(json) {
console.log(json);
});
So my question is how do I send the user's access token along with my request and where is the token stored? Or am I approaching this problem wrong?
You need to make this request into a JSONP request, so you can do cross-domain AJAX.
$.getJSON("http://api.twitter.com/1/statuses/home_timeline.json?callback=?", function(json) {
console.log(json);
});
The ?callback=? converts this into a JSONP request.
The link you provided is for a PHP library. If you want to make API calls in JavaScript, you need to use a JavaScript OAuth library.