We need to allow our Flutter application to save a property in the user_metadata when the application starts.
As I understand this is a task to be done with the Management API and in order for the Flutter application to be able to write in the user_metadata the client has to request a Management API access token.
I found no information on how to request this token, the closest thing is this page in the documentation that has no example and no explanation on how to retrieve this token:
https://auth0.com/docs/secure/tokens/access-tokens/get-management-api-tokens-for-single-page-applications
Can anyone provide an example on how to request this token from a Flutter app?
Even a generic CURL request would be helpful to understand what endpoint to call with which parameters.
Error received when trying to access the Management API to update the user_metadata:
body{
"statusCode":400,
"error":"Bad Request",
"message":"Bad HTTP authentication header format",
"errorCode":"Bearer"
}
2 steps are needed:
Get the authentication token for management API:
sample curl:
curl --location --request POST "https://YOUR_AUTH0_DOMAIN/oauth/token" \
--header "content-type: application/json" \
--data-raw "{
\"grant_type\": \"client_credentials\",
\"audience\": \"https://YOUR_AUTH0_DOMAIN/api/v2/\",
\"client_id\": \"YOUR_AUTH0_APPLICATION_CLIENT_ID\",
\"client_secret\": \"YOUR_AUTH0_APPLICATION_CLIENT_SECRET\"
}"
call the management api to update app_metadata
sample curl:
curl --request PATCH \
--url 'https://YOUR_AUTH0_DOMAIN/api/v2/users/USER_ID' \
--header 'authorization: Bearer TOKEN_FROM_STEP_1' \
--header 'content-type: application/json' \
--data '{"email": "whatever#example.com", "user_metadata": {"hobby": "surfing"}, "app_metadata": {"plan": "full"}}'
Edit: Patch request with userID
Related
I am just studying the Thingsboard IoT platform features.
And we know that to retrieve JWT Token for a user, we should POST following API command,
curl -X POST --header "Content-Type: application/json" --header "Accept: application/json" -d "{"username":"xxxxx#gmail.com", "password":"xxxxxx"}" "https://thingsboard.cloud/api/auth/login"
The timeout for this JWT token is set to "9000" sec by default.
How can we modify this Token expiry time?
Your help would be appreciated.
Thank you.
This should be configured as part of security.jwt.tokenExpirationTime
https://thingsboard.io/docs/user-guide/install/config/
You should probably need to use the refresh token to keep your session logged in via /auth/token
I am trying to authenticate to the sophos intellix authenticate api:
curl --location --request POST 'https://api.labs.sophos.com/oauth2/token'
--header 'Content-Type: application/json;charset=UTF-8'
--header 'Authorization: Basic {encoded key:secret}'
--data-raw 'grant_type=client_credentials
I am receiving this response:
400 ERROR
The request could not be satisfied.
Bad request. We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner.
If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.
Generated by cloudfront (CloudFront)
Request ID: cbA_F5avox5aIXvXdc91LFbn0PylJY4LfKqB_bYL7dfMsgCFElTArA==
What am I missing in the cURL request?
Oh gosh... had the wrong content type header value
--header 'Content-Type: application/x-www-form-urlencoded'
The full curl request:
curl --location -X POST 'https://api.labs.sophos.com/oauth2/token' --header 'Content-Type: application/x-www-form-urlencoded' --header 'Authorization: Basic {encoded key:secret}' --data-raw 'grant_type=client_credentials' -i
Hi I'm trying to use the Keycloak API but I don't understand very well how it works. I want to obtain all the users of a realm. So I first obtain a token using this endpoint: /realms/master/protocol/openid-connect/token with this params in the request body:
client_id
grant_type
username
password
client_secret
The first question is: What client should I use?
Then I call this endpoint: /admin/realms/master/users with the token in the Authorization header, but I get a 403 status code and I don't understand why.
Thanks
You need two steps
first get an access token from the admin-cli client of the master realm
second call the admin rest api with the access token, set Bearer as prefix in the
Authorization header.
# get an access token
curl -X POST \
https://<HOST>/auth/realms/master/protocol/openid-connect/token \
-H 'Accept: application/json' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'cache-control: no-cache' \
-d 'grant_type=password&username=<USERNAME>l&password=<PASSWORD>&client_id=admin-cli'
# get all users of gateway realm, use the token from above and use Bearer as prefix
curl -X GET \
https://<HOST>/auth/admin/realms/gateway/users \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkI...' \
-H 'cache-control: no-cache'
Generally: 403 = you don't have permissions to perform requested action (to view users in this particular case). You need to define Client Roles (realm-management) for used user/client and assign right role (view-users role in this case):
Keycloak 17+ UI:
Or Keycloak 17+ UI - client with Service Accounts Enabled enabled:
Keycloak 17- UI:
I'm attempting to do a POST to a bucket via API. I have an API key, and I have a client-id and secret. What should be included in the header for authentication to my bucket for a simple post?
If you are trying to do a POST with the RESTful API you should add an "Authorization: Bearer [OAUTH2_TOKEN]". I recommend on following the Quickstart on Uploading Objects with Rest API which guides you on how to achieve this and searching the OAuth 2.0 playground to get the Token
Taken from the guide:
curl -X POST --data-binary #[OBJECT] \
-H "Authorization: Bearer [OAUTH2_TOKEN]" \
-H "Content-Type: [OBJECT_CONTENT_TYPE]" \
"https://www.googleapis.com/upload/storage/v1/b/[BUCKET_NAME]/o?uploadType=media&name=[OBJECT_NAME]"
I have created a NodeJS application on IBM Cloud and connected it with the App ID Service. In that Service, I have added a user and setup the redirect URI. I can successfully log in with the user account by using Cloud Directory as the Identity Provider and I can see the /userinfo as well as the ID and Access Token (Bearer). I would like to change and add attributes of that user, but my PUT or POST requests do not work. However, my GET request is working:
curl -X GET --header 'Accept: application/json' --header 'Authorization: Bearer token' 'https://appid-oauth.eu-gb.bluemix.net/oauth/v3/91c8d285-580a-47ae-8928-e47e17127a35/userinfo'
I have tried following PUT and POST requests:
curl -X POST --header 'Content-Type: text/plain' --header 'Accept: application/json' --header 'Authorization: Bearer token' -d 'value' 'https://appid-profiles.ng.bluemix.net/userinfo'
and this:
curl -X POST --header 'Content-Type: text/plain' --header 'Accept: application/json' --header 'Authorization: Bearer token' -d 'attributeValue' 'https://appid-profiles.ng.bluemix.net/api/v1/attributes/attributeName'
This is the response:
Error 404: SRVE0295E: Error reported: 404
Using Postman, the response is:
Cannot POST or PUT /oauth/v3/91c8d285-58.../api/v1/attributes
How do I add attributes to a user using REST API?
See the API at: https://appid-profiles.ng.bluemix.net/swagger-ui/index.html#!/Attributes/setAttribute
You cannot use POST to set an attribute, you should use PUT