I need to get username as one of the claim in the access token which i received. But in default i didn't received it. I gone through their documentation about custom claim mapping but i was still confused. Can anyone know the request body to get username as claim in access token in IBM appid?
Related
I'm running bitnami's Keycloak image on my local.
what I want to do is; use Keycloak REST APIs.
but no matter how hard I try, I'm getting 401.
I have done what's written in the doc. so this is a screenshot of the client. access type is confidential, and a service account is enabled. this is testapi client that I created;
here you can see the service account roles;
to view and manage users, I assigned manage-users and view-user roles.
firstly, to get the access_token , I'm using client_id and client_credential.
as you can see from here;
I have no problem getting the access token.
but when I try to get the user list or create a new user, I always get 401.
here you can see that I used the SAME access_token that I got from the http://localhost:8092/auth/realms/test/protocol/openid-connect/token
it doesn't make sense. I started to think about smashing the computer.
any help would be greatly appreciated
it doesnt work like this ,the process of getting users is as below:
First try to get access token for admin
POST http://localhost:8080/realms/master/protocol/openid-connect/token
the body of ur request will be x-wwww-url-encoded
client_id = admin-cli
username=admin
password=admin's password
grant_type=password
the response contains access token for admin
Second step is to get users of your realm in your case is test
Get http://localhost:8080/admin/realms/test/users
and pass the bearer token of admin in this request
I'm trying to verify subscription purchase in our backend servers, considering from this hms-iap-serverdemo GitHub repo.
I'm trying to connect OAuth 2.0-based authentication servers using app ID and app secret. I took ID and secret from AppGallery Connect → my app → app information. The auth servers returns base64 encoded token. When I try to verify with this subscription purchase, I am getting ResponseCode:6 ResponseMessage:Token is expired or invalid InappPurchaseData error from server.
The status of the application is currently draft. Is that why I'm getting this error? I believe client ID and client secret is correct. Or something else. I do not know. Do you have an idea?
Thank you
ResponseCode:6 ResponseMessage:Token is expired or invalid InappPurchaseData
The possible causes are as follows:
Check whether the token is invalid.The token validity period is 1 hour. If the token expires, obtain a new token to ensure that the token is valid.
Check whether the AT is invalid and whether only the AT in the cache is obtained. If the AT is invalid, clear the cache and obtain the AT again. Generally, use the token interface to obtain the application-level AT again.
For details about how to obtain the application level AT, see docs.
The token format is incorrect.
According to the docs:
App-level access token: Authorization: Basic Base64(APPAT:atvalue)
Example: The app-level access token is thisIsAppAtValue, then APPAT:atvalue is APPAT:thisIsAppAtValue.
Therefore, replace APPAT:atvalue in Base64(APPAT:atvalue) with "APPAT:thisIsAppAtValue" to generate value QVBQQVQ6dGhpc0lzQXBwQXRWYWx1ZQ==.
The value of Authorization in the request header is as follows: Basic QVBQQVQ6dGhpc0lzQXBwQXRWYWx1ZQ==
The site request is incorrect.
Switch to a proper site based on your location and try again.
China: https://subscr-drcn.iap.hicloud.com
Germany: https://subscr-dre.iap.hicloud.com
Singapore: https://subscr-dra.iap.hicloud.com
Russia: https://subscr-drru.iap.hicloud.com
I want to check if email address already registered in auth0 user store by call:
GET: https://myDomain.auth0.com/api/v2/users-by-email?email=example#example.com
And passing authorization header bearer with access token created by :
POST : https://myDomain.auth0.com/oauth/token
with the following body:
{"client_id":"xyzyAH0BU8dLdxxxx4NNpq37iO","client_secret":"aqVUk2du49qVjxxxxxxxxxxxxx2GniPF5nfS36K-N3nixxxxzcPvh","audience":"audience_from_control_panel","grant_type":"client_credentials"}
I added the required scope to my api read:users
can anyone tell me what I missed?
In the post request where you generate the token, have you tried changing the audience to https://myDomain.auth0.com/api/v2.
Check if the permission (not sure which one you do need here) is granted on APIs/Machine to Machine Applications.
We are having troubles with getting the access token from fiware since 4th August.
We are using this URL to ask for the token: https://orion.lab.fiware.org/token but it seems like it does not work.
Before using that URL we used to ask for this one:
http://cloud.lab.fi-ware.org:4730/v2.0/tokens
Could anyone, please, help us?
Thank you in advance.
It depends on how you want to get the token. The current OAuth2 URL to get the tokens is https://account.lab.fiware.org/oauth2/token. This is the central authority for authentication, if you are accessing any common GE, but you will need to register your application in FIWARE Account and use your application credentials and some OAuth2 grant to get it.
If you want to get the token for the global instance without using a registered application, the URL you have mentioned contains a token service that can give you a valid token for your user and that purpose. You can test it (and see an example) with the following script:
https://raw.githubusercontent.com/fgalan/oauth2-example-orion-client/master/token_script.sh
Problem with my accessToken!!
accessToken is all right all the time.
It's standard format: AAA|BBB|CCC
I can get available current user's uid and session secret from a given accessToken( AAA|BBB|CCC)
BUT today fb server give me a strange accessToken unexpectedly.It's not useful for xmpplogin.
eg. AAACmERnbMSwBAB3XnOt4hnR71agtbo3CE8w2Xd7jD7QEURSiiOFV1Eg85tHsaHvVNobiUFppqzQcaXKjWOVSZCIFKvVsEJ4llZBfNI6AZDZD
could you give me a clue?I'm crazy to find answers whole day.
As per https://developers.facebook.com/blog/post/572/ the access token format changed recently to an encrypted format. All the APIs should work fine using this encrypted token including XMPP but it requires a minor code change to your XMPP code.
There was a blog post showing how to use the access token for XMPP auth on Sep 10.
Replace the session_key and sig parameters with the access_token parameter which should be the user access_token which has the xmpp_login permission - also note that it needs to be passed over SSL (which I believe was optional when you were only passing only the session key and sig)
If you can't get XMPP login working when you pass the encrypted access token, please file a bug in Facebook's bug tracker, but make sure you have the parameters changed per the note above and the chat docs.
The format of Facebook access token has changed recently. Now it is encrypted. At present if you want to get the user id of the owner of an access token issue a request in the following format
https://graph.facebook.com/me?fields=id&access_token='accesstoken'
This will return the Facebook User id of the owner of access token as a Json string. This request works even when the user is not logged in.