For a school project I need access to LinkedIn API.
I have already created an app on LinkedIn Developers. However, when I do a GET request to https://www.linkedin.com/oauth/v2/authorization, I am not able to get an access token, and I get "you need to pass the scope"
Even though the documentation specified that the scope field is optional, I added scope=scope=r_liteprofile%20r_emailaddress%20w_member_social at the end of my request and got a "invalid scope error".
As for the redirect uri field, I am not sure what to put (can I put a random website URL?)
If someone knows the solution to that problem or know other ways to get an access token, I would be very grateful :) Thank you !
Kim
You need to provide a redirect URI in order to get a valid access token.
First step:
https://www.linkedin.com/oauth/v2/authorization?response_type=code&client_id=YOURCLIENTID&redirect_uri=https://my.webserver.com
Once you login and confirm LinkedIn will redirect you to the provided redirect URI with the code parameter. The next step is to exchange this code for an access token.
Second step:
https://www.linkedin.com/oauth/v2/accessToken?grant_type=authorization_code&code=CODE&redirect_uri=https://my.webserver.com&client_id=YOURCLIENTID&client_secret=YOURCLIENTSECRET
If everything is valid LinkedIn will again redirect to the provided redirect URI, but this time with the access token.
Hope it helps.
Related
I am writing a program that retrieves our marketing data from facebook. the program i am writing can only use curl to retrieve the user access token and there is no UI, the only info I found is to call this url
Curl('https://graph.facebook.com/oauth/authorize?client_id=1534273216862757&response_type=token&redirect_uri=https://www.facebook.com/connect/login_success.html','GET')
However, when I send this, i get back the entire html of the redirect page and no token.
do you know of another way I can accomplish this?
thanks
You can only get a User Token with user interaction, not by curl. It does not work like that, and it should not work like that.
You can use an Extended User Token though, it is valid for 60 days. After that, the user has to refresh it.
More information about Tokens:
https://developers.facebook.com/docs/facebook-login/access-tokens
http://www.devils-heaven.com/facebook-access-tokens/
There is some information:
https://developers.facebook.com/docs/facebook-login/access-tokens/
Your access_token can be as: {your-app_id}|{your-app_secret}. Attention: it's application token, not user token. It's limited, therefore you can't make such requests as /me.
Or try this request to get access-token:
https://graph.facebook.com/oauth/access_token?client_id={app_id}&client_secret={app_secret}&grant_type=client_credentials&redirect_uri={redirect_uri}
The {redirect_uri} is any route of your application, and this uri must be in "Valid OAuth redirect URIs" in this page: https://developers.facebook.com/apps/{app_id}/fb-login/settings/
I don't check this solution because I need request some permissions (manage_pages, leads_retrieval). I'm waiting for it will be granted.
I'm doing a facebook app and I've followed the custom login flow instructions and I have a question on the last step:
1) I start by doing a call to /dialog/oauth to get a login code.
2) With the code I will request an access token, by hitting the graph.facebook.com/oauth/access_token and that's fine as well.
3) The instructions now say I should validate the code and token to make sure they are from the sources that requested them.
GET graph.facebook.com/debug_token?
input_token={token-to-inspect}
&access_token={app-token-or-admin-token}
My questions are:
What is the input_token in my scenario?
Do I need to do this in my flow? And why if yes?
If I just pass the same value(access_token) in both parameters I get a valid anwser but I don't know if this makes sense.
Thanks in advance.
This question has already been asked: how to verify facebook access token?
And: Verify Facebook Access Token for specific App
And: verification code example
It's simply a unit test to see if your code is still valid (to catch a bug early so it can't do any big damage).
If the access token is not valid, you can for example show a message to the user that there is a bug etc.
Hi hope someone can help,
For some reason when requesting access token via
https://graph.facebook.com/oauth/access_token?client_id=&redirect_uri=&client_secret=&code=
The token is returned as html output and not redirected to the specified redirect_uri location
However when I request authorization via
https://graph.facebook.com/oauth/authorize?client_id=&redirect_uri=&scope=offline_access,publish_stream,read_stream,publish_actions,manage_pages
This work fine. Redirect occurs with code parameter.
Any help appreciated.
Thanks
The first one isn't somewhere you send users to, it's a URL you make a request to from your code to retrieve the access token, it's not supposed to redirect.
The purpose of the redirect_uri parameter there is to verify that you're the same app which called the auth dialog and received the code originally
You should check out the server side oauth docs if you haven't done so already: https://developers.facebook.com/docs/facebook-login/login-flow-for-web-no-jssdk/
I have the access token from the user, and I want to retrive the data from their profile. I am working on Unity3D c# therefore I can not use any SDK.
Is there a way of getting it trough a graph request?
I've already tried with
https://graph.facebook.com/me?access_token=00000000000000|AAAAAAAAAAAAAAA
but throws me an error like this..
"message": "An active access token must be used to query information about the current user.",
When I ask for permissions I ask the user to allow me the publish_stream and to access profile data.
How do I get an active access token? I just want the UserID.
Thanks for your answers, and sorry for my terrible english.
So I wanted ti get the User UserAgent Token the only thing that you must do is add that parameter to the Access URL in my case
https://graph.facebook.com/oauth/authorize?type=user_agent&client_id=000000000000000&redirect_uri=http://yourRedirectdomain.com&scope=user_photos,email,user_birthday,offline_access,plublish_stream
Facebook will redirect you to the redirect_uri URL, and the access token will be given in form of a hash. Extra Tip: Yo have to access the Hashed token vía Javascript,
var hash = document.location.hash;
var n=hash.split("=");
This is one method, Im sure there is a better one.
Thank everybody for the answers!
you're Graph Call / HTTP request looks about right.
I'm guessing, based on the error, that the access token has expired.
Normally, they last for about 1-2 hours since the last time they were used. (If i recall correctly). So, a user will start using a website, and the website can make graph calls with the access token while the user is actually using the website for that session, but the token will expire soon after that.
However, you can also ask Facebook for a longer lasting access_token, which will last for approximately 60 days.
Check here for some info :: http://developers.facebook.com/roadmap/offline-access-removal/
As it stands, trying to find this info through browsing the developer docs in Facebook is rather difficult, if not impossible. :-/
You can’t query the API for /me with an app access token, since the API has no way of knowing who “me” is supposed to be.
Only user access tokens contain the info which user id they apply to, and hence only those can be used to query /me successfully.
I feel like every second question i ask here is relating to Facebook Connect - that says a lot about their API. Anyway, that's politics, i digress..
I'm trying to pull back user details from the Graph API for use in my application (which is an FBML external website - JavaScript SDK for authentication).
I have requested the following permissions from the user: (using the regular dialog)
publish_stream
email
This works, and allows me to post to the user's wall, and grab their email from the Graph API.
But when i do a HTTP GET Request to the following URL:
https://graph.facebook.com/uid?access_token=oat (where uid = the user id of the user i'm attempting to grab details for, and oat = the OAuth token i have).
All that comes back in the JSON is the User ID (which i already have, since im putting it in the URL), and the email.
Why can i not get things like first name, last name, locale, etc?
Am i using the wrong URL? Is my OAuth token wrong?
I'm getting the OAuth token from here:
https://graph.facebook.com/oauth/access_token?type=client_cred&client_id=myappid&client_secret=myappsecret
UPDATE:
It looks like the issue is my OAuth token.
Because when i go to the docs: http://developers.facebook.com/docs/api
And use the sample OAuth Token for the user im trying to retrieve, it gets all the details.
Anyone know what is wrong with my OAuth token call?
So, i was using the wrong URL for the OAuth Exchange. It needed to be this:
https://graph.facebook.com/oauth/exchange_sessions?type=client_cred&client_id=myappid&client_secrete=myappsecret&sessions=userseshid
The URL that i WAS using was as per the doco, the above one that works is nowhere to be found.
I'm at the point with FBC that i no longer care about the how, if it works, be thankful that it does even that and move on.
EDIT:
Also, i was wondering why the Graph API calls would "stop" working for no reason.
The answer is i needed to compare the Session Key used to obtain the OAuth token, with the Session Key currently in the cookies. If they are different, i needed to get a new OAuth token.
The session key used for any OAuth token is part of the actual OAuth token:
aaa|bbbb|cccc
Where bbbb is the session key. So i just compare that before doing any Graph API calls.