I´m following this Google documentation to make account linking with oauth.
In the token exchange requests item, I am receiving the JSON below, as expected:
{
"client_id" : "*****",
"client_secret" : "*****",
"code" : "myauthorization_code",
"grant_type" : "authorization_code",
"redirect_uri" : "https://oauth-redirect.googleusercontent.com/r/****"
}
and my response is:
{
"access_token" : "myaccess_token",
"expires_in" : 3600,
"refresh_token" : "myrefresh_token",
"token_type" : "Bearer"
}
But I am getting "Something went wrong, please try again later"`error, in Google assistant app in iOS.
In stackdriver, I am getting the error:
SYNC: Request ID 4417600193631747637 failed with code: OPEN_AUTH_FAILURE
Based on your example, it sounds like you are skipping a step. The account linking process has two steps:
User authorization (user signs in to their account)
Token exchange (server returns a token for the authorized user)
It looks like you responded to the authorization request directly by providing a token. The authorization request should return a unique temporary code representing the user who authorized, which will be passed back to your token exchange endpoint to get the access token.
You can read more about how to implement account linking with your OAuth server in the documentation.
Testing Account Linking
You can use the Google OAuth Playground to verify that your account linking implementation is working properly. Here is how you can configure this tool to test your endpoint:
Open the Settings gear, change OAuth endpoints to Custom
Enter your authorization and token URLs from the Actions console
Enter your client ID and secret from the Actions console
You won't be authorizing any Google APIs, so for Step 1 you can just enter something like "devices" and click Authorize APIs. You can follow through with the flow in Step 2 to verify that the authorization and token exchange work properly. The tool will report if any errors occur in the flow.
Related
I am trying to get the data of a signed in user using Microsoft graph API. I work with the "aad_oauth" package in flutter. When signing in, an access token is provided. This access token is then used in a http.get request.
However every time I try to get the data, the following error appears.
"{"error":{"code":"Authorization_RequestDenied","message":"Insufficient privileges to complete the operation:"
I also added a permission at the ad admin center.
That's how I get the access token
This is my http request
I tried to reproduce the same in my environment and got the below results:
I created an Azure AD application and added user.read permission:
Now I generated access token via Postman with below parameters:
GET https://login.microsoftonline.com/TenantID/oauth2/v2.0/token
grant_type:authorization_code
client_id:1b323717-80d8-4172-b141-XXXXXX
client_secret:GTT8Q~PErY3nTbj9LO8Nkkm2ai.XXXXXXX
scope:user.read
code:code
redirect_uri: redirect_uri
To get the details of the signed-in user, I ran the below query by including bearer token:
GET https://graph.microsoft.com/v1.0/me/
I am using cordova-plugin-ms-adal-b2c-patch- cordova plugin with Azure b2c
I created a facebook developer account with the relevant definitions from here
The domain is : https://login.microsoftonline.com
The redirect URI is : https://login.microsoftonline.com/te/{{My tenent}}/oauth2/authresp
On the first login it worked from the second it stopped working with the following error:
Authorization code not exchanged for token
Hi I'm trying to develop an for GSuite admin which enables to migrate their google drive data to another cloud service. But in the process of authentication i'm getting the below error.
{
"error": "unauthorized_client",
"error_description": "Client is unauthorized to retrieve access tokens using this method."
}
Below are the api's that are enabled in developer console.
1. Admin SDK
2. Contacts API
3. G Mail API
4. Calendar API
5. Drive API
Please guide me if done anything wrong in creating an app.
The main thing what i missed here is Authorizing my service account client ID with the GSUITE admin.
And I have been trying to generate access_token for the expired domain of mine.
After clearing all these i have to success in generating and getting user data.
This solution worked for me. I hope it works for you tooo....
Thank you community.
We are integrating the Uber API into an app that is still in the development phase and not quite ready to go through the privileged scope request process. The API documentation states that "During development, your account (and any developer accounts you list on the dashboard) will be able to authorize these [privileged] scopes without whitelisting."
However, it seems that we are unable to access these privileged scopes at the moment, even just for development purposes. Can someone help us understand why this might be the case? We have put together a document with screenshots and commands to help illustrate the issue, which we can share via email if someone from the Uber API team is kindly able to help. Thanks!
Further information:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
REQUEST:
https://sandbox-api.uber.com/v1.2/requests
-H ‘Accept-Language: en_US’
-H ‘Content-Type: application/json’
-H ‘Authorization: Bearer ’
Payload
{
"fare_id": "d30e732b8bba22c9cdc10513ee86380087cb4a6f89e37ad21ba2a39f3a1ba960",
"product_id": "a1111c8c-c720-46c3-8534-2fcdd730040d",
"start_latitude": 37.761492,
"start_longitude": -122.423941,
"end_latitude": 37.775393,
"end_longitude": -122.417546
}
RESPONSE:
Status: 401: Unauthorized
{
"message": "This endpoint requires at least one of the following scopes: request.delegate.tos_accept, request, request.delegate",
"code": "unauthorized"
}
As shown above the request API call is returning unauthorized status and appears to require Privileged Scope for accessing it.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
The issue is that you need to authorize the privilege scopes by enabling them for your app in the dev dashboard and then passing them during the oauth authorize stage.
I am using firefox rest client to make a rest request to quickbook api.
below are fields I am using :
URL : https://quickbooks.api.intuit.com/v3/company/companyId/vendor/2
Method : POST
Header : Content-Type : application/xml
OAuth :
Consumer key : ****
consumer secret : ****
Access Token : ****
Access token secret : ****
I am copying these tokens directly from https://appcenter.intuit.com/Playground/OAuth/IA
Strange part is when these tokens are used in data service of IPP V3 Java Devkit, these token works.
I have no idea why these tokens will work with data service devkit and not on rest client.
Please help. Stuck on this from last 4 days.
Why do need the rest client for? The Oauth tokens geenrated by Intuit are known to have issues with Rest Clients. That's why we have provided the API explorer to test realms-
https://developer.intuit.com/apiexplorer?apiname=V3QBO
You just need to select your company/realm there.
OR
to debug client issues, there is another OAUTH extension provided by Intuit for Fiddler2.
Fiddler2-http://fiddler.en.lo4d.com/
Extension for OAUTH 1.1-
https://github.com/IntuitPartnerPlatform/FiddlerOAuth
1) Copy the extension to ‘My Documents\Fiddler2\Scripts’ folder.
2) You will then see the OAuth settings tab when you open the fiddler client.
3) Generate the Token and Token Secret using
Developer playground -
Login into developer.intuit.com->Manage my apps->Test connect
or
Use one of the sample apps from here-
https://github.com/IntuitDeveloperRelations/
4) Add the keys generated from step above in the OAuth setting tab, and click Apply.
5) You can fire your requests using Composer tab.
6) Add the correct headers after verifying from API explorer and then Run.
7) You can then view the raw response on the right side of the tab and the status code for the response on the left side.