We are trying to ask get questions to the sharepoint api for example
https://domain.sharepoint.com/_api/web/lists/GetByTitle'('List')'/Items
We have been trying to access our sites API via REST API. We have tried many different ways and looked trough a lot of Microsoft Documentation but it seems we have misunderstood something in regards to how to authenticate us because we get
Access denied. You do not have permission to perform this action or access this resource
We use Office365 and Sharepoint Online. Can I not use username password somehow or do I have to design a flow for authentication using the token request etc? Can I in that case try it with curl somehow?
We have tried to use curl to simulate it:
curl https://domain.sharepoint.com/_api/web/lists/GetByTitle'('List')'/Items -v --ntlm --negotiate -u username:password
Related
I'm having problems authenticating Azure Devops API using console applications
After call Get Projects API on AzureDevOps i get a redirect... to login page
curl -u :${B64_PAT} "https://dev.azure.com/xxxxxxxxxxxx/_apis/projects?api-version=6.0"
Return:
<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://spsprodsbr1.vssps.visualstudio.com/_signin?rea
I need call this API from a "Java Server Application", but I'm having a problem with this return to the login page. But I would like to follow Device Authentication flow
I can reproduce your issue on my side, to solve the issue, please pass your PAT directly to the command without base64 encode.
curl -u :<PAT> "https://dev.azure.com/xxxxxxxxxxxx/_apis/projects?api-version=6.0"
I have been authenticating to GitHub with the following:
curl -u username:token https://api.github.com/user
In this GitHub blog post mentioning the deprecation of using user passwords it mentions:
Instead, use a personal access token when testing endpoints or doing
local development:
curl -H 'Authorization: token my_access_token'
https://api.github.com/user/repos
This method is via the Authorization header. They did not mention here that providing a token via Basic Authentication with the -u argument would still be possible.
Can anyone clear this up?
Answering my own question. I posted the above question to GitHub support and received the following reply in relation to the GitHub blog post example:
This method is via the Authorization header. They did not mention here
that providing a token via Basic Authentication with the -u argument
would still be possible.
While we have deprecated password authentication to the GitHub API, we
have no current plans to deprecate basic authentication, so you are
correct— API calls can still be authenticated using the -u switch in
curl, provided a personal access token is used in place of a password.
This syntax is outlined in our Other authentication methods
documentation.
However, our recommended method of authenticating with the GitHub API
is through supplying the token in an authorization header, so this is
how we provide curl examples throughout our REST and GraphQL API
documentation.
So, while using the -u switch isn't the primary documented method of
authentication, please feel free to continue to do so if this is your
preferred syntax.
So in conclusion, providing a token via Basic Authentication with the -u argument is still supported as of Feb 2021. However, it isn't the primary documented auth method.
Background
We are writing some documentation for our support team.
We want to include links to files that are stored in private GitHub repositories.
We do not want the documentation to become stale if somebody refactors the code in the private GitHub repositories, so instead I am setting up a CI job that parses the documentation (with jsoup if you are interested) and finds all the links.
Once we have all the links we start checking them.
NOTE: we have written a custom link checker, because one of the critical set of links we have is for our monitoring solution, and sadly (also understandably) the SaaS we are using returns 404's for any unauthenticated requests on the URLs of the alerts.
The SaaS itself uses a 2FA to access the Web UI, so what we have ended up doing is parsing the URLs and then constructing an equivalent call to the SaaS API to validate the link.
For the monitoring system we use, this is easy: all the URLs are the same format.
Question
Can we validate a random GitHub URL as valid (ideally using only curl - I can translate to my chosen HTTP client from there, and curl gives a more generic answer) using a Personal Access Token? And if so, how?
The URLs could be:
simple direct to repo URLs: https://github.com/<org>/<repo>
direct to branch URLs: https://github.com/<org>/<repo>/tree/<branch>
file URLs: https://github.com/<org>/<repo>/blob/<path/to/file>
diff URLs: https://github.com/<org>/<repo>/compare/[<branch>...]<branch>
other URLs that are based on the presence of the repo and do not vary in child path, e.g. https://github.com/<org>/<repo>/pulls, https://github.com/<org>/<repo>/settings/collaboration, etc
plus who knows what other URLs people will add within the docs...
Things I have tried that didn't work
HTTP Basic authentication with the Personal Access Token as the password, e.g.
curl -I -u stephenc:2....token.redacted....b https://github.com/stephenc/<repo-name>
HTTP/1.1 404 Not Found
HTTP Bearer authentication, e.g.
curl -I -H "Authorization: bearer 2....token.redacted....b" https://github.com/stephenc/<repo-name>
HTTP/1.1 404 Not Found
It looks like it works for some URLs (no idea which ones).
I can access curl -u agentgonzo:$TOKEN https://raw.githubusercontent.com/agentgonzo/repo/path/to/file using the API Token as my username, but the same doesn't work on https://github.com URLs. Not sure if this will help you or not.
I got an answer from GitHub Support: No
Since a personal access token won't work for GitHub web UI URLs, no, there isn't a way to verify all possible GitHub private repo URLs without making API calls in some cases.
Please let me know what is the authentication method we should use when working with OneDrive REST APIs.
Is it AZURE AD using the URL https://login.windows.net/common/oauth2/authorize?
Or the https://login.live.com/oauth20_authorize.srf?
I'm trying to make a simple call to the new OneDrive REST API (I'm using Azure AD, but not sure if this is the correct Authentication method).
I'm using Postman rest client to send the request.
I have registered my application in Azure AD and given it full permissions to 'Office 365 SharePoint Online'.
I can successfully get an authorization token using the clientId generated in Azure AD.
However when I attempt to list files using following request using the access token I get the following error.
Could you please let me know what could be the issue?
RESOURCE HTTP GET:
URL: https://-my.sharepoint.com/personal//_api/Files
HEADER: Authorization: Bearer
Response:
3001000;reason="There has been an error authenticating the request.";category="invalid_client"
IF you refer the public free version of OneDrive, then you should take a look at OneDrives API Documentation. Which uses Live SDK.
If you are using the OneDrive for Business, then you should use the SharePoint 2013 APIs. For SharePoint online this Question (its answer) on SharePoint StackExchange might be helpful. OR if you look for the new-and-in-preview Office365, you might find this page interesting.
A blog post with full walkthrough and code how to authenticate to SharePoint Online with Azure ACS.
Check out the [new][1] v1.0 O365 APIs that describe the OneDrive Business and other O365 service APIs, including authentication.
I’m trying to use the Github v3 API - I already implemented the required OAuth flow and it works well.
Now I’m trying some of the Repos API endpoints (http://developer.github.com/v3/repos/).
So far, I’m able to get a List of my repos using: GET /user/repos
However, when I try to create a repo using POST /user/repos, I get a 404.
Any thoughts what I might be doing wrong?
Joubert
Can you please tell us how exactly you did the HTTP request? The 404 sounds like you were using a wrong path, probably. But to give a reliable answer instead a wild guess, we need to see your request, including how you are sending your token, just mask it with 'xxx' or something.
I'll show you in the meantime an example request, that is working:
curl -XPOST -H 'Authorization: token S3CR3T' https://api.github.com/user/repos -d '{"name":"my-new-repo","description":"my new repo description"}'
You would need to replace the OAuth token of course: S3CR3T
I had the same issue. The reason why you are getting a 404 with your oauth access token is that when you authorize to github you need to also additionally pass the scopes you want. For example, in the header you should see "X-OAuth-Scopes: repo, user", which means this user has read/write access to his profile and repositories. Once you have set the correct scopes you should be able to do POST/PUT requests just fine.
To see whether or not you have the correct permissions. You can do something like the following. Substitute the XXXXXXX with your access token.
curl -I https://api.github.com/user?access_token=XXXXXXXX
For creating repositories as a user you can use an personal access token and basic auth, which can be much simpler when you are fluffing around on the command line and have 2FA enabled.
curl -d '{"name":"test"}' -u githubuser:personaccesstoken https://api.github.com/user/repos
Create a personal access token here https://github.com/settings/tokens and make sure it has the 'repo' scope.
This script lets you read in in the token and project name as variables so you can use it in a script
#!/usr/bin/env bash -u
#
TOKEN=`cat token_file`
PROJECT=myproject
curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' -d '{"name": "'"$PROJECT"'"}' https://api.github.com/user/repos?access_token=$TOKEN