I am working on integrating the UBER API into my app.
The first step goes fine : an Authorization url is created, the user is redirected to Uber, logs in, accepts to share the desired scope, then UBER redirects to my redirection url as provided in the dashboard and in the authorization url.
When then I make a POST request to
https://login.uber.com/oauth/v2/token
to obtain an access token
Here is the payload I send to Uber on this url
{
"code": "obtained_from_redirection_url",
"client_id": "XXXXXXX",
"client_secret": "XXXXXXX",
"redirect_uri": "https://myredirection-url.me",
"grant_type": "authorization_code",
"scope": "all_trips history history_lite places profile request request_receipt ride_widgets"
}
the response is always
{
"error": "unsupported_grant_type"
}
As you can see, the grant_type : authorization_code value is the one provided by Uber.
The scope you see here, is exactly the same as the one sent with the authorization url.
So We can at least say that the error shown does not correspond to what causes the problem, which remains a mystery to me.
I would appreciate any help.
Well the answer to this issue was that the token endpoint expects the POST request to be made with a Content-Type = x-www-form-urlencoded instead of JSON.
It is not documented in UBER's doc, and I wish it was cause it made me loose days and days seeking a solution.
Related
I have an app that gets leads from facebook after webhook request when leads fill out forms: Some pages are throwing this error:
{
"error": {
"message": "Unsupported get request. Object with ID '233332620530416' does not exist, cannot be loaded due to missing permissions, or does not support this operation. Please read the Graph API documentation at https://developers.facebook.com/docs/graph-api",
"type": "GraphMethodException",
"code": 100,
"error_subcode": 33,
"fbtrace_id": "HIItB4mggfk"
},
"__debug__": {}
}
I cannot find the error subcode description in Facebooks API docs.
Check you access token at https://developers.facebook.com/tools/debug/accesstoken
Your app might be missing a needed permission scope.
Visit Business Settings > Users > System Users > Chose «Conversions API System User» > Add Assets. Add your Pixel with ID from your request to the list of assets System User can access.
I have had this issue a few times and the error led me to spend an hour or two combing the docs. The real issue for me each time has been malformed json in the request body (I'm using curl). Dumb I know, but in case a poor soul comes across this. Be sure to validate your json before you decide you query is wrong.
I got this error when adding access_token in post body, worked when adding parameters to url.
Success result using postman
Not success result using postman
Add your access token in the Authorization tab, then choose Oauth2.0 and add your access token on the right side. Please refer to the screenshot for the postman.Click here for the screenshot
I found the answer recently
Follow this steps using postman
https://graph.facebook.com/page-name/feed
headers:
Content-Type: application/x-www-form-urlencoded
Body:
message: "your message"
link:"your web link "
access_token:'Your access token '
I am using Uber Rest Api and trying to get access token:
Step 1:
Calling the get web API - https://login.uber.com/oauth/v1.2/authorize?client_id=gdSzxhaqFwjXly338goebrVCh_A7ND8b&response_type=code
Step 2:
URL: https://login.uber.com/oauth/v2/token
Request Body:
{
"client_secret": "xxxxxxxxxxxxxxxxxxxx",
"client_id": "gdSzxhaqFwjXly33",
"grant_type": "client_credentials",
"redirect_uri": "abc",
"code": "EBvazkPeZXbszs4MufjxA0poKUZuur"
}
and getting the response : "error": "unsupported_grant_type"
Please help me to fix the issue.
Thanks
Suresh Patel
First you should double check if you set the correct redirect url in the dashboard - needs to be the same as one on authorization url. Second your request to 'https://login.uber.com/oauth/v2/authorize' seems to contain invalid version. Please follow the steps of the authentication guide.
Briefly, you need to:
• Send user to authorize url. It starts by redirecting the user to the authorize endpoint: https://login.uber.com/oauth/v2/authorize?client_id=YOUR_CLIENT_ID&response_type=code&redirect_uri=YOUR_REDIRECT_URI .You can add scopes as well (check 'scope' parameter on authentication guide)
• Receive the redirect with an authorization code. After the user approves the scopes the user will be redirected to the redirect_uri with an auth code that you can post to the /v2/token endpoint to receive an access token.
• Make a POST call to: 'https://login.uber.com/oauth/v2/token'
• Store access and refresh token for future use
Try making your scope public.
To do that, add:
"scope: "public"
in your param
I want to access my full details using facebook api . I am using postman client for this and hit api as
URL : graph.facebook.com/v2.2/me
METHOD : GET
HEADER PARAMETER :
AccessToken : djbjd
AppID : dsdmds
AppSecret :sdkkd
Now I get response :
STATUS : 400 Bad Request and Response
"error": {
"message": "An active access token must be used to query information about the current user.",
"type": "OAuthException",
"code": 2500,
"fbtrace_id": "AQt0krgrd2U"
}
}
Can anyone tell me how I can hit facebook api using postman client .
You only need one GET parameter for this, the access_token parameter. It must be a valid User Token or Page Token.
You can also just try this in the browser directly: https://graph.facebook.com/me?access_token=xxx
I've been using Bearer Token to input the access token on Postman Client. The cool thing about it is you can add it to the folder and have every query inside the folder inherit it from the parent.
This lets me focus on the call and use each folder as an environment for calls related to the same object Page, App, Messenger and other tests
I'm getting the following error when I try to access the Graph API with my access token:
{
"error": {
"message": "Expected 1 '.' in the input between the postcard and the payload",
"type": "OAuthException",
"code": 1
}
}
I'm grabbing the access token after successfully authenticating an app I'm working on. I have accepted the permissions and I'm hitting the app's landing page. The access token doesn't look like others I've seen online. It doesn't have the '|' character in it. It does have a period and some underscores along with the typical alphanumeric combination.
I figured out the problem. The other developer I was working with used part of the raw signed_request object (not parsed) to form the access token. After taken a gander at the documentation, I quickly realized that you need to parse the signed_request object first before obtaining the oauth_token value. After that was fixed, I was able to easily make an API call.
Check to ensure you are verifying the "code" parameter returned by Facebook before signing the request, not the "access token". Signing a request with a bad access token produced this error message for me.
There's only thing that server has to do; just check any access token's validity.
Clients send to the server user id and access token obtained by FB.getLoginStatus. As I expected, there would be any URL that checks access token's validity, like http://xxx.facebook.com/access_token?=xxxxxxxxxxxxxxxxxxxxxxxxxxxx.
That returns whether it's available one or not or is there any API (server side) for that?
The officially supported method for this is:
GET graph.facebook.com/debug_token?
input_token={token-to-inspect}
&access_token={app-token-or-admin-token}
See the check token docs for more information.
An example response is:
{
"data": {
"app_id": 138483919580948,
"application": "Social Cafe",
"expires_at": 1352419328,
"is_valid": true,
"issued_at": 1347235328,
"metadata": {
"sso": "iphone-safari"
},
"scopes": [
"email",
"publish_actions"
],
"user_id": 1207059
}
}
You can simply request https://graph.facebook.com/me?access_token=xxxxxxxxxxxxxxxxx if you get an error, the token is invalid. If you get a JSON object with an id property then it is valid.
Unfortunately this will only tell you if your token is valid, not if it came from your app.
Just wanted to let you know that up until today I was first obtaining an app access token (via GET request to Facebook), and then using the received token as the app-token-or-admin-token in:
GET graph.facebook.com/debug_token?
input_token={token-to-inspect}
&access_token={app-token-or-admin-token}
However, I just realized a better way of doing this (with the added benefit of requiring one less GET request):
GET graph.facebook.com/debug_token?
input_token={token-to-inspect}
&access_token={app_id}|{app_secret}
As described in Facebook's documentation for Access Tokens here.
Simply request (HTTP GET):
https://graph.facebook.com/USER_ID/access_token=xxxxxxxxxxxxxxxxx
That's it.
The app token can be found from this url.
https://developers.facebook.com/tools/accesstoken
I found this official tool from facebook developer page, this page will you following information related to access token - App ID, Type, App-Scoped,User last installed this app via, Issued, Expires, Data Access Expires, Valid, Origin, Scopes.
Just need access token.
https://developers.facebook.com/tools/debug/accesstoken/
Exchange Access Token for Mobile Number and Country Code (Server Side OR Client Side)
You can get the mobile number with your access_token with this API https://graph.accountkit.com/v1.1/me/?access_token=xxxxxxxxxxxx. Maybe, once you have the mobile number and the id, you can work with it to verify the user with your server & database.
xxxxxxxxxx above is the Access Token
Example Response :
{
"id": "61940819992708",
"phone": {
"number": "+91XX82923912",
"country_prefix": "91",
"national_number": "XX82923912"
}
}
Exchange Auth Code for Access Token (Server Side)
If you have an Auth Code instead, you can first get the Access Token with this API - https://graph.accountkit.com/v1.1/access_token?grant_type=authorization_code&code=xxxxxxxxxx&access_token=AA|yyyyyyyyyy|zzzzzzzzzz
xxxxxxxxxx, yyyyyyyyyy and zzzzzzzzzz above are the Auth Code, App ID and App Secret respectively.
Example Response
{
"id": "619XX819992708",
"access_token": "EMAWdcsi711meGS2qQpNk4XBTwUBIDtqYAKoZBbBZAEZCZAXyWVbqvKUyKgDZBniZBFwKVyoVGHXnquCcikBqc9ROF2qAxLRrqBYAvXknwND3dhHU0iLZCRwBNHNlyQZD",
"token_refresh_interval_sec": XX92000
}
Note - This is preferred on the server-side since the API requires the APP Secret which is not meant to be shared for security reasons.
Good Luck.