First of all, great work. I donated because this could really save me lots of headaches. New to oauth2 and authentication in general. I signed up and registered # https://play.authlib.org/, added newapp. When I tried to authorize with the following uri:
https://play.authlib.org/oauth2/authorize?response_type=code&client_id=FhHzedZ9kdtQeTQRCwTgZELPdnHCEfEo7K0771U9XircD9Hh&state=e3dC66BGid2z0IwBinMgLKJ92IiD1r
it failed with:
{
"error": "insecure_transport",
"error_description": "OAuth 2 MUST utilize https."
}
Am I miss something?
There is nothing wrong with your code. The server itself has a bug (just fixed).
The playground is powered by Authlib v0.5 now.
You need to learn how to send requests for client_credentials:
https://www.rfc-editor.org/rfc/rfc6749#section-4.4.2
POST /token HTTP/1.1
Host: server.example.com
Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials
Related
When I connect to my on prem TFS server version 15.117.27414.0 using the url
GET http://{instance}/{collection}/{project}, I get a 200 OK using Basic Authentication with Base64 of PAT.
However, when I make an API call on this url say GET http://{instance}/{collection}/{project}/_apis/serviceendpoint/endpoints?api-version=3.2, I get a 404 error.
Request Header-
Content-type: application/json
Accept: application/json
Authorization: Basic ###########################
What am I doing wrong here?
That's not the correct URI.
https://learn.microsoft.com/en-us/azure/devops/integrate/previous-apis/endpoints/endpoints?view=tfs-2017
The URI would be:
_apis/distributedtask/serviceendpoints
Clio API v4 returns ForbiddenError for every request.
For example this request works without problem:
GET /api/v2/users/who_am_i HTTP/1.1
Host: app.clio.com
Authorization: Bearer ***
And this request doesn't work:
GET /api/v4/users/who_am_i HTTP/1.1
Host: app.clio.com
Authorization: Bearer ***
This is the error returned with status 403:
{"error":{"type":"ForbiddenError","message":"User is forbidden from taking that action"}}
The same happens with any other request.
I was having the exact same problem. Here's a response from Clio, which resolved my issue.
We have recently made a change that requires all Bulk Action requests include bearer tokens in order to be successful. If you are making requests without including bearer tokens, they will fail.
Hope this helps.
I've found the solution.
The problem happened because the Bearer token has been received for application registered with APIv2 and/or in wrong domain (Europe instead of USA).
That means when I approved user I approved it against wrong application.
I am using the LinkedIn API V2 and I am trying to query the AudienceCountsV2 from my company profile. I am using the following tutorial to build the request:
https://developer.linkedin.com/docs/guide/v2/ads/audience-counts#targetingCriteriaV2
This is the request information:
GET /v2/audienceCountsV2?q=targetingCriteriaV2&targetingCriteria=(include:(and:List((or:(urn%3Ali%3AadTargetingFacet%3Alocations:List(urn%3Ali%3AcountryGroup%3Ana))),(or:(urn%3Ali%3AadTargetingFacet%3Askills:List(urn%3Ali%3Askill%3A17)))))) HTTP/1.1
Host: api.linkedin.com
X-Restli-Protocol-Version: 2.0.0
Authorization: Bearer XXXXXXX
Cache-Control: no-cache
This is the response information:
HTTP/1.1 400 Bad Request
x-restli-gateway-error:"true"
content-type:"application/json"
date:"Wed, 12 Sep 2018 09:46:05 GMT"
x-li-fabric:"prod-ltx1"
transfer-encoding:"chunked"
connection:"keep-alive"
x-li-pop:"PROD-IDB2"
x-li-proto:"http/1.1"
set-cookie:"lidc="b=TB07:g=1965:u=1401:i=1536745565:t=1536824643:s=AQHBwKwS4Rsf4yI0kKGnz8pQwqOmeVu0""
x-li-route-key:""b=TB07:g=1965:u=1401:i=1536745565:t=1536824643:s=AQHBwKwS4Rsf4yI0kKGnz8pQwqOmeVu0""
x-li-uuid:"EWbxLvOdUxXAHJ7aEysAAA=="
serviceErrorCode:0
message:"Invalid query parameters passed to request"
When I am trying the same request with TargetingCriteriaV1 I do not have the issue and everything is working fine.
Try,by changing the countryGroup name(na)in urn with capital letters as (urn%3Ali%3AcountryGroup%3ANA).
GET /v2/audienceCountsV2?q=targetingCriteriaV2&targetingCriteria=(include:(and:List((or:(urn%3Ali%3AadTargetingFacet%3Alocations:List(urn%3Ali%3AcountryGroup%3ANA))),(or:(urn%3Ali%3AadTargetingFacet%3Askills:List(urn%3Ali%3Askill%3A17)))))) HTTP/1.1
The problem in this case was that the encoding was not done properly on my side. I was encoding all the ":" symbols while the API has a restriction to encode only a specific part of target criteria object.
For example:
targetingCriteria=(include:(and:List((or:(urn:li:adTargetingFacet:locations:List(urn:li:countryGroup:na))),(or:(urn:li:adTargetingFacet:skills:List(urn:li:skill:17))))))
was encoded to
targetingCriteria=(include:(and:List((or:(urn%3Ali%3AadTargetingFacet%3Alocations:List(urn%3Ali%3AcountryGroup%3Ana))),(or:(urn%3Ali%3AadTargetingFacet%3Askills:List(urn%3Ali%3Askill%3A17))))))
I am trying link Actions on Google with a 3rd party service (non-Google). I am using Google Oauth 2.0 Playground to check if I am getting the auth code and the access token. I successfully received the auth code but when requesting the access token I am receiving the following result from the response.
HTTP/1.1 400 Bad Request
Content-length: 16
Content-type: text/plain
WWW-Authenticate
I am not sure when I am doing wrong here. What does WWW-Authenticate mean?
Thanks in advance.
When creating a web hook within TFS (to access an external rest service url), I get a 401 error when testing (within the TFS application). I think call is not hitting API at all.
Below is the response I can see
Status Code: 401
Reason Phrase: Unauthorized
HTTP Version: 1.1
Headers:
{
Server: Microsoft-IIS/7.5
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
X-UA-Compatible: IE=EmulateIE8
Date: Fri, 30 Mar 2018 21:05:26 GMT
Content-Length: 1293
Content-Type: text/html
}
Any help would be appreciated!
The error ID 401 usually related to the authorization.
You could first use postman to double check user ID access to the API.
Also use week hook to access some other rest service url such as the example in Web Hooks. This will narrow down if the issue related to rest service url.
Besides try to use Basic Authentication, you can use alternate account instead. How to please take a look at:Protecting a VSTS Web Hook with Basic Authentication