I have tried to get uber driver profile information using the following URL,
GET: https://api.uber.com/v1/partners/me
As a first step I have set scopes as follows in the authorization step and get the access token,
https://login.uber.com/oauth/v2/authorize?client_id={cliend_id}&response_type=code&response_type=code&scope=profile%20history%20request%20places
All working fine but when I try to get profile information, I got this error:
{
"message": "This endpoint requires at least one of the following scopes: partner.accounts, partner.admin_accounts",
"code":"unauthorized"
}
Driver API is with limited access. In order to access Driver API endpoints, you will need to apply for scope whitelisting - in your case it is partner.accounts. You can apply for access to Driver API here: https://developer.uber.com/products/drivers but just as a heads up access granting is currently very limited.
So after we review your access request - and you get access to the scope - please select it on your application dashboard - and when you authenticate your users - you will authenticate your users with this scope - and be able to access "GET /v1/partners/me" endpoint.
Related
I have configured our Azure Data Factory with a REST Link Service. I have obtained a valid token from the end service.
The token successfully works when using the token with POSTMAN, but the token returns Error status code 401 Unauthorized with Azure Data Factory.
As you can see with POSTMAN when I send a GET request with the Token I get data back:
However, with Azure Data Factory I get the error:
{
"errorCode": "2200",
"message": "Failure happened on 'Source' side. ErrorCode=RestCallFailedWithClientError,'Type=Microsoft.DataTransfer.Common.Shared.HybridDeliveryException,Message=Rest call failed with client error, status code 401 Unauthorized, please check your activity settings.\nRequest URL: https://pm2.preqinsolutions.com/apiCore/api/countries.\nResponse: ,Source=Microsoft.DataTransfer.ClientLibrary,'",
"failureType": "UserError",
"target": "Copy data1",
"details": []
}
The ADF Link Service is a follows:
Can someone see something obvioius that would prevent access due 401 Unauthorized status with ADF?
I have also tried the following ADF configuration. However, I'm getting the same error:
Please try changing the authHeader name to Authorization and the value to Bearer <your API key>. I suspect from the screenshot of Postman that is what it’s doing. If that does not work then please provide a link to the documentation. This explains Bearer tokens.
You might also check the lifetime of your access token and make sure it doesn’t expire after an hour, for example.
I did a quick test against a REST API I know (Power BI REST API). The linked service looks like this and the value for the Authorization header was Bearer MY_ACCESS_TOKEN_HERE.
The dataset looks like:
The source of the Copy activity looks like:
This succeeded.
I would suggest you contact pm2.preqinsolutions.com support to see if they can provide more information on your access token / API key and have them confirm that the API isn't restricted to be accessed from only certain allowed API addresses. (ADF will not be accessing it from an on-premises IP address like your laptop.) You might also change the REST API linked service to use a self-hosted integration runtime instead of an Azure integration runtime to validate the IP address the API is called from isn't the issue.
I am trying to get the data of a signed in user using Microsoft graph API. I work with the "aad_oauth" package in flutter. When signing in, an access token is provided. This access token is then used in a http.get request.
However every time I try to get the data, the following error appears.
"{"error":{"code":"Authorization_RequestDenied","message":"Insufficient privileges to complete the operation:"
I also added a permission at the ad admin center.
That's how I get the access token
This is my http request
I tried to reproduce the same in my environment and got the below results:
I created an Azure AD application and added user.read permission:
Now I generated access token via Postman with below parameters:
GET https://login.microsoftonline.com/TenantID/oauth2/v2.0/token
grant_type:authorization_code
client_id:1b323717-80d8-4172-b141-XXXXXX
client_secret:GTT8Q~PErY3nTbj9LO8Nkkm2ai.XXXXXXX
scope:user.read
code:code
redirect_uri: redirect_uri
To get the details of the signed-in user, I ran the below query by including bearer token:
GET https://graph.microsoft.com/v1.0/me/
I have created an app registration in google cloud and have managed to authenticate when using the test scope by changing the redirect url to localhost:8080 and acquiring an access token and a refresh token. The problem is that the refresh token expires when using the test scope, so I switched to the production scope, and now I get an error no matter what url I list as an authorized domain.
The only solution I can find so far is to switch back to the test environment (Google oAuth 2.0 API Authentication Error: Error 400 - redirect_uri_mismatch (does not comply with policy) DJANGO APP), but that doesn't work for me for the reasons above.
Does anyone know how to get a permanent refresh token in production scope for sa 360?
Any help would be much appreciated.
I wish to obtain an access token without user interaction in order to automate REST API calls to Azure services (Compute, Network, etc.). In the documentation, several authentication scenarios are listed. The one that fits my use-case the most is "Daemon or Server Application to Web API".
I followed the instructions to request an access token : first I registered an App in my Azure Active Directory. Then I created a key (client_secret parameter) associated to the application ID (client_id parameter). I also obtained the App ID URI (resource parameter). I used all these parameters to create a POST request to the /token endpoint of my Azure AD. However I get the following error message:
{
"code":"InvalidAuthenticationTokenAudience",
"message":"The access token has been obtained from wrong audience or resource 'https://solutionsmosaixsoft.onmicrosoft.com/<APP_ID_URI>'. It should exactly match (including forward slash) with one of the allowed audiences 'https://management.core.windows.net/','https://management.azure.com/'."
}
What am I doing wrong? Am I setting the resource parameter to the wrong value?
The resource parameter tells your application where to get token(identifier of the resource for which the access token is being requested). If you want to get a token to call Azure Service Management API , you could set the resource as https://management.core.windows.net/ .
Edit:
If the APIs you want to call are Microsoft provided APIs , the resource is known ,for example :
Azure Service Management API:https://management.core.windows.net/
Microsoft Graph API :https://graph.microsoft.com/
If you want to call the API apps which your created , you can either use the Client ID or the App ID URI of the resource WebAPI (Find them in the configure tab of the Azure AD application in the Azure Management portal).
You could refer to below link for code samples :
https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-code-samples
You need to make a POST request to the token endpoint.
The resource parameter must be the resource URI for the API that you want to access, not yours.
Azure AD Graph API: https://graph.windows.net/
Microsoft Graph API: https://graph.microsoft.com/
I am trying to make request to the Graph API using a service with no UI. I downloaded the following sample code and followed the instructions: https://blog.kloud.com.au/2015/12/14/implementing-application-with-o365-graph-api-in-app-only-mode/
I successfully get an Access Token, but when using it to make a request to get organization information (required Read Directory Data access), I get 403 Unauthorized.
I have registered my app in Azure AD (where I am a co-administrator).
I have specified Microsoft Graph in the 'permissions to other applications' section, and given Read Directory Data access.
Interestingly there is a note below saying 'You are authorized to select only delegated permissions which have personal scope'. Even though I clearly did. Why? I suspect this is the source of my problem.
Likewise I have checked my demo app against these instructions: https://graph.microsoft.io/en-us/docs/authorization/app_only, but it makes no mention of what role in Azure you need to have.
in this SO post's answer, there is mention of still needing to Consent. I haven't found any documentation about this.
You are authorized to select only delegated permissions which have personal scope
This issue is caused that the app is created by none admin and when they visit the portal then will see this message.
To grant the app-only permission to the application, we need to be the administrator of the tenant. It is different with the co-administrator. To user the Client Credential flow, I suggest that you contact the admin of the tenant to create an application for you. And if you were just for testing purpose, you can create a free tenant and register the application yourself.
Update
We need the assign the Global administrator director role as figure below to make the application works for the client credential flow: