I am trying to use OAuth2 with LinkedIn, following the official documentation. The answers I got from are inconsistent, or rather does not exhibit any consistent behaviour. This SO question helped me somewhat: After switching to use oauth2_access_token query parameter I managed to be able to query information about the user.
However, each time I request a new access token and try to use it from my server I got the dreaded Unable to verify access token error. When I try to use the access token manually with a plain curl, it fails with same error unless I navigate to my LinkedIn page.
Can someone explains what's the correct workflow and parameters as LinkedIn's own documentation appears to be flawed? A server-side code example would be great...
Related
I'm building a Rails API with a proper front-end to go along with it (probably React). I'm currently implementing the API and haven't written a single line of front-end. I'm trying to implement OAuth with Facebook as explained in #a14m's answer for this post.
However the problem is that my API would require an authentication code so that it can exchange it for an access token with Facebook. As far as I understand, the code is obtained via a login dialog on the front-end. Now I want to test whether or not my API is getting a valid access token from Facebook in exchange for the code. But to get the code I have to open a dialog on the "front-end" which I have not implemented yet.
Any way I could open the dialog for Facebook login and get the code without writing the front-end? I probably think Postman would help but I don't know how. Also if there is a way to obtain the token without triggering the dialog would also get my job done. So I just want a way to access the code without a front-end.
You can definitely use Postman for this. I write Rails APIs often and I always use Postman to hit the endpoints without having a front-end. All you have to do is find out what you need to send to the Facebook API and set it up as a form body on Postman.
I am trying to retrieve a web auth token for CloudKit using their web services and postMessage API token. According to Apple's documentation, token should be returned as part of "data" object through the message callback, but all I am getting is the ckSession variable. It seems like documentation is wrong, or I am missing something.
Is there any additional API which should be called to retrieve the web auth token after this step? I tried being naive and passed ckSession to record listing APIs but that doesn't seem to work. Also, if I use a different token retrieval method, like custom URL scheme, for example, token gets retrieved correctly. This issue seems to only be related to postMessage option.
"Allowed origins" is set to "all domains" and I'm calling auth API from localhost. I am running Windows 10 and am using Chrome browser (if it means anything here, probably not).
It seems like someone had the same issue a couple of years ago and it was posted on the Apple forums, but it hadn't got much love back then.
Any help would be greatly appreciated. Also, I can provide more information, if needed.
As I understand it, you can only obtain the web auth token (ckWebAuthToken) via the front-end JavaScript API. It should be returned after the user signs in with their Apple ID. You could then POST that value to your back-end app and store it somehow (probably as a session variable).
You can read more about getting the web auth token on this page.
If you have since learned more about solving this and know more than I do, I'm all ears. :)
Likewise, I never managed to intercept the ckWebAuthToken with the postMessage method. I suspect it can be used only with the sign in button generated by setUpAuth in the JS SDK.
So instead I redirected to a page of mine hosted somewhere, where I grabbed the token from the query string and sent it to my host app, all in JavaScript. Clunky but it worked! :)
I can connect to the /v1/people/~ API URL perfectly with my Access Token but trying the same Token on the /v2/adAnalyticsV2? gives me a 403 error (without further explanation). I read through all the LinkedIn documentation about their Rest API and I just don't get it.
Please help.
Based on the error code, it looks like you do not have the proper permission to access this endpoint.
Has your application been given access to use LinkedIn's Marketing Analytics API? If not, you can apply for access here: https://business.linkedin.com/marketing-solutions/marketing-partners/become-a-partner
If you already have access, you should check if your application is requesting the required permission when requesting authorization codes. You would do this either by selecting it in the Default Application Permissions section when setting up your application, or by explicitly requesting it through the scope parameter in the authorization step
I got a note from the engineering team that I can't locate now mentioning something about disabling analytics from v2 of the API for some reason. Worth reaching out to your contact at LI, for sure, but most likely it was removed recently.
I am trying to figure out the best possible way for me to debug/verify facebook graph URL's (I am trying to specify permissions in the URL for oauth) e.g.:
https://graph.facebook.com/me?fields=name,picture,email,likes,interests,gender,id,locale,friends,first_name,last_name,link,user_about_me,friends_about_me&access_token=%s
However, I keep receiving an error message mentioning socialauth did not work correctly (I am using scribe/Java in debug mode). I could not locate other error messages. I am able to run oauth correctly with scribe using a smaller URL & I am not sure whether the issue is with the permissions I am asking for or the string I am creating. Any insights on how to troubleshoot or fix the issue will be appreciated. For any downvoters, seek a life!
Edit:
I am using scribe-java for oauth as mentioned in the post. I tried the URL above (as I mentioned in the post) but it gave me an exception in scribe (I used debug mode for scribe but I did not see any error messages besides "social auth did not work correctly"). When I try the same URL but without "user_about_me,friends_about_me" in the URL, I get a response from Facebook with a successful oauth. Are the values "user_about_me,friends_about_me" invalid for the oauth URL or perhaps I need to dig deeper into how scribe is communicating this to FB? I would not be surprised if its something I am doing which is incorrect - I just need to understand how best to troubleshoot this.
A while ago I had written some code that searched Facebook events using the api. I've been trying to revive that code but have been unsuccessful. The main difficulty I see is that is that searching for public events now seems to require an access token. The documentation (https://developers.facebook.com/docs/reference/api/event/) says that shouldn't be the case until July 5th but, the sample event search for me (https://graph.facebook.com/search?fields=name&q=conference&type=event) returns nothing if you don't have an access_token.
So I got an access_token for my application using the facebook php sdk $facebook->getAccessToken(). The problem I am now suffering is this seems to be the wrong type of token. It doesn't work to return any events and the query when posted into the url bar doesn't get anything, but if I switch it an access token generated by a learn graph api link the query works in the url bar (but not from my site annoyingly enough). The type of access token I'm getting from the app is basically | and that is the type that is not working for the event search.
I am basically looking for any advice I can get. How to get an access token that the event search will accept would be helpful. I also find it weird that I can do an event search using the url bar but, the exact same query through my app returns an empty array. So basically anything that can shed some light on my problems would be great.
UPDATE:
I got everything working except that it still requires a user access token rather than an app access token (or none). My other problem was caused by an oddity in the php sdk and I was able to solve it by just doing the curl queries myself.
I have the same problem, at this moment I'm using the access token the graph API explorer (https://developers.facebook.com/tools/explorer) uses when my app is selected (I think it's the users's token so the app can beave as the user, and since it's my access token it's not a big deal).
But this raise another problem: I think the token gets invalidated by logging off from FB or anything similar.