I'm having trouble making an API call. Have got Token, Secret etc, no problem. Difficulties occur when trying to retrieve Contact information. I've tried to access the Sage Developers Forum but just get taken round in circles by the Sage sight.
Here is my own trace.
ACCESS : 2a075f2f204a380505a4f27378056bfa326b582f
REFRESH : 2de459f637c1c89bc7add9a424b04f4a2c29a6ec
POST : POST&https%3A%2F%2Fapi.sageone.com%2Faccounts%2Fv1%2Fcontacts&contact_type=1&1435822573
SIGNING : 4c53564b7b9f1542838e65384b2c506b37bb5c28&2a075f2f204a380505a4f27378056bfa326b582f
HASH : NzY2ODE1ZjJmOTVlMmY5MWVjODI2MjdhMTAyMGMyNWM0N2MyNjA1Ng==
CURL ARGS:
URL : https://api.sageone.com/test/accounts/v1/contacts?contact_type=1
AUTHORIZATION : Bearer 2a075f2f204a380505a4f27378056bfa326b582f
X-SIGNATURE : NzY2ODE1ZjJmOTVlMmY5MWVjODI2MjdhMTAyMGMyNWM0N2MyNjA1Ng==
X-NONCE : 1435822573
ACCEPT : */*
CONTENT-TYPE : application/x-www-form-urlencoded
USER-AGENT : Great Water
STRING : Authorization=Bearer 2a075f2f204a380505a4f27378056bfa326b582f&X-Signature=NzY2ODE1ZjJmOTVlMmY5MWVjODI2MjdhMTAyMGMyNWM0N2MyNjA1Ng==&X-Nonce=1435822573&Accept=*/*&Content-Type=application/x-www-form-urlencoded&User-Agent=Great Water&
RESULTS
{"error":"Authorization header is missing.","error_description":"Please provide an 'Authorization' header with the following format: Bearer xxxxx."}
As you can see, despite the Authorization argument being present, Sage is rejecting it.
Any ideas?
Not sure what language you are using, but there are a couple of PHP classes on github that you can use as a reference.
If you want to use clientId / accessToken like in this documentation: https://developers.sageone.com/docs/en/v1
Use the class by EddieHarrison # https://github.com/eddieharrison/sageone-api-php
If you have requested an Api Key from: https://accounting.sageone.co.za/Marketing/DeveloperProgram.aspx
Use the class i put up today # https://github.com/Sharnw/sage-one-accounting-api
Related
I'm trying to build a gRPC client for Google's Firestore API in Elixir.
Before starting to write some code , I thought that it would be wise to first start with BloomRPC in order to debug the issue.
As base url, I'm using https://firestore.googleapis.com where I pinned the rot certificate.
As auth I'm using an access_token obtained using oauth with the following 2 scopes: "https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/datastore"
being passed as a Authorization header:
{
"Authorization": "Bearer 29ya.a0AfH6SMBDYZPsVgQv0PMqyGRXypc3DfWF_2jbvAJKMquTaryCvxEB7X1Rbprfk1Ebrwid2bXbcR3Aw-d1Tytlo_lThkyqRDRIbnSz5-nQ3xWklkmjyFMAuQtFCoz01hk3vbgBwd2gdbFNNWiOU_8NqPC_vElyz2-cQ34"
}
And I get back:
{
"error": "3 INVALID_ARGUMENT: Missing required project ID."
}
So clearly I should be passing the project ID somehow but I can't find it anywhere in the docs. Anybody any clues?
I just figured out what I was doing wrong.
Basically the Bearer token I was using is correct (obtained via the OAuth Playground).
The trick was to specify the PROJECT_ID in the parent parameter of the request:
{
"parent": "projects/[project-id]/databases/(default)/documents",
"page_size": 10
}
I should have just read the docs properly :)
I've tried to change MUC subject using ejabberd API but didn't work. I use Postman to work with the API
api : /api/change_room_option
request body :
{
"name": "testgroup",
"service": "conference.localhost",
"option": "subject",
"value": "BookNerds"
}
error : "400 Bad Request"
I've enabled change_room_option in my ejabberd.yaml and set allow_change_subj to true. Using this configuration and same request body format, I successfully change 'title' and 'description'.
Note : I ran another test using Adium and successfully change the subject. When I check in database, subject and subject_author have been updated. Do I need to set subject_author too in the request body? If yes - I don't think it's possible since change_room_option will only accept four parameters as stated here
I'm trying to create OpenTok session by Rest services with JWT object as suggested. I tried to generate session with Fiddler.
Here is my fiddler request (JWT string has been changed with *** partially for security reasons)
POST https: //api.opentok.com/session/create HTTP/1.1
Host: api.opentok.com
X-OPENTOK-AUTH: json_web_token
Accept: application/json
Content-Length: 172
eyJ0eXAiOiJKV1QiL******iOiJIUzI1NiJ9.eyJpc3MiOjQ1NzM******OiJkZW5l******XQiOjE0ODI3OTIzO***SOMESIGNEDKEYHERE***.izvhwYcgwkGCyNjV*****2HRqiyBIYi9M
I got 403 {"code":-1,"message":"Invalid token format"} error probably means my JWT object is not correct. I tried creating it using http://jwt.io (as opentok suggests) and other sites and all seems correct and very similar to the one on tokbox (opentok) site.
I need an explanation to fix it and create a session.
May it be because I am using opentok trial?
JWT creation Parameters
I had the same problem. I resolved the error by setting the correct key-value pairs for the payload part.
Example of my payload is as follows in C#:
var payload = new Dictionary<string, object>()
{
{ "iss", "45728332" },
{ "ist", "project" },
{ "iat", ToUnixTime(issued) },
{ "exp", ToUnixTime(expire) }
};
The value of the "ist" should be set to "project", not the actual name of your project.
Update: Looking at your screenshot, I can say you have not set the secret key (here, it's your ApiKeySecret from TokBox account > project) at the very bottom right.
OK I have found the answer at last,
Your Opentok API Secret key should not be used directly as Sign parameter. In java as shown below, it should be encoded first.
Base64.encodeToString("db4******b51a4032a83*******5d19a*****e01".getBytes(),0)
I haven't tried it on http://jwt.io and fiddler but it seems it will work on it too. Thanks. Full code is below;
payload = Jwts.builder()
.setIssuedAt(currentTime)
.setIssuer("YOUR_OPENTOK_KEY")
.setExpiration(fiveMinutesAdded)
.claim("ist", "project")
.setHeaderParam("typ","JWT")
.signWith(SignatureAlgorithm.HS256, Base64.encodeToString("YOUR_OPENTOK_SECRET".getBytes(),0))
.compact();
return payload;
I am trying to authenticate on the GitHub API via Basic Authentication using MSXML2.XMLHTTP. I understand that I need to pass my credentials using the Authorization HTTP header.
So this is my code, but it always returns unauthenticated. (As per the GitHub API documentation, with a 404 / Not Found). What am I doing wrong? (Obviously the code does not use my real credentials, just "user" and "password" as an example).
Dim o
Set o = CreateObject("MSXML2.XMLHTTP")
o.open "GET", "https://api.github.com/user/", False, "user", "password"
o.setRequestHeader "Authorization", "Basic dXNlcjpwYXNzd29yZA=="
o.send
Wscript.Echo o.responseText
My previous answer was based on a misunderstanding, so I removed it.
Trailing slashes in Github API endpoints really matter, /user and /user/ are not equal. You're getting a real 404 Not Found, not one of Github's authorization related workaround 404 responses.
This will work:
Dim o
Set o = CreateObject("MSXML2.XMLHTTP")
o.open "GET", "https://api.github.com/user", False
o.setRequestHeader "Authorization", "Basic dXNlcjpwYXNzd29yZA=="
o.send
Wscript.Echo o.responseText
I have implemented passport-local strategy and passport-bearer strategy.
When user logins with username/password credentials, I generate JSON Web Token which returns to requester. On each request I get access_token from query, decode this token from JWT to object and make bearer authorization implemented in /api/policies. And all auth works fine.
But when I provide this access_token to RESTful route i.e. user I got empty array.
The problem, that Sails accepts access_token as criteria.
Example:
GET /user ## Forbidden
GET /user?access_token=<token> ## Empty array
How can I disable or fix it?
You would probably be better off sending your access token in a header than in the URL. But if what your asking is how to blacklist a certain property from being used as criteria in a blueprint route, it can be done in the following way in your config/routes.js file:
"GET /user": {blueprint: "find", criteria: {blacklist: ["access_token"]}}
This will override the default blacklist, so you may want to include those defaults in your custom array:
"GET /user": {
blueprint: "find",
criteria: {
blacklist: ["access_token", "limit", "skip", "sort", "populate"]
}
}