I'm trying to see how to use loopback-passport. So I clone this repo: loopback-example-passport and got it working with Facebook and local login. However, if I go to the API explorer and try to GET some users, or my own accessToken, I always get 401-permision denied.
What I am doing is this:
Open up the example application
Log in using Facebook Provider
Get the token stored in local-storage and set it in the API explorer
Make a request
So in the API explorer I'm using the same access token I got from the Facebook provider. What I'm I doing wrong here?
Thanks!
Related
I am trying to get the data of a signed in user using Microsoft graph API. I work with the "aad_oauth" package in flutter. When signing in, an access token is provided. This access token is then used in a http.get request.
However every time I try to get the data, the following error appears.
"{"error":{"code":"Authorization_RequestDenied","message":"Insufficient privileges to complete the operation:"
I also added a permission at the ad admin center.
That's how I get the access token
This is my http request
I tried to reproduce the same in my environment and got the below results:
I created an Azure AD application and added user.read permission:
Now I generated access token via Postman with below parameters:
GET https://login.microsoftonline.com/TenantID/oauth2/v2.0/token
grant_type:authorization_code
client_id:1b323717-80d8-4172-b141-XXXXXX
client_secret:GTT8Q~PErY3nTbj9LO8Nkkm2ai.XXXXXXX
scope:user.read
code:code
redirect_uri: redirect_uri
To get the details of the signed-in user, I ran the below query by including bearer token:
GET https://graph.microsoft.com/v1.0/me/
I have created an app registration in google cloud and have managed to authenticate when using the test scope by changing the redirect url to localhost:8080 and acquiring an access token and a refresh token. The problem is that the refresh token expires when using the test scope, so I switched to the production scope, and now I get an error no matter what url I list as an authorized domain.
The only solution I can find so far is to switch back to the test environment (Google oAuth 2.0 API Authentication Error: Error 400 - redirect_uri_mismatch (does not comply with policy) DJANGO APP), but that doesn't work for me for the reasons above.
Does anyone know how to get a permanent refresh token in production scope for sa 360?
Any help would be much appreciated.
I have tried this URL : http://lists.jboss.org/pipermail/keycloak-user/2018-September/015665.html, though with no help.
i have an access token to call admin API's
Xtreme Biker is right.
I could get the url from UI console.
/realms//clients//installation/providers/keycloak-oidc-keycloak-json
using client name, client-id can be retrieved using endpoint
/auth/admin/realms/${realm}/clients?clientId=
The catch is the access token that has to be supplied to the admin endpoints to respond successfully.
Access token shall be retrieved using a credentials of a user who has 'manageclients' access to the client role of the realm under which the client is registered.
I have tried to get uber driver profile information using the following URL,
GET: https://api.uber.com/v1/partners/me
As a first step I have set scopes as follows in the authorization step and get the access token,
https://login.uber.com/oauth/v2/authorize?client_id={cliend_id}&response_type=code&response_type=code&scope=profile%20history%20request%20places
All working fine but when I try to get profile information, I got this error:
{
"message": "This endpoint requires at least one of the following scopes: partner.accounts, partner.admin_accounts",
"code":"unauthorized"
}
Driver API is with limited access. In order to access Driver API endpoints, you will need to apply for scope whitelisting - in your case it is partner.accounts. You can apply for access to Driver API here: https://developer.uber.com/products/drivers but just as a heads up access granting is currently very limited.
So after we review your access request - and you get access to the scope - please select it on your application dashboard - and when you authenticate your users - you will authenticate your users with this scope - and be able to access "GET /v1/partners/me" endpoint.
I'm trying to use the Stash REST API in order to get a list of all open pull requests using the URI https://stash.myserver.com/stash/rest/api/1.0/projects/TEST/repos/testrepo
But I always get a 401 Unauthorized with the following content:
{"errors":[{"context":null,"message":"You are not permitted to access this resource","exceptionName":"com.atlassian.stash.exception.AuthorisationException"}]}
I use HTTP Basic Auth and the user definitely has proper permission to the repository. It also works if I open the REST URL in the browser while I'm logged in or when I use the JSESSIONID-Cookie.
Is it possible that I need to enable basic auth in Stash? I couldn't find such an option in the admin settings.