Very, very new to user authentication. Looking to allow users to register with Google.
Current status: I'm successfully making it to this step
But, when I click an account, I'm getting this error 403
Related
hello i tried launching python gmail API on my localhost but this error prevent me from authorizing and collect user tokens
credential.json correct
Authorized redirect URIs empty
Authorized JavaScript origins empty
You can’t sign in because geko sent an invalid request. You can try again later, or contact the developer about this issue. Learn more about this error
If you are a developer of geko, see error details.
Error 400: redirect_uri_mismatch
I have an app that uses the Google Calendar API and I seem to have a corrupt/defunct access token and/or refresh token which is resulting in the following error:
Signet::AuthorizationError
Authorization failed. Server message: { "error": "invalid_grant", "error_description": "Bad Request" }
Code for the authorization:
client_id = Google::Auth::ClientId.new(CLIENT_ID, CLIENT_SECRET)
token_store = EncryptingTokenStore.new(TokenStore.new)
scope = "https://www.googleapis.com/auth/calendar"
authorizer = Google::Auth::UserAuthorizer.new(client_id, scope, token_store, callback_url)
authorizer.get_credentials(CALENDAR_ID)
On investigation the UserRefreshCredentials we get back from authorizer object has an expires_at date in the past (11/01/2021).
I deleted the offending refresh token that we have stored, revoked access via the google account settings, then reauthenticated the user account with the app to reapprove offline access to Google Calendar again. This did not give me a new access and refresh token as expected. The expires_at is still 11/01/2021. We have valid refresh tokens in storage but for some reason Google is still picking up the old details despite that refresh token no longer existing. So I need to find a way to refresh or overwrite the UserRefreshCredentials that the Google API is using.
Other steps I have tried:
I tried to refresh the token from within a production console with some methods that come with the ruby google client gem but this fails with the same invalid_grant/Bad request error that is at the root of this issue.
I also tried to refresh the token with a POST request to the oauth2 endpoint:
https://oauth2.googleapis.com/token?client_id=CLIENT_ID&client_secret=CLIENT_SECRET&refresh_token=REFRESH_TOKEN&grant_type=refresh_token
but this also fails with the same invalid_grant/Bad request error.
If anyone can shed any light that would be much appreciated.
When using the Microsoft Graph API endpoint /v1.0/me/messages, I'm presented with a 404 error despite consented with Mail.Read permission.
{'error': {'code': 'ResourceNotFound',
'message': 'Resource could not be discovered.',
'innerError': {'date': '2021-06-02T13:25:37',
'request-id': '8e12f76c-dc76-407e-8d74-71cb319f7637',
'client-request-id': '8e12f76c-dc76-407e-8d74-71cb319f7637'}}}
I've granted Mail.Read permission in Azure portal.
I've tried the same Graph Explorer, and it works fine.
enter image description here
Any suggestions on how to get a 200 OK instead?
EDIT 1:
Currently, my access token allows me to get my profile through endpoint /me. However, if I try to use /me/mailFolders or /me/messages to get my mails I get the error above.
Permission page
I'm trying to allow my app to work be able to allow users to login via LinkedIn, however i keep getting the 403 Forbidden Error as shown in the screenshot.
Hopefully someone can advise.
The error message clearly says that you do not have enough permission to use LinkedIn API. You need to request permissions from linkedin.
I got this error when I create new client secret in new project.
That’s an error.
Error: restricted_client
Unregistered scope(s) in the request: https://www.googleapis.com/auth/youtube.readonly
Request Details
access_type=offline
response_type=code
client_id=487794563386-mujtj6b5iatnmvdailldn468gg028p8g.apps.googleusercontent.com
redirect_uri=http://localhost:61515/authorize/
scope=https://www.googleapis.com/auth/youtube.readonly
That’s all we know.
How could I fix that ?
403 errors are errors with the users access. The user you are currently authenticated with does not have permission to do what you are trying to do in your case it appears to have something to do with the following scope.
https://www.googleapis.com/auth/youtube.readonly
Its hard to know what you are doing without seeing your code. I suggest you attempted to authenticate your user again. IF you changed the secret then its not going to work with a refresh token generated by another secret.
I am going to contact Google to be sure that there hasnt been any changes recently. I cant see anything in the change logs myself. There may have been a stealth change that they didnt release.
Status