I am trying to embed OAuth 2.0 grant_type password access token to my insomnia client API calls but getting "Failed to fetch token url= state us=0"
When we try below curl command its returning the access token. each time we have to copy access token and add it as header in insomnia rest call (Their is no client secret as it not confidential).
curl --request POST \
--url https://mydomain/auth/realms/my-app/protocol/openid-connect/token \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data client_id=myclientid \
--data username=app.admin \
--data 'password=password!' \
--data grant_type=password
Above curl if you create in insomnia client as POST request that is also working only thing is we need to copy and paste as header in other API calls
NOTE: the same is working in postman rest client through pre-request script but I want it to be achieved in insomnia client
After doing lot of research found out the solution by myself
follow this blog https://www.ankursheel.com/blog/automatically-set-access-token-authenticated-requests-insomnia
You need to create separate Generate token request, and set the bearer token in the API request where you want to embed Auth token automatically, click on the Bearer tab and enter Response ⇒ Body Attribute for the token and follow those instruction it worked for me :)
Related
I'm trying to use SuiteQL to query a workbook for a client implementation, but I'm having trouble getting it to work in VS Code. I downloaded the Postman environment template and collections archive from the SuiteTalk tools download page and then sent a test request. It returned a successful JSON response. I then tried to send the same sample request using cURL in the VS Code terminal, then with node-fetch, and then using an npm library called netsuite-rest. All of these return 401 'INVALID_LOGIN'. Why does it work when I use Postman, but nowhere else? Here's a sample of my cURL request:
curl --location --request POST 'https://<ACCOUNT_ID>.suitetalk.api.netsuite.com/services/rest/query/v1/suiteql?limit=5' \
--header 'prefer: transient' \
--header 'Content-Type: application/json' \
--header 'Authorization: OAuth realm="<ACCOUNT_ID>",oauth_consumer_key="<CONSUMER_KEY>",oauth_token="<TOKEN>",oauth_signature_method="HMAC-SHA256",oauth_timestamp="<TIMESTAMP>",oauth_nonce="<NONCE>",oauth_version="1.0",oauth_signature="<SIGNATURE>"' \
--header 'Cookie: NS_ROUTING_VERSION=LAGGING' \
--data-raw '{
"q": "SELECT id, companyName, email, dateCreated FROM customer WHERE dateCreated >= '\''01/01/2019'\'' AND dateCreated < '\''01/01/2020'\''"
}'
I see this is an old thread however, I myself am just getting started with NetSuite and Postman. For me, the netsuite Postman query will work fine when you get your access token and this will work for a short period of time. Eventually it will fail and at that time you need to use your refresh token to get a new access token. Then, add the fresh access token into your query authorization as a bearer token - and then the query will start working again.
Once it is actively working then there is a magic Area of postman = Code Snippet. So click on that and then notice that there is a pulldown menu of many code bases - that will display the entire code request for your query! For example you could choose nodeJS - Axios - and just copy the code and paste it in to your webpage.
The one thing you will have to remember is that the access token Will expire after a period of time and then you will have to replace the access token with a fresh one (using the refresh token).
We are using Swagger-Net with Bearer Token Authorization as follows:
c.ApiKey("Authorization", "header", "Bearer Token Authentication");
The request needs to be sent in the format "Bearer [bearertoken]", and I have verified this does work correctly when pasted in this format into the "API Key" authorization textbox. The Curl shows it being passed in the header as -H "Authorization: Bearer [token] and the API request succeeds.
Is there any way to automatically send a known token along with every API request? Or asked another way, is there any way to pre-fill this dynamically created API Key textbox with a known string to simplify the process for the end using testing our API?
Trying to build an Angular 6 application to display all photos from a particular Google Photos album. Before implementing the Angular portion, I wanted to see if I could get the data from a cURL command, using the API key I created and gave access to the Photos API.
cURL:
curl -X GET \
'https://photoslibrary.googleapis.com/v1/mediaItems?pageSize=1&key=[API KEY]' \
-H 'Accept: application/json' \
This is based on the samples from Google's documentation here: https://developers.google.com/photos/library/reference/rest/v1/mediaItems/list
However, adding my valid API key results in the following error:
{
"error": {
"code": 401,
"message": "Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.",
"status": "UNAUTHENTICATED"
}
}
Is there additional data required besides the API key to get this working? Is it even possible to use an API key in this manner, or does it require using OAuth 2.0 and all the additional hoops that come with it?
You need to obtain an OAuth AccessToken to add as an HTTP Header in your request.
Here's a breakdown of the process I've used that has worked, with the caveat that it periodically gets 401 errors from the mediaItems requests. It seems that Google is throttling the requests and denies a few if they're coming too fast.
I have a 3rd party REST, which I am successfully able to call like this using CURL (shell). This API return JSON. I tried calling same API, by changing content type to application/x-www-form-urlencoded but it doesn't work. I think I am forced to use content-type: multipart/form-data
curl --request POST --url https://************************* --header 'Authorization: Bearer ********' --header 'content-type: multipart/form-data; ' --form cluster_id=0717-035521-puny598 --form start_time=1534357800000 --form end_time=1534444199999 --form order=ASC --form limit=500
Now I want to call same API using InvokeHTTP processor (NiFi). So I configured it as follows. But I am not able to do a successful call. (it is not a proxy issue).
Following is how I am creating POST body (by FF)
I have tried replacing "enter" by \r\n etc, or changing body as name1=val1&name2=val2&.... etc. nothing worked.
This is the response I am getting.
[
I am able to run CURL (shell, from same server where Nifi is running). Also I am able to access url via postman.
[
finally, it worked. flow is somewhat like this.
GenerateFlowFile->UpdateAttribute->AttributesToJSON->InvokeHTTP
Only change, I made to InvokeHTTP. reverted content-type back to ${mime.type}.
I was struggling with this for a few hours. I've got a backend API that has
ResponseEntity<ByteArrayResource> post (#RequestPart("file") MultipartFile file) and a NiFi processor that sends XLSX data to this. I was getting the same issue... The key for me were the bottom two properties:
FlowFile Form Data Name -> file (this is the name of the variable in the API call)
Set Flowfile Form Data File Name -> true
I am new to Spring and very new to Spring Oauth2 Security. I have searched a lot about how to request the following link in web browser(In Firefox Rest Client plugin).The following request is curl and working perfectly fine in terminal through this command.
I am getting the problem while giving basic authorization. So How we can interact with basic authorization given below as -vu myapp:123456.
curl -X POST -vu myapp:123456 http://localhost:8080/oauth/token -H "Accept: application/json" -d "password=sunit&username=sunit&grant_type=password&scope=read%20write&client_secret=123456&client_id=myapp"
I used wireshark for capture the request and ended the same request to fb just to connect because I don't have a local server running... you can see that is a post request with the body in encoded URL...