I am struck with resolving an access issue with microsoft graph API. I could generate the access_token , however when using that access token i receive 401.
Below is the error ,
I have tried with userprincipalname & ID instead of 'me' , however the result is the same.
Can you try adding a resource parameter to the token request with a value of https://graph.microsoft.com?
Related
I am trying to get new access token from my refresh token for google drive api. In my google playground it works but when I want to create the same request in postman or my code it doesn't work and I always get error "Invalid grand type". I don't know to find what is problem.
google developers playground
postman headers and body
You need to understand that there is three steps to the Oauth2 dance.
step one is requesting access of the user and getting the authorization code.
HTTP GET https://accounts.google.com/o/oauth2/auth?client_id={clientid}.apps.googleusercontent.com&redirect_uri=urn:ietf:wg:oauth:2.0:oob&scope=https://www.googleapis.com/auth/analytics.readonly&response_type=code
Note &response_type=code tells the server you want an authorization code returned.
step two is to exchange that code for an access token and refresh token.
POST https://accounts.google.com/o/oauth2/token
code=4/X9lG6uWd8-MMJPElWggHZRzyFKtp.QubAT_P-GEwePvB8fYmgkJzntDnaiAI&client_id={ClientId}.apps.googleusercontent.com&client_secret={ClientSecret}&redirect_uri=urn:ietf:wg:oauth:2.0:oob&grant_type=authorization_code
Note the part where it says &grant_type=authorization_code. this tells the server you are giving them an authorization code.
3 the final step is refreshing your access token.
POST https://accounts.google.com/o/oauth2/token
client_id={ClientId}.apps.googleusercontent.com&client_secret={ClientSecret}&refresh_token=1/ffYmfI0sjR54Ft9oupubLzrJhD1hZS5tWQcyAvNECCA&grant_type=refresh_token
Note &grant_type=refresh_token you are telling the server you are sending them a refresh token.
You appear to be sending a refresh token with the wrong grant type.
I have a video on how to set up postman to use google oauth2
How to set up Oauth2 in PostMan.
Google 3 Legged OAuth2 Flow
Note: Due to a recent change with Making Google OAuth interactions safer by using more secure OAuth flows redirect uri of urn:ietf:wg:oauth:2.0:oob is going to stop working soon.
I need to create request for getting data from Google Analytics API in Postman. I managed to generate access token with playground platform but I need permanent refresh token (in playground I can generate only 24h token).
I tried to generate token in Console API:
I've created project
Add analytics API in my project
Generate client ID and secret code
But I don't know which redirect URL using. Default value that was generate in JSON is urn:ietf:wg:oauth:2.0:oob","http://localhost
Than I've generated authorization code with request (from browser):
https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/analytics&redirect_uri=http://localhost&response_type=code&client_id=XXXX
And when I tried to generate access_token with POST request in Postman, sending such keys:
code:XXXXXX
redirect_uri:urn:ietf:wg:oauth:2.0:oob (also tryed http://localhost)
client_id:YYYYY
client_secret:ZZZZZZ
scope:https://www.googleapis.com/auth/analytics
grant_type:authorization_code
And got error
{
"error": "invalid_grant",
"error_description": "Bad Request"
}
How should I set grant for Postman? Could you help me to resolve issue and understand what I do wrong
I managed to resolve my issue. It should be added redirect_url https://www.getpostman.com/oauth2/callback
I am able to successfully generated and use the access token. When I generate new access token, the old token is still valid and it starts giving authentication error after a while.
Is there any timeframe defined for which the old access token will continue to be valid ?
According to WeChat wiki you should receive the expire time in your JSON response.
{"access_token":"ACCESS_TOKEN","expires_in":7200}
I am trying to get the permanent access_token and access_token_secret from Mangento 1.9.
I have consumer_key and consumer_secret and have configured the required permission by following this link http://devdocs.magento.com/guides/m1x/api/rest/permission_settings/permission_settings.html
I have successfully generated the temporary access_token and access_token_secret. But while trying to generate the oauth_verifier I am getting:
An error occurred. Your authorization request is invalid.
How can I solve this problem?
You can generate permanent access token and and token secrete using Postman.
Follow the link.
How to use POSTMAN rest client with magento REST api with Oauth. How to get Token and Token Secret?
1) Create rest api consumer (Collect temporary consumer key and screte key from here)
2) Creat web -> admin role, given all the resource permision
3)Create magento admin user role->linked it with the Rest role
username-username
password-password
For getting the permenant access key and token
4)Oauth initiate GET request in postman will return temporary
oauth_token=---------------- oauth_token_secret=------------------
oauth_callback_confirmed=true
5)then o-auth authorize with parameter as a token(from the last request) simple GET request
6)The login form will open ->filled with the consumer role credentials and made a POST request
7)click on authorize will give the following in responce
"oauth_token": ----------------,
"oauth_verifier": ----------------
8)making request with all the parameters will give
permenant token and secrete key:
oauth_token=----------------
oauth_token_secret=----------------
will have to use this tokens in headers while requesting resources.
In Postman in oauth1.0 filling all the tokens(select auto add params to header and params and keep empty parameter)
and url http://yourhost/app/api/rest/customers
will return all the customer
I am writing a code in salesforce to update Email signature using the API documentation mentioned in https://developers.google.com/admin-sdk/email-settings/. I am using a 3 legged approach.
Considering that this is an API for domain admins, My questions is
can a user ( non - admin) provide authorization for this API ?.
And can the access token returned as a result of this authorization be used to update his email signature. ?
Right now I am getting an Error 403- "you are not authorized to access this API
Note that this is working fine if a domain admin provide authorization and his access token is used to update his/ any user's email signature
Thanks for your help
With the new updates on the GMAIL Api you can get the user signature by using the method "Users.settings.sendAs: get" explained here https://developers.google.com/gmail/api/v1/reference/users/settings/sendAs/get and it does not require the user to be an admin. This method returns a Users.settings.sendAs resource in the response body and this resource contains the property signature which you can manipulate.
Hope it helps!