I'm trying to delete a photo in Arrowdb using the REST API.
I'm sending in both "id" and "su_id" (of the user who uploaded it). And I am currently logged in as an admin with admin rights.
I keep getting the following response:
{ ["meta"]=> object(stdClass)#2 (3) { ["status"]=> string(4) "fail" ["code"]=> int(400) ["message"]=> string(27) "Failed to authenticate user" }
Anyone have any idea what to do?
Was using curl and PHP, forgot to add the CURLOPT_COOKIEJAR and CURLOPT_COOKIEFILE to the curl call, which meant the session did not get through and no user was logged in at arrowdb. With those parameters added it worked correctly.
Related
I'm getting really frustrated with the new Instagram API, what I need to do is just get things like pictures, comments, and likes from my Instagram feed. I'm following all the steps that they mention over here https://developers.facebook.com/docs/instagram-basic-display-api/guides/getting-access-tokens-and-permissions, but I'm still not able to get the final access token I need in order to interact with the API. After getting a lot of different errors now I'm stuck with:
{"error_type": "OAuthException", "code": 400, "error_message": "Error validating verification code. Please make sure your redirect_uri is identical to the one you used in the OAuth dialog request"}
I have verified everything in my Facebook developer setup and everything is ok, the OAuth URL is identical to the one I'm using in the curl command in order to return the access_token and all the setups seem fine. I have noticed that a lot of people are having the same problems but I can't find something that works for me.
This is the way I'm trying to retrieve the access_token:
curl -X POST https://api.instagram.com/oauth/access_token -F client_id=[client_id] -F client_secret=[code] -F grant_type=authorization_code -F redirect_uri=[url] -F code=AQDJxpW5h4r..
I have read that people are using postman and apparently it works over there but I don't know how to use it, any help will be really appreciated.
Upgrade on this, I was finally able to get the access_token via Postman and when I'm trying to use it now I got this error:
{"meta": {"code": 400, "error_type": "OAuthAccessTokenException", "error_message": "The access_token provided is invalid."}}
This is really disappointing, everything was working just fine before this API change. Any ideas?
Just review of the following in your checklist again:
APP_ID and APP_SECRET of "Instagram APP", which is a product added in the Facebook App.
Access Code once submitted in POST request using CURL or Postman, will become invalid for the next request.
The Website Platform is added in "Facebook App".
Test Instagram Users are added and are not pending.
Lastly, Authenticate using the Instagram Test User Profile.
I had the same issue, and actually lost some time solving it.
In my case I only made the configuration in Instagram Product but didn't change the configuration in the login by facebook product.
In summary, you should have in your app in Facebook developers, two products, one Login by Facebook and the other one Instagram. Both must have the same redirect URL.
Hope this helps.
I want to make Google receipt validation. I set everything by Marc Greenstock. When I try verified purchase I get response permissionDenied. For me is everything correct and I don't know how to find a mistake. The user has administrator role in Google Play Developer console.
Google developer console:
I enabled "Google Play Android Developer API"
I created service account keys with role Owner
I downloaded JSON file
Google play Developer console:
Link correct project
For correct user set administrator role. The same user is in the file.
Response:
{
"code" : 401,
"errors" : [ {
"domain" : "androidpublisher",
"message" : "The current user has insufficient permissions to perform the requested operation.",
"reason" : "permissionDenied"
} ],
"message" : "The current user has insufficient permissions to perform the requested operation."
}
I tried friend private_key, client_id and client_email and everything works fine. Code is good. I something forgot during configuration but I don't know what.
I forgot to add scope ".../auth/androidpublisher" in Google developer console.
After you add scope you should save credentials at the bottom of page.
We're getting the following error when attempting to get an authentication code when the user is not already logged into Pinterest:
{"status": "failure", "message": "Authentication failed.", "code": 2, "data": null}
Example of url we are using to authenticate:
https://api.pinterest.com/oauth/?client_id=1234567891011121314&redirect_uri=https://www.foobar.com/app/influencers/channels/callback/pinterest&scope=read_relationships,read_public&response_type=code&state=cc0c4fbbf2c5058df1932cb561e4494baaef595a
This URL works fine if the user is already logged into Pinterest, it displays the app confirmation and returns a code as expected. However it responds with an error if the user isn't logged in.
The documentation we are following is here:
https://developers.pinterest.com/docs/api/overview/?
I was experiencing this issue with a few accounts on my app. Turns out they had an old set of permissions associated with their account that needed to be flushed. I did the following:
I went into the "problematic accounts" on Pinterest and went to the settings.
From there, I went to the bottom section where "Apps" are listed and revoked access to my app.
Once I tried to re-auth, everything worked fine from there on.
Hopefully, this is similar to your situation and can resolve it.
In our application we have been using the "Create Session with Credentials" (which is marked deprecated) which basically looks like:
POST {{url}}/api/v1/sessions
with body:
{
"username": "{{username}}",
"password": "{{password}}"
}
This returns an id which we then use in a Validate Session call any time the user visits another page:
GET {{url}}/api/v1/sessions/{{sessionId}}
This used to work but approximately around 2015-12-15 it stopped working.
Now I get an error like:
{
"errorCode": "E0000006",
"errorSummary": "You do not have permission to perform the requested action",
"errorLink": "E0000006",
"errorId": "oaee2frg7mCRGyp3TE9tgE0Gg",
"errorCauses": []
}
We originally thought it was MFA related but my admin removed me from the AD group that requires MFA and we are still having issues.
So it creates the session fine with my creds (and fails if my password is wrong) but validation of the session fails. I have been testing this with POSTMAN.
Any idea what changed? Are we using this incorrectly?
I'm not able to reproduce the error.
That said, we are moving away from using /sessions for authentication (hence the deprecation as you have mentioned). You should use /authn (http://developer.okta.com/docs/api/resources/authn.html#authentication-operations) to authenticate the user with username/password. You won't get a session created right away like before with /sessions. Instead, you will receive a session token which you can then use to create a session with /sessions (http://developer.okta.com/docs/api/resources/sessions.html#create-session-with-session-token)
The good thing about this new flow (besides a better use of /authn and /sessions) is that you do not need an API key for this. Only a valid set of creds would get you a one-time and short-live session token - which is then immediately used to create the session.
I want to update data in Kinvey Database. I used Rest API (PUT Method). but it is not working .
Same Authorization token in GET and POST method is working fine. Here is the Error :
{ "error": "InsufficientCredentials", "description": "The
credentials used to authenticate this request are not authorized to
run this operation. Please retry your request with appropriate
credentials", "debug": "" }
Please correct me.
I finally found the solution after wasting my two days.
Kinvey applys permission on collection level. So you have to change that permission.
Here is the reference link.
http://devcenter.kinvey.com/rest/guides/security#collectionpermissions
Please see the snap, so you can better understand.