I'm trying to enable SAML for our domain so that Google Apps is our idP
Unfortunately we're getting an error which we can't solve.
403. That’s an error.
Error: app_not_configured_for_user
Service is not configured for this user.
Request Details
SAMLRequest=jVNdj9owEHy/X4HyThICOQ6LpKKhH0gUIkjvoS+VsRfOUmK79obj/n2dhLujVRXVUpRovTM7O7uZW1qVmixqfJI7+FWDxbuBO5eqlJa0l4lXG0kUtcISSSuwBBnZL76tSeSHRBuFiqnS+wvWj6LWgkGhZAdbLRNvu/m03n5ZbX5ODnAccwgZi/kMgMMYJjNGD7MYxjHAQzSNxw98RDvoIxjreBLP0XaR3Kiz4GA2rmriFUo/Con0BNdS1tawkhapRAcKR/fDMBqGsyKcknhEoumPLm/pnBCSYsv9hKgtCQLKmKolWv+k1KkEn6kqUEHTbhQIrj+4R/AkC0fTUk/uqzc9rUMfheRCnvqNOXRJlnwtinyYb/dFR7J4NSxT0tYVmD2Ys2Dwfbfu5Dl1qHRFpevU+O7z3HXty/IqkDLrpS3ZvAmQ1gmT/h+4AqScIp0Ht9h3Nk0au1fLXJWCvbTx5nxWpqLY33ITEXx4bFOJbuZpESR6byyLslTPmQGKbqBoavAGwR+1r5sLvN1jZxHCBQeZqjQ1wjYThAtleG3/3YLb9Kx0S7mDY9q7t4ywJs+Fc/d6VoY34wXmaheGSquVwatH/yTvVAc9stO71+vbnzL9DQ==
RelayState=/
hl=nl
idpid=C017lp46m
That’s all we know.
We're building on Laravel 5.2 + the aacotroneo/laravel-saml2 package.
Is anybody familiar with this error?
Just to be sure, SAML is enabled for this user in Google Apps.
I had this problem and it turns out that I had two google apps for work accounts and I had configured the app in the wrong one. As a result, I got this message. Hope this helps.
Related
I had to get a new phone, and I didn't think about my auth applications. I got all my others replaced and working, but I can't even get to the Third-Party Authenticator App to get the QR code I need since I have to be logged in to get to it. I can't even submit a help ticket since I have to be logged in as well to do this. Does anyone have any ideas on how to recover your validation authorization application for Heroku?
I am using socialite package for authentication with twitter and facebook. With facebook it is working fine but with Twitter it is giving error.
I am not sure where is the issue and why it is saying "Could not authenticate you". I have set the callback for the twitter. Please if anyone facing the issue please let me know and provide me the suggesstion where i am going wrong.
I faced the same issue and solved it by activating only OAuth 1.0a and using the API key/secret provided under Keys and Tokens -> Consumer keys as my "Client ID and Secret".
Using the regular Client ID & Secret provided after activating OAuth 2.0 in your twitter app is just not working.
Note that you may have to regenerate the consumer keys.
I am trying to get a Bot working with the Oauth example provided here: https://learn.microsoft.com/en-us/azure/bot-service/bot-builder-authentication?view=azure-bot-service-4.0&tabs=aadv2%2Cjavascript
If I use Azure as an exemplary issuer all works ok. So the general code works out fine.
Now, I have an example Laravel Passport app running to issue myself for testing purposes. All configuration, normal login etc. works fine. I created a generic oauth 2 client in Azure with my password client id and secret.
If I test it in the Azure Portal it heads to the request permission dialog. I confirm and it redirects to e.g. https://token.botframework.com/.auth/web/redirect?code=XYZ&state=123 and just shows Bad Request. No more, no less.
I tried different configurations etc., googled and found some with similar problems but no solution. Most just referred to secrets etc. But the secret works, a broken secret before lead to other issues I am not facing now.
And the error message is not really helpful ^^ No matter how I call https://token.botframework.com/.auth/web/redirect it is always a Bad Request.
Does anybody have an idea, a hint in what direction to look further, where issues could occur? As I am a little lost right now.
We have an application hosted in GCP which uses GSuite APIs to sync users from GSuite to our application and visa-versa using Service Account. It used to work well until recently some of our customers started facing issues.
We started getting
401 unauthorized. "Client is unauthorized to retrieve access tokens using this method, or client not authorized for any of the scopes requested."
There as been no change in our application and neither in the list of permissions granted. Following are the list of api access granted :-
https://apps-apis.google.com/a/feeds/domain,
https://www.googleapis.com/auth/activity,
https://www.googleapis.com/auth/admin.directory.group,
https://www.googleapis.com/auth/admin.directory.orgunit,
https://www.googleapis.com/auth/admin.directory.user,**
https://www.googleapis.com/auth/admin.directory.user.readonly,
https://www.googleapis.com/auth/drive,
https://www.googleapis.com/auth/drive.appdata,
https://www.googleapis.com/auth/drive.file,
https://www.googleapis.com/auth/drive.metadata,
https://www.googleapis.com/auth/drive.metadata.readonly,
https://www.googleapis.com/auth/admin.directory.rolemanagement.readonly,
https://www.googleapis.com/auth/admin.directory.rolemanagement,
https://www.googleapis.com/auth/admin.directory.device.chromeos.readonly,
https://www.googleapis.com/auth/admin.directory.device.chromeos,
https://www.googleapis.com/auth/drive.apps.readonly,
https://www.googleapis.com/auth/drive.photos.readonly,
https://www.googleapis.com/auth/drive.scripts
The affected GSuite domains were working perfectly until yesterday. Also there are some domains which still work without any problem.
Can somebody please suggest what could the problem be. Is there any change in the APIs recently? Any help will be much appreciated.
"Client is unauthorized to retrieve access tokens using this method, or client not authorized for any of the scopes requested."
There are several ways to authenticate to Google.
web based applications
native applications
mobile applications
and service accounts
The clients you create for these types is different as is the code to use them. The message you are seeing above means that the code you are using does not match the type of client you have created.
Make sure your code is designed for use with service accounts and make sure that the credentials file you have downloaded from google developer console is in fact credentials for a service accounts.
Why it worked previously and suddenly stopped i cant tell you this is an error you will always get if your code does not match your credential type.
The last option would be to double check that all of those apis are enabled in the Google developer console for your service account project.
I was trying to add the google login to my laravel project. but it gives a Client error. Given below is the error i got. I successfully installed the socialite as well.
Client error: `GET https://www.googleapis.com/plus/v1/people/me?prettyPrint=false` resulted in a `403 Forbidden` response: {"error":{"errors":[{"domain":"usageLimits","reason":"accessNotConfigured","message":"Project 983930379932 is not found (truncated...)
Go to https://console.cloud.google.com/apis and enable Google+ api.
Took me 3 hours to find out that Google Cloud does not automatically enable the api for you when you create OAuth service.
Remember you have to register your google app within googles service as well. That error if I remember correctly is simply telling you that you aren't allowed to use google services.
I am not super sure if this steps are up to date, but it shouldn't be that different: https://itsolutionstuff.com/post/laravel-5-google-oauth-authentication-using-socialite-packageexample.html
First Open your Google Console Account from Here : console.developers.google.com
Select your project.
After this you have to click on google+ API detail page.
Now we can enable API.