I am trying to integrate the YELP API within an application in Android Studio. I am trying to acquire an access token using a post request in Postman. However, when I send the post request I get this error returned in JSON format:
{
"error": {
"code": "VALIDATION_ERROR",
"description": "'client_credentials' is not one of ['authorization_code', 'refresh_token']",
"field": "grant_type",
"instance": "client_credentials"
}
}
I have searched this site and google for what the description line means in particular:
"description": "'client_credentials' is not one of ['authorization_code', 'refresh_token']",
I have not been able to find any results as to what this error means. Here is my project setup in postman:
I simply copy and pasted my client ID and API key from yelp and stored them within the client_id and client_secret in Postman respectively. When I send this requestion I get the 400 Bad Request error and find out that its a validation error. At first I thought that I entered the wrong API key, however, I refreshed the API key and directly copy and pasted it, so I am confident that my API key and client ID are correct. The output should look like this and it should deliver an access token:
I couldn't find any examples that had this specific error message.
You no longer need a refresh token, all you need is an API key in your Authorization header:
Authorization: Bearer {{apiKey}}
Source: https://www.yelp.com/developers/documentation/v3/authentication
Related
I am trying to get posts of specific Facebook brand page using following curl command
https://graph.facebook.com/v2.10/me/photos?access_token=xxx
Getting following error
{
"error": {
"message": "An active access token must be used to query information about the current user.",
"type": "OAuthException",
"code": 2500,
"fbtrace_id": "DH1T17dMqR+"
}
}
I have used following curl command to get active access token https://graph.facebook.com/oauth/access_token?type=client_cred&client_id=XXX&client_secret=YYY
Facebook app have been created by page admin and client ID & client secret used to get app access token.
Earlier we are using page-id instead of "me" identifier to get the post using above curl and it was working fine for specific facebook account.
Where page-id is id of specific facebook page whose post you want to get.
Now, same configuration is not working for other page.
The page is most likely restricted by age or location, so you have to use a User Token or Page Token for /page-id/photos.
More information about Tokens:
http://www.devils-heaven.com/facebook-access-tokens/
https://developers.facebook.com/docs/facebook-login/access-tokens/
I am testing the Microsoft Graph beta endpoint that sends invitations to guest users to join the tenant. The endpoint I am using is :
https://graph.microsoft.com/beta/invitations
Body:
{
"invitedUserEmailAddress": "abc#xyz.com",
"inviteRedirectUrl": "https://myDomain"
}
I am passing the bearer token in Authorization header that I got for the local admin user through the ADAL4J api. However, this call gives me a 401 Unauthorized error. Following is the response:
{
"error": {
"code": "InvalidAuthenticationToken",
"message": "Access token validation failure.",
"innerError": {
"request-id": "91f8129e-70cc-467d-a45b-9309e55788d6",
"date": "2017-02-10T08:46:09"
}
}
}
Any clue on how to get this request working? On Github I have gone through other discussions(eg) where users are facing the same issue.
The token sent was obtained with resource as "https://graph.windows.net". The expected resource/audience for Microsoft Graph API is "https://graph.microsoft.com". Update your application manifest to include Microsoft Graph as a resource and request the required permissions. Then request token with above mentioned resource/audience.
I am excatly in the same situation as #adarsh hegde. But I am targetting an azure B2C instead.
I can get the token for the windows graph (using resource "https://graph.windows.net"), and I am able to create users whithin my web app that is registered with the right permission.
What I did is to acquire token for graph.microsoft.com on the same time, but this token doesn't let me use invitations giving me the same error as you :
{
"error": {
"code": "InvalidAuthenticationToken",
"message": "Access token validation failure.",
"innerError": {
"request-id": "91f8129e-70cc-467d-a45b-9309e55788d6",
"date": "2017-02-10T08:46:09"
}
}
}
UPDATE:
So here are the steps that I've done so far:
ADB2C directroy
Web app with OpenID registered in there with required permissions to manage users in the AD following this link
When admin is logged in, the Web app in trusted mode is able to let him manage users (create/add/etc...)
Now what I want to use is the InvitationManager part of the MS graph (graph.microosoft.com) to be able to send invitation mail. can I redeem the code received in the OpenIdConnectAuthenticationNotifications to get access token for the MS graph? knowing that I already do that but for AD graph (graph.windows.net)
Thanks for the help
I am new to the Facebook API. What I am trying to do without success is from my laptop create a new access token for myself through the Facebook API.
Below is the URL I am using to create this new access token:
String url = "
https://graph.facebook.com/oauth/authorize?client_id=##########&client_secret=##########&redirect_uri=http%3A%2F%2Fintelligentretrieval.com"
When I use my client id and then the client_secret (I assume this is the client password) then I get an error
{
"error": {
"message": "Missing redirect_uri parameter.",
"type": "OAuthException",
"code": 191
}
}
What exactly is the problem with this and the reason for the error?
Facebook requires a redirect_uri so I decided to dot it to my company site home page.(I figure this isn't the best place to redirect it but where should I redirect this?)
I want to redirect the result (generated access token) to my laptop from where I am making this URL request.
What exactly is the problem with this?
Is this possible with a browser like Chrome?
Is this possible using java?
Also is it possible to extend the access token expiration to 60 days with this url?
Please let me know if there is any confusion with any part of this post or if the answer can be found elsewhere.
I am stucking with the following problem like one month already, I am trying to verify an inapp purchase by using the following api :https://developers.google.com/android-publisher/authorization
I followed every step from the documentation(doing everthing with Postman Rest Client from Chrome), I can retrieve an accesstoken and a refresh token, but whenever when I try to query a purchase it results in error code 403 access not configured, BUT I CONFFIGURED IT IN THE SETTINGS!
anybody with an idea maybe?
It is far from straightforward to get an accesstoken for this API. This blog post helped get me started in the right direction, but I've outlined my own process that does not depend on using any external scripts to work. The steps are:
Obtain a client ID and secret (one-time)
Obtain a Refresh Token (one-time)
Use the Refresh Token to obtain an Access Token (once per hour)
4 Use the access token to access the API
Each of these steps are detailed below:
Obtaining Client ID and Secret
Go to the the Google Developer's console
Go to your project page
Select "Consent Screen" on the left side and make sure that the email address and Product name fields are set
Select "Credentials" from the left menu, and select "create a new client id"
Leave Application type set to "Web application" and set "Authorized redirect URI" to https://localhost. You do not need to change the Authorized JavaScript Origins.
Click "Create Client ID" and record the Client ID and Client secret that result.
Obtaining a Refresh Token
In web browser, enter the following URL (substituting correct value for client_id):
https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/androidpublisher&response_type=code&access_type=offline&redirect_uri=https://localhost&client_id=XXXX
Accept any requests for authorization that appear
You will then be redirected to a URL like this:
https://localhost/?code=4/k0TenvwICIgmBoQOazJy4_EnJr6-.clLqtp_vVAIbEnp6UAPFm0GASPqQigI
Copy the code from the latter part of this URL
Use wget to convert this code into refresh token; substitute CODE, CLIENT_ID, and CLIENT_SECRET
wget --debug --post-data="grant_type=authorization_code&code=CODE&client_id=CLIENT_ID&client_secret=CLIENT_SECRET&redirect_uri=https://localhost" https://accounts.google.com/o/oauth2/token
The resulting JSON file will contain an access_token and a refresh_token. Record the refresh_token value
Obtaining an Access Token
send a POST request to https://accounts.google.com/o/oauth2/token with the following fields set (substitute REFRESH_TOKEN, CLIENT_ID, CLIENT_SECRET)
grant_type=refresh_token
refresh_token=REFRESH_TOKEN
client_id=CLIENT_ID
client_secret=CLIENT_SECRET
You will get back a JSON string containing an access_token that will be good for one hour.
Using the Access Token to make API request
Fetch from
https://www.googleapis.com/androidpublisher/v1.1/applications/PACKAGENAME/inapp/SKU/purchases/PURCHASETOKEN
with an Authorization header containing the access token, e.g:
Authorization: Bearer ya29.1.AADtN_WoM4-4Fb1voFL-emcUWluijCzwvc9Z-FYM9SPvK03HCbGkdROJTVVPSLHK2IlVJQ
You may also be able to pass the access token as an HTTP query parameter, e.g.
https://www.googleapis.com/androidpublisher/v1.1/applications/PACKAGENAME/inapp/SKU/purchases/PURCHASETOKEN?authorization_token=AUTHTOKEN
I had a similar problem as you. Answer by mmigdol is helpful, but it didn't help me. I finally managed to solve it by looking at links generated here: https://developers.google.com/oauthplayground/
Apparently, Android publisher scope
https://www.googleapis.com/auth/androidpublisher
needs to be added into the link requesting authorisation code (before even generating refresh token) by adding:
&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fandroidpublisher
to get this:
https://accounts.google.com/o/oauth2/auth?redirect_uri=<YOUR_REDIRECT_URI>&response_type=code&client_id=<YOUR_CLIENT_ID>&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fandroidpublisher&approval_prompt=force&access_type=offline
I am migrating from google C2DM to GCM using Java.
I read this post GCM Push Notification without using JSON. Even on google docs I found that plain-text or UTF-8 content-type is allowed. I am using API key for browser apps and also tried curl command. Every time I am getting response code 401 which is related to authorization. Below is the URL I am forming:
Collapse_key=0&Auth_Token=
> my api key for browser apps
&data.payload=
> meesage to be send
®istration_id=
> id of registered device
May I know the reason and solution for response code 401 ?
HTTP status code 401 occurred when API key is not valid. For details check here.
You should send data as a json format. The format is shown below. It is explained in details here.
{
"registration_ids" : ["APA91bHun4MxP5egoKMwt2KZFBaFUH-1RYqx..."],
"data" : {
...
},
}