I want connect to Coinbase OAUTH to the instructions here https://developers.coinbase.com/docs/wallet/coinbase-connect/integrating
in Step 1: I need to construct the authorization URL with the correct parameters and scopes
GET https://www.coinbase.com/oauth/authorize?response_type=code&client_id=1532c63424622b6e9c4654e7f97ed40194a1547e114ca1c682f44283f39dfa49&redirect_uri=https%3A%2F%2Fexample.com%2Foauth%2Fcallback&state=134ef5504a94&scope=wallet:user:read,wallet:accounts:read
to receive code parameter, but it response to the iframe recapcha of coinbase, but not must be code parameter
How do i get the code parameter, Thanks everyone.
On your Application screen, there is a clickable Sample Authorize URL that you can use to make a valid request and get the code.
Related
I am trying to get access token from api https://api.amazon.com/auth/o2/token
POST /auth/o2/token HTTP/l.l
Host: api.amazon.com
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
grant_type=refresh_token
&refresh_token=Aztr|...
&client_id=foodev
&client_secret=Y76SDl2F
But after POST request I get 500 server error.
Is it because my app is in draft status? or I am missing something while making request?
If it because of draft status then when the status will get change? any thoughts on this.
Thank you for your help in advance.
The documentation is wrong. I was getting the same exact error and came across this comment on a github issue which mentioned that the data has to be passed into the body of the request, not as query string parameters. Sure enough, this worked for me and I was able to get an access token. So just to clarify: grant_type, refresh_token, client_id, and client_secret should be passed into the body of the POST request to https://api.amazon.com/auth/o2/token and NOT as query string parameters.
Draft status will not keep you from requesting and receiving the access token.
Here are a few things to check as not much can be derived from the example post request from the documentation:
Did you configure AWS IAM role / policy / user properly
Did you use the correct IAM ARN when registering the application
Are you using the correct LWA credentials (I am assuming you're not passing foodev and Y76SDl2F as those are example parameters)
Have you self authorized the application (are you using the refresh token generated
for the authorized application)
Are you 'assuming the role' before the token exchange -- this is a very important step
and is very different in comparison to how access was handled with MWS -- if
you have not, the server will reject the token exchange regardless if the refresh
token is correct. More on that here
This is a non-exhaustive list, just some common issues I have seen other developers have with getting the access token during development, if these don't work you'll need to work with support as they can see the requests hitting the token endpoint.
I'm trying to register an application in Azure AD using Graph API with an oauth token obtained with the Authorization Code grant type. I can do it with Client Credentials, but not with Authorization Code. With the latter I can list applications, but not create them.
Here's the permissions I've set in the application:
And here's what I set in postman to get the token:
I get the token just fine and I can list the applications, but when I try to create a new one through the endpoint 'POST https://graph.microsoft.com/v1.0/applications' I get the following response:
Anyone knows why this is happening? Thanks!
According to the last screenshot you provided, it seems the process stopped at login page(the response body is the html of login page) when do authorization code flow.
I test it in my side(also in postman) but it works fine, below is my configuration in postman for your reference:
Although I didn't reproduce your problem in my test, but I can provide you some information about authorization code backend request to know what does the response in your postman mean.
When we do authorization code flow(not in postman) to get access token, there are two steps. First we need to request the url https://login.microsoftonline.com/{tenantId or commone}/oauth2/authorize?resource=https://graph.microsoft.com&client_id={clientId}&response_type=code&redirect_uri=https://hurytest&response_mode=query in your browser like below screenshot.
We can find the content in the red box in screenshot above is same to the response you get in postman. So I think the process stopped here(which is the first step of authorization code flow).
Second step, we need to input username and password into the login page. It will redirect to another page like below screenshot.
Copy the code after code= in the above screenshot and then use the code in below request to get access token.
In a word, I didn't reproduce your problem in my postman. But the backend request in your postman may stopped in the first step(login page) of authorization code flow which I mentioned above. So please check if you configured correct in postman. If still doesn't work, you can do authorization code flow by the two steps I provided to get the access token.
I built an app in my Azure ad b2c tenant and configured it as shown, but why can't I request an access token in postman?
app registration
API permissions
postman screenshot
Here are the links to the two documents I follow:
Register a Microsoft Graph application
Get access without a user
One thing I noticed is that the parameters for the token request should be in the body as form parameters, like this:
You should use the parameters you've defined here though, this screenshot shows a test request for the ROPC flow so the parameters in the picture are not valid for your use case.
So instead of entering the parameters in Params, enter them in Body tab after selecting x-www-form-urlencoded as the type.
Please input the params in "Body" tab of your postman but not "Params" tab. Shown as below screenshot.
In order to get token you need to pass grant_type in request body and value should be password.
For example
Method Post: https://login.microsoftonline.com/YourTenantID/oauth2/v2.0/token
And in body you need to ppass
client_id : Your app client ID
scope: user.read%20openid%20profile%20offline_access
username: Your username
password: your password
grant_type: password
client_secret: you app registration secret
I tried many times to put into body with JSON format or in parameter or put into Parameters, but I did not work. And it works for me when I put into Body with type is x-www-form-urlendcoded.
[Image]: https://i.stack.imgur.com/tguZc.png
I started from this React sample application from Auth0 and login through Auth0 works fine but does not give me the expected token.
After login the browser localStorage contains an id_token and a profile object. When I decode the id_token I see that the payload contains something like this:
{
"iss": "https://mycompany.eu.auth0.com/",
"sub": "auth0|5821bc27f92ca3261c628a26",
"aud": "2A8cgDBm86kLCtCNtUMcKPL2G3oqjIdE",
"exp": 1478755859,
"iat": 1478719859
}
The profile contains email and lots of other good stuff from the user profile as registered in Auth0.
I need to parse on the token to my API server and therefore I need the attributes from the profile-object to be part of the token. How can I make the id_token contain all these attributes, so that I can parse it in my API-service and store it the first time the user logs in?
As I see it, I cannot use the profile-object found in the browser localStorage as it needs to be signed by Auth0 in order for my API server to trust the information.
I'm also aware that I can use the id_token to make a request from my API server directly to Auth0 to get this additional information, but I just think it would be simpler and more efficient if the information was carried by the token.
Those are the claims included by default in a id_token; it's possible to request other claims to be included by passing a scope parameter with the appropriate value.
See Scopes - Requesting specific claims, for a reference on what you can pass in the scope parameter in order to influence the contents of the id_token.
To add onto João Angelo's answer, you can't request the entire "App_Metadata" object in scope. If there are app specific fields e.g. lang or favorite color, these have to be called out specifically.
Example App MetaData
Example call
https://example.auth0.com/authorize
?response_type=token
&client_id=YOUR_CLIENT_ID
&redirect_uri=http://jwt.io&connection=google-oauth2
&scope=openid+lang+favoriteColor
There may be additional caveats to the scope parameter, it would be good to ask Auth0 as you run into issues
in stackoverflow(stackexchange api, https://api.stackexchange.com/docs/authentication) it clearly mentioned about how to send user to the login page and get access token from it, but the details for accessing user data by using url and parameters is not available , please help me to find that way to get user data from stackoverflow with correct url and parameters,
1.Send a user to https://stackexchange.com/oauth, with these query string parameters
client_id
scope (details)
redirect_uri - must be under an apps registered domain
state - optional
2.POST (application/x-www-form-urlencoded) the following parameters to https://stackexchange.com/oauth/access_token
client_id
client_secret
code - from the previous step
redirect_uri - must be the same as the provided in the first step
But the url and parameters to get user data by using this access token is not available ,
You are right, the endpoints are not documented very well.
I would strongly suggest to take a look at the API explorer.
e.g. For user info of "me":
https://api.stackexchange.com/docs/me#order=desc&sort=reputation&filter=!9buxV.Gp.&site=stackoverflow&access_token=YOUROWNACCESSTOKEN&key=YOURAPIKEYIDONTKNOWWHY
Click "Get Token" (it seems you already have your access token, just for the Explorer)
Click "Run" :
You can debug the request in the "network" tab of your browser console (e.g. in Safari: right mouse click / copy as curl to know what's really going on)
--> The problem with the stackexchange API is that it does NOT seem to work to send a
Bearer TOKEN - instead you (and the API explorer) send the access_token as a GET parameter :
https://api.stackexchange.com/2.2/me?order=desc&sort=reputation&filter=withbody&site=stackoverflow&access_token=YOUROWNACCESSTOKEN&key=YOURAPIKEYIDONTKNOWWHY
The site parameter selects which profile of the StackExchange network you want.
[{"site":"http://stackoverflow.com","param":"stackoverflow"},{"site":"http://serverfault.com","param":"serverfault"},
{"site":"http://superuser.com","param":"superuser"},{"site":"http://webapps.stackexchange.com","param":"webapps"},
{"site":"http://gaming.stackexchange.com","param":"gaming"},{"site":"http://webmasters.stackexchange.com","param":"webmasters"},
{"site":"http://cooking.stackexchange.com","param":"cooking"},{"site":"http://gamedev.stackexchange.com","param":"gamedev"},
{"site":"http://photo.stackexchange.com","param":"photo"},{"site":"http://stats.stackexchange.com","param":"stats"},
{"site":"http://math.stackexchange.com","param":"math"},{"site":"http://diy.stackexchange.com","param":"diy"},
{"site":"http://gis.stackexchange.com","param":"gis"},{"site":"http://tex.stackexchange.com","param":"tex"},
{"site":"http://askubuntu.com","param":"askubuntu"}]