Getting the following error while trying to authenticate using Amazon Cognito in Auth provider salesforce.
We can’t log you in because of the following error. No_Oauth_State:
State was not sent back
I am using callback URL as community callback URL.
Related
I am creating this application currently following this tutorial
When I send a message in the chatbot, the onSend function works, however, I get an error with my chatbot's response and I am given this error in the console.
Received response:
{
"error":{
"code":401,
"message":"Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie, or another valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.",
"status":"UNAUTHENTICATED"
}
}
Can anyone help?
I have tried to see if my Google cloud APIs and services status is active and checked if my credentials have been revoked in IAM & Admin, still, the same error is returned in my console
I am currently trying to design a new web-application for a rest-api service I have running. In basic I am trying to realize the login/logoff system. For authorization-management the API provides three endpoints:
/login, which takes username and password via a POST request and returns a token embedded in a json answer. This token is not a JWT, but its some arbitrary unique string. It is valid for X hours and everytime it used it is reset to be X hours valid again. The validity is check on the server in each request.
/logout, which makes the token invalid on the server.
/validate, which takes a token as json in POST request and checks if it is valid. If not it returns a 401.
Now I realized a login procedure following https://www.digitalocean.com/community/tutorials/how-to-add-login-authentication-to-react-applications . The application finally should used the react-router to provide the different pages. My problem is not how to integrate the validation of the token on each page change and if a 401 is returned, switch to the login page again.
PS: The server is written in C++ and accesses a custom database.
As Suggested By You That You Want To Integrate Validation, So You Need To Create A Component Over The Current Route Component.
It would serve as the private Route and as soon as you get a 401 Response From Your Server You Would Redirect To The Login Page By Updating the Token as empty depenedending upon the storage you are using i.e. session storage or localstorage.
This way whenever your token expires the next request responds with 401 and you are logged out.
Further I am Linking An Example Gist For Creating Private Routes And Logging Out
https://gist.github.com/EduVencovsky/f8f6c275f42f7352571c92a59309e31d
I am trying to implement API Gateway authentication using Cognito Access Token from an authenticated user, as shown in the video -> https://www.youtube.com/watch?v=bj3yVT6j3XU
To get the access token I am performing 2 methods:
1) Getting “Access Token” with Hosted UI + Code + Postman:
In the cognito user pool, I access the Hosted UI in the “App Client Configurations”:
After clicking the button above, and signing up with an existing user, I get the code in the url, as shown below:
With this code, I go to postman and can have access to the access token, as shown below:
Still using Postman, I call the API url with the header containing the “Authorization”, and I successfully get the response:
2) Getting “Access Token” with Auth method in React js:
I already tried to get the access token using the Auth.currentAuthenticatedUser() and Auth.currentSession(), and I realized they are the same. So here I am going to show the access token from the Auth.curentAuthenticatedUser().
When I try to use this access token in the react js code it doesn’t work, and I get the following error:
When I try to use this access token in the Postman, it also doesn’t work:
When I use the access token from the Hosted UI in the React js code, it works perfectly:
My questions are:
• Why I am getting different “Access Token”?
• How can I get the right access token in the React Js?
I found the solution - credits to Chirag from SrceCde.
The API call was "unauthorized" when I was using the AccessToken from the Amplify on React JS, due to scope.
The accessToken is generated with aws.cognito.signin.user.admin scope, as show the image below:
For that reason, it is necessary to enable the "aws.cognito.signin.admin" OAuth scope in the Cognito User Pool, and also consider the "aws.cognito.signin.admin" OAuth scope in the API Gateway for the API you want to call.
After doing that, you can get the accessToken with the Auth.currentAuthenticatedUser() method, as I was already doing.
I've been using Azure Active Directory and adal.js to authorize web apps client side and it's worked great. Recently had a request to have user photo instead of a generic user icon.
I added Microsoft Graph permissions to the app registration. And tried to get a token for the user photo request like...
authContext.acquireToken('https://graph.microsoft.com', callback);
Which resulted in the response_type 'token' is not supported for the application error. So I found ADAL JS - response_type="token" is not supported suggesting setting "oauth2AllowImplicitFlow": true in the app manifest, which I did. Now I get Token renewal operation failed due to timeout error.
I've also added 'https://graph.microsoft.com': 'https://graph.microsoft.com' to the endpoints prop of the context config.
What do I have to do get this working? Way too much time spent just trying to get users' photos. Thanks.
I started using google API recently . I am using simpleauth https://github.com/crhym3/simpleauth for authentication to google app engine . Now I am using google blogger API for publishing my blog and fetching data .
This API requires access_token value to use the API https://developers.google.com/blogger/docs/3.0/using#RetrievingPostsForABlog for Authorization . I cant find a way to get value of access token .
Is there a way to get the value of acces token or am I doing something wrong ?
You need to register your webapp with Google to get a client ID and client secret. Then, you can configure your OAuth2 library with these details to allow you to send fully authenticated requests from your webapp to Blogger.
For the specific scenario you listed, retrieving a blog post, I think you can follow step 1 of this page and then follow these steps. You should be able to copy+paste the key from there into the query params of the GET request.
To issue fully authenticated requests, for publishing new posts, for example, you'll have to get your OAuth2 library with the client ID and client secret and have it issue the requests for you.