I am using REST API get information from Salesforce to my PHP page. After a long time don't use on PHP page I take a error message "failed with status 401, response [{"message":"Session expired or invalid","errorCode":"INVALID_SESSION_ID"}], curl_error , curl_errno 0". Please help me how to recall Authentication on php to avoid session timeout? I want my Page is always connection to Salesforce. please tell me other suggestions to resolve it.
The session ID or OAuth token used has expired or is invalid. The response body contains the message and errorCode. - http://www.salesforce.com/us/developer/docs/api_rest/Content/errorcodes.htm
Just catch that 401 error and reauthenticate.
Or use the refreshToken when using Oauth. As documented here: http://wiki.developerforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com
Related
I tried to make a token joiner on discord with the requests library but not from any error but the tokens do not enter even if they are valid
Someone can help me thanks
On invalid tokens, Discord's API returns a 401 Unauthorized error. So that should be one sign to spot if a token has expired or is no longer valid due to other circumstances.
You should just be able to use a POST request to the URL https://discord.com/api/v9/invites/{invite}. Then the response from this request would be data about the server or a 401 Unauthorized error.
I am trying to get access token from api https://api.amazon.com/auth/o2/token
POST /auth/o2/token HTTP/l.l
Host: api.amazon.com
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
grant_type=refresh_token
&refresh_token=Aztr|...
&client_id=foodev
&client_secret=Y76SDl2F
But after POST request I get 500 server error.
Is it because my app is in draft status? or I am missing something while making request?
If it because of draft status then when the status will get change? any thoughts on this.
Thank you for your help in advance.
The documentation is wrong. I was getting the same exact error and came across this comment on a github issue which mentioned that the data has to be passed into the body of the request, not as query string parameters. Sure enough, this worked for me and I was able to get an access token. So just to clarify: grant_type, refresh_token, client_id, and client_secret should be passed into the body of the POST request to https://api.amazon.com/auth/o2/token and NOT as query string parameters.
Draft status will not keep you from requesting and receiving the access token.
Here are a few things to check as not much can be derived from the example post request from the documentation:
Did you configure AWS IAM role / policy / user properly
Did you use the correct IAM ARN when registering the application
Are you using the correct LWA credentials (I am assuming you're not passing foodev and Y76SDl2F as those are example parameters)
Have you self authorized the application (are you using the refresh token generated
for the authorized application)
Are you 'assuming the role' before the token exchange -- this is a very important step
and is very different in comparison to how access was handled with MWS -- if
you have not, the server will reject the token exchange regardless if the refresh
token is correct. More on that here
This is a non-exhaustive list, just some common issues I have seen other developers have with getting the access token during development, if these don't work you'll need to work with support as they can see the requests hitting the token endpoint.
We have a basic IdentityServer implementation using ClientCredentials. When a token is requested with an invalid secret, we're receiving an invalid_client error with a 400 BadRequest status. What is the best way to override this response and return a 401 unauthorized? We have a remote device accessing our api which expects a 401 for authentication errors.
One option is to work with another project that works as a facade in the middle, connects to the /connect/token methods and then gives a different response having 401. Here are some links:
https://microservices.io/patterns/apigateway.html
How to setup a Web API Facade pattern
I call a dahua API for preset response in angular js but it gives me a 401 Unauthorised error.
My code is below :
var streamurl='http://admin:123456#192.168.1.202/cgi-bin/ptz.cgi?action=start&channel=0&code=PositionABS&arg1=180&arg2=190&arg3=10';
$http.get(streamurl, { withCredentials: true })
.then(function(response2) {
console.log(response2.data);
});
I could be wrong but I think you are getting login screen with that request. I've read through documentation and I have found your way of authentication only working on rtsp:// protocol, and for http I believe you should modify headers, and encode your username/pasword to base64, here's documentation:
ftp://ftp.wintel.fi/drivers/dahua/SDK-HTTP_ohjelmointi/DAHUA_IPC_HTTP_API_V1.00x.pdf
Also you should probably use this since you are using AngularJS/NodeJS, it will make your life easier - or check how this guy did his authentication and "borrow" from him:
https://github.com/nayrnet/node-dahua-api
How to Fix the 401 Unauthorized Error
Check for errors in the URL. It's possible that the 401 Unauthorized error appeared because the URL was typed incorrectly or the link that was clicked on points to the wrong URL - one that is for authorized users only.
If you're sure the URL is valid, visit the website's main page and look for a link that says Login or Secure Access. Enter your credentials here and then try the page again. If you don't have credentials, follow the instructions provided on the website for setting up an account.
If you're sure the page you're trying to reach shouldn't need authorization, the 401 Unauthorized error message may be a mistake. At that point, it's probably best to contact the webmaster or other website contact and inform them of the problem.
The 401 Unauthorized error can also appear immediately after login, which is an indication that the website received your username and password but found something about them to be invalid (e.g. your password is incorrect). Follow whatever process is in place at the website to regain access to their system.
From https://www.lifewire.com/401-unauthorized-error-what-it-is-and-how-to-fix-it-2622934
I'm using OAuth2.0 User-Agent Authentication flow to get the access & refresh tokens so that I can use the Foce.com REST API over remote access. Now, the problem is that I'm able to authorize successfully and recieve the tokens, but while using those tokens just after authorizing my client application, I'm recieving a java.net.ConnectException: Connection refused error.
Following Steps I'm doing
Redirecting to
https://login.salesforce.com/services/oauth2/authorize?response_type=token&client_id={my_client_id}&redirect_uri={my_redirect_uri}&state=myState
Authorizing the app in salesforce and then receiving back the access token and refresh tokens in the hash of the redirect_uri as
{my_redirect_uri}#access_token={my_access_token}&refresh_token={my_refresh_token}&instance_url=https%3A%2F%2Fap1.salesforce.com&id=https%3A%2F%2Flogin.salesforce.com%2Fid%2F00D90000000gscOEAQ%2F00590000000sdtJAAQ&issued_at=1351151192815&signature={my_signature_value}&state=myState
&scope=id+api+refresh_token
Now I'm using the REST API using the same access token by doing a POST to
https://ap1.salesforce.com/services/data/v20.0/sobjects/Lead/
with request headers:
Content-Type: application/json
Authorization: OAuth {my_access_token}
I have not escaped the access token while sending the post as it needs to be done when using CURL. Is that needed when using HttpClient Java API also?
The response that I'm getting is "java.net.ConnectException: Connection refused error."
Can someone please let me know what I'm doing wrong or how I can debug it further ?? Is there any way to see whats happening at Salesforce end? Some logs may be ?
I'm getting the exact same connection refused error if I try OAuth Refresh Token Process also.
Sorry for the noise.
I was getting "invalid_grant" with "expired access/refresh token" while validating the customer secret using the Refresh Token Procedure but since it was secured transmission so all I was getting in Java was "Connection Refused" with no detailed error message.
I got to know the detailed error by Setting up SSL Proxy in Charles as described here. After that I was able to see the request parameters and response send to https://ap1.salesforce.com which was earlier not readable.