I am using discord OAuth2 for chrome extension authentication. I get user access_token and would like to use it to get roles of actual user on my server. I tried to use https://discordapp.com/api/v6/users/#me/ or https://discordapp.com/api/v6/users/#me/guilds but it only gives me information about user servers. Can I get information about roles of this user also? How can I do it?
You can access the role ids through the /users/#me/guilds/{guild.id}/member API with the guilds.members.read scope and OAuth2 but don't think you can get the actual role object. I thought I could call /guilds/{guild.id}/roles to get a list of the roles and resolve the id but this thread suggests that its only available to bots and not OAuth2.
EDIT:
In my scrambling to figure out how to resolve role_ids I found that you can use the shortcut <#&[role_id]> in a Discord Message entry form to figure out the name of the role the role_id is actually referring to.
To get information about guilds that the user is on and the roles that user is on, you might need to look into Discord's documentation. I'm not 100% sure if you can get information about user's roles through OAuth2 but this is what I found.
guilds scope returns partial guild info
allows /users/#me/guilds to return basic information about all of a user's guilds
Like said on the document (quote on above), it returns basic information, this might not include user's roles, but only all guild roles, and not the roles user has.
{
"id": "80351110224678912",
"name": "1337 Krew",
"icon": "8342729096ea3675442027381ff50dfe",
"owner": true,
"permissions": "36953089",
"features": ["COMMUNITY", "NEWS"]
}
Not sure if the guilds scope return more info than that like full guild structure
I would suggest echoing/logging down information that you get from that scope.
Not sure if this will help at all but this link has the official discord documentation on how to get a list of users in a guild, search for a user, or get more info on a specific user, via oath2 and requesting info from the endpoints. Official Discord (get-guild-member)
Of note personally I am using a GET request to /guilds/{guild.id}/members to get a list of users within a guild the account is a part of.
I believe that this then either returns the role within the server along with the list or if this is not included, you are able to take the id and either search for the user with that id, or request more information from /guilds/{guild.id}/members/{user.id} to get as much information as discord has available on a certain user within the guild.
Also of note, I had the same issue with the 401: unauthorized error. The solution to this is making sure you have the correct members, and guilds intents listed in your discord application.
Related
I have this endpoint for fetching groups an authenticated user is an admin of:
let groupsDataURL = `https://graph.facebook.com/${userId}/groups?access_token=${accessToken}&fields=administrator,member_count,id,name,icon,cover,permissions,privacy`;
But for some weird reason, some users of my app have been complaining bitterly that they are admin to some groups but the groups are not showing up in the results.
That begs the question, is there another undocumented parameter that I need to use to ensure the Endpoint works well for me. I want all groups the user is an admin of to be returned correctly 100% of the time.
Please help me as my users are super upset already!!!
Thank you.
This is the my web-app "User Settings" page.
I have simplified it to a minimum to better highlight the problem.
To authenticate users I use Auth0, I wanted to use the sub claim user_id to identify the users inside my MySQL database for update and retrieve user's info. Unfortunately the user_id is different for each provider, for example, if the same user with the same e-mail logs-in via Auth0 he gets a user_id if he does it via google he gets another one.
I thought about using email to link logged user to his info.
The problem is in my API. Before the change it was "localhost: 8080 / api / users /: id"
each time it created a new id and in any case it was impossible to recover the data of the single user. Now that I have replaced "id" with "email" my API has also changed in "localhost: 8080 / api / users /: johnsmith#xxx.com".
Before:
After:
In a few words, the request url on the client side has also changed.
I would like to make sure that the GET and PUT requests are made based on the e-mail of the logged user without going to modify the whole back-end.
Sounds like something is wrong with how you authenticate users. If you have multiple ways to authenticate a user, those methods need to be in a one to many relation with the user. For example each user has a list of auth-methods, and whenever an authentication is made you check your table of authentication methods and find the one user it maps to.
Im not sure if you are doing this yourself or if the framework you are using is handling that, but it sounds like you need to change the model to allow many Auth methods for a single account.
Also you could use email, but that is also an "old" way of uniquely identifying users almost every single person has multiple active email accounts nowadays, so you should also have a one-to-many relation for users to emails. What if the user has different email accounts for their Facebook and Google accounts?
See account linking here: https://auth0.com/docs/users/user-account-linking
It is dangerous to trust that the external providers are truthful about what email belongs to who. What if I open a new account using someone else's email on one of the providers? Then I can log into that users account in your application, which is a pretty big security risk.
I have the exact same issue as this question, however it looks like OP dropped off from troubleshooting.
I am accessing this endpoint:
GET https://graph.microsoft.com/v1.0/users/[UPN]/drive/
However the response is lacking the quota property (and an empty owner property):
{
"#odata.context":
"https://graph.microsoft.com/v1.0/$metadata#drives/$entity",
"id": "[ID]",
"driveType": "business",
"owner": {
"user": {}
}
}
I can confirm via http://jwt.calebb.net/ that the Files.Read.All permission scope is applied to the application (in fact, I've ticked every box in the Azure app).
The token is being generated at the tenant level using the tenant's Account Object Id (ie, not on the user level).
Based on some quick testing using the Microsoft Graph Explorer:
https://graph.microsoft.io/en-us/graph-explorer
It appears to me that the result you are getting (with an empty owner property, and lacking quota) is a result of the fact that you do not have access to another person's drive information.
Specifically if we try the following query, using the Demo Tenant Available by the Graph Explorer:
https://graph.microsoft.com/v1.0/me/drive
I get all the data you are looking for. Even if I specifically call out the UPN of the demo user:
https://graph.microsoft.com/v1.0/users/alexd#a830edad9050849NDA1.onmicrosoft.com/drive
It works. However, if I try to query ANOTHER user:
https://graph.microsoft.com/v1.0/users/admin#a830edad9050849NDA1.onmicrosoft.com/drive
I get exactly what you posted above.
You should make sure that you are logged into the user account which you would like to query their Drive's quota information. I believe this will fix your issue.
EDIT:
I just noticed in your question that you mention you are getting an App Only Token. My guess is that this information is not available at the App Only Level, and again, requires a user to be signed in to get their specific drive information. I might need to follow up to understand if that is really a requirement here. But I hope you can, in the meantime, verify the fact that using a user token, you are able to resolve the drive information about that user.
This was working fine for many months and now it's just a blank space. I get the following error: Error from Instagram: The access_token provided does not match an approved application. How can I get a new access_token for an existing client??
You need to check you application hasn't been put into sandbox by Instagram. They made big changes to their API on the 1st of June and if you had it submitted your app for review it will be put in sandbox mode and only sandbox users will be able to use it.
Even if you are not in sandbox mode you may need to get your users to reaurhorize your app due to new scopes being used to control access to everything other than basic user information.
Check Instagram Developer Docs for more information on the changes
You need to check your Access token's Scope and asking for login permission
where some new Scope had been added ex:public_content Added. Also don't forget to check for requirements Scope for API you are using and if it's need and Authentications "Valid access Token". where also had some changes.
basic - to read a user’s profile info and media
public_content to read any public profile info and media on a user’s behalf
follower_list to read the list of followers and followed-by users
comments - to post and delete comments on a user’s behalf
relationships - to follow and unfollow accounts on a user’s behalf
likes - to like and unlike media on a user’s behalf
And take look about **Sandbox API behavior of your application not life yet :**
API Behavior
The behavior of the API when you are in sandbox mode is the same as when your app is live, but comes with the following restrictions:
Data is restricted to sandbox users and the 20 most recent media from each sandbox user
Reduced API rate limits
The first point is important and it means that the API behaves as if the only users on Instagram were your sandbox users, and the only media ever posted were the last 20 for each of these users.
For example, if you query the /users/{user-id}/ endpoint and the {user-id} is a sandbox user, then you will get the normal API response; but if the {user-id} is not a sandbox user, you will get a APINotFound error.
As another example, let's consider an endpoint that returns a list of media: /tags/{tag-name}/media/recent. The response returned by this endpoint will contain only media with the given tag, as expected. But instead of returning media from any public Instagram user, it will return only media that belongs to your sandbox users, restricted to the last 20 for each user.
Good luck
The following video clearly explains what steps to follow to get this working with the new auth
https://www.youtube.com/watch?v=0k4RhTS94Hw
Kind Regards
Sandeep Sahoo
So I want to get a user's feeds (or lets say user's posts); based on this documentation I'm calling the following endpoint:
https://graph.facebook.com/{USER_ID}/feed?access_token={MY_ACCESS_TOKEN}
https://graph.facebook.com/{USER_ID}/posts?access_token={MY_ACCESS_TOKEN}
But this is giving me an empty data array; although there are public posts by the user! Am I doing something wrong? Should the user give the permission to my app?
Although the following end point works (which shows user general info), but that's not what I want; I want just a user's posts
https://graph.facebook.com/{USER_ID}?access_token={MY_ACCESS_TOKEN}
Thanks
You have to use facebook login and request permissions from the user to access their posts : "user_posts". This document covers how to request permissions with faceboook login. Once you are granted the user_posts permission, you can use the access token you obtained from the user in your call to get the users feed.