I have the Plaid Quickstart (node) up and running.
I successfully logged in to one of the sandbox institutions (First Platypus Bank) using the sandbox credentials and got the access_token which it generated.
Per the Link Update Mode docs (https://plaid.com/docs/link/update-mode/), you should be able to "force a given Item into an ITEM_LOGIN_REQUIRED state".
From the docs I linked to above...
Update mode can be tested in the Sandbox using the /sandbox/item/reset_login endpoint, which will force a given Item into an ITEM_LOGIN_REQUIRED state.
I used Postman (in the Sandbox Public environment) to send an API call to this endpoint, https://sandbox.plaid.com/sandbox/item/reset_login, to force the ITEM_LOGIN_REQUIRED state.
This is the body sent with the API call...
{
"client_id": "{{client_id}}",
"secret": "{{secret_key}}",
"client_name": "Insert Client name here",
"country_codes": ["US"],
"language": "en",
"user": {
"client_user_id": "unique_user_id"
},
"access_token": "{{access_token}}"
}
This is the response I got back...
{
"expiration": "2021-02-13T04:13:12Z",
"link_token": "link-sandbox-7d82e9b8-b8a7-4977-9c20-aadbc82ec050",
"request_id": "eE56J8f5XJKpS6L"
}
...which is what I expected.
I then went back in to the Quickstart app and logged in to the "First Platypus Bank" again expecting to be prompted for the MFA challenges, but, instead, it just created a new access_token.
So, how to I get the Plaid Quickstart app into Link Update mode?
Update:
Per Alex's question, here is an image showing the Postman call I made. He's correct, it was a /link/token/create call. What's confusing it that it's labeled Create Link Token - Update Mode.
Update 2:
Here's the /sandbox/item/reset_login call and response. There's no link_token included in the response.
Update 3:
Between Alex's help and some help from Plaid support, I got this working.
I was putting the link token in the wrong place.
For anyone seeing this in the future, here are the steps you need to follow to get the node quickstart app into Link Update Mode.
You can also watch this video to see a demo of the process; HOWEVER, note that in the video, I put the link_token in the wrong place. The instructions below show how to put it in the correct place.
Get the access_token for the institution you want to get into Link Update Mode (this assumes you have the quickstart app installed, up and running. See... https://plaid.com/docs/quickstart/)
Start the quickstart backend (/quickstart/node/start.sh)
Start the quickstart frontend (cd /quickstart/frontend; npm start;)
Once the frontend fires up on port 3000 in your browser, click the "Launch Link" button then click "Continue".
Search for the institution (e.g., First Platypus Bank, First Gingham Credit Union...if in sandbox mode. or your own institution if in dev mode)
Enter your credentials (user_good/pass_good ...if in sandbox mode)
Copy the access_token
Close the Plaid browser tab
In Postman (to set this up, see... https://github.com/plaid/plaid-postman), enter the access token you just copied into the access_token variable (See the first screenshot above. Click on the icon near the upper right-hand side that looks like an eye then scroll down to access_token and enter it.)
Run the /sandbox/item/reset_login endpoint. It's labeled "Simulate ITEM_LOGIN_REQUIRED [Sandbox only]" in Postman. The request body should look like second screenshot above. Once you Send the request, the response body should show "reset_login": true. Now the Plaid Item (i.e., the institution) is in ITEM_LOGIN_REQUIRED mode.
Run the /link/token/create endpoint. It's labeled "Create Link Token - Update Mode" in Postman. The request body should look like the first screenshot above. Once you Send the request, the response body should give you a link_token. Copy it for the next step.
Put the link_token in the Plaid quickstart app.
On line 23 in /quickstart/frontend/src/App.tsx, replace data.link_token with your link_token. So this dispatch({ type: "SET_STATE", state: { linkToken: data.link_token } }); becomes this dispatch({ type: "SET_STATE", state: { linkToken: "link-sandbox-704ef648-2acd-44a2-867b-ea1258e9205c" } }); (Use your own link_token, of course, and don't forget the quotes around your link_token.)
Restart the backend and frontend. When you launch Link, it should now be in Link Update Mode.
The process you describe sounds right, but the API request and response bodies in your post are the request and response for /link/token/create, not /sandbox/item/reset_login. Can you verify that you didn't accidentally call /link/token/create instead of calling /sandbox/item/reset_login?
Related
I have been at this for sometime now and wanted to see if anyone had and idea of what I could be doing wrong. What I am trying to do is add a song to a playlist using the provided Spotify Web APIs. According to the documentation on this https://developer.spotify.com/documentation/web-api/reference/playlists/add-tracks-to-playlist/ I need to establish the scope of the user.
"adding tracks to the current user’s private playlist (including collaborative playlists) requires the playlist-modify-private scope" I have created the playlist as collaborative and I am using the login credentials of my personal account to reach this playlist I created. all this is under the same login.
What I am finding is that my scope is not getting added to my token on my call for my token causes a 403 error when I try to add the song.
Here is what that call looks like
https://accounts.spotify.com/authorize/?client_id=mynumber&response_type=code&scope=playlist-modify-private&redirect_uri=http:%2F%2Flocalhost:55141/Home/GetToken/
here are the docs on using authorization to get the correct token.
https://accounts.spotify.com/authorize/?client_id=894400c20b884591a05a8f2432cca4f0&response_type=code&scope=playlist-modify-private&redirect_uri=http:%2F%2Flocalhost:55141/Home/GetToken/
further more if I go into the dev support here
https://developer.spotify.com/documentation/web-api/reference/playlists/add-tracks-to-playlist/
and click the green try button and then request a new token it works.
Bottom line some how my request is not taking my scope request. Any Ideas?
Thanks
To get the token with a specific scope you need to go to the authorize endpoint and get the code. The code is what you want to get to be able http post to the endpoint https://accounts.spotify.com/api/token and get a token with your desired scopes. You can simply get the code by pasting a url like this in your browser...
https://accounts.spotify.com/authorize?client_id=<client_id>&response_type=code&scope=streaming%20user-read-email%20user-read-private&redirect_uri=<redirect_uri>
Only add %20 in between scopes if you have multiple ones
You will then be sent to spotify's website and they'll verify you want to do this. Once you verify it your browser will redirect you to what you set the redirect_uri to be in the url above. At the end of the url that you are sent to, you should be able to see the parameter name code with the code value assigned to it. You then get that code and put it in your http post body params to the https://accounts.spotify.com/api/token endpoint. Make sure you accurately follow the query params requirements in your post method.
An example of the post in python using the requests library:
authorization = requests.post(
"https://accounts.spotify.com/api/token",
auth=(client_id, client_secret),
data={
"grant_type": "authorization_code",
"code": <code>,
"redirect_uri": <redirect_uri>
},
)
authorization_JSON = authorization.json()
return authorization_JSON["access_token"]
In the end you should get a json that shows the scopes you set a long with a refresh the token later on to make more requests.
I know this answer is quite late but I was experiencing the same issue as well which is how I came across this question. I hope this helps anyone that sees this at a later date.
Source: https://developer.spotify.com/documentation/general/guides/authorization-guide/#client-credentials-flow
I have registred a sandbox user. Now I am trying to use it, but I recieve "The access_token provided is invalid".
Sample request:
https://api.instagram.com/v1/users/searchq=abc&count=2&client_id=7b67cff1a7ab462881298434c08b5ab8
It was working in live mode, but I can't find why it isn't working in sandbox.
You need to check for requirements Scope for API you are using and if it's need and Authentications "Valid access Token". where also had some changes.
basic - to read a user’s profile info and media
public_content to read any public profile info and media on a user’s behalf
follower_list to read the list of followers and followed-by users
comments - to post and delete comments on a user’s behalf
relationships - to follow and unfollow accounts on a user’s behalf
likes - to like and unlike media on a user’s behalf
And take look about **Sandbox API behavior of your application not life yet :**
API Behavior
The behavior of the API when you are in sandbox mode is the same as when your app is live, but comes with the following restrictions:
Data is restricted to sandbox users and the 20 most recent media from each sandbox user
Reduced API rate limits
The first point is important and it means that the API behaves as if the only users on Instagram were your sandbox users, and the only media ever posted were the last 20 for each of these users.
For example, if you query the /users/{user-id}/ endpoint and the {user-id} is a sandbox user, then you will get the normal API response; but if the {user-id} is not a sandbox user, you will get a APINotFound error.
Good luck
For me the access token Instagram generate is too short: they gave me something like this:
d2c387d768ec4d619306807c53bbf92b
it should be:
2940736713.1677ed0.31bb22b2b0f84befacc79c6afd025134
I used this site to generate it:
http://instagram.pixelunion.net
I found it when solving the same problem with access by access_token
Here is official faq how to get access_token
You just should go through following steps (link to Instagram API documentation https://www.instagram.com/developer/authentication/):
1.Request the CODE
https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=code
change CLIENT_ID to you client id (you could get it here https://www.instagram.com/developer/clients/manage/ )
change REDIRECT-URI to your redirect_uri from tab security in client settings(open link above and tap to 'manage' button). I Used this one https://meyerweb.com/eric/tools/dencoder/ Encode url here and paste te result instead REDIRECT-URI
After you prepared it cope ready link to adress bar in your browser and run
2. Get the CODE
Browser ask you a premissons and redirect you to callback url with the code in the end. It will be look like this in adress bar:
http://yoursite.some/?code=d8af5619af6853d4ad11b4dd5f1ef17e
In this example your code is d8af5619af6853d4ad11b4dd5f1ef17e
Save it. You should use it in access_token request below
3. Make an access_token request
Open terminal and use curl:
curl -F 'client_id=CLIENT_ID' \
-F 'client_secret=CLIENT_SECRET' \
-F 'grant_type=authorization_code' \
-F 'redirect_uri=AUTHORIZATION_REDIRECT_URI' \
-F 'code=CODE' \
https://api.instagram.com/oauth/access_token
Change CLIENT_ID, CLIENT_SECRET, AUTHORIZATION_REDIRECT_URI and CODE to your own data and run it.
Curl return you JSON with access_token like this:
{
"access_token": "fb2e77d.47a0473320504cb3ab4a1f626d174d2d",
"user": {
"id": "1576583",
"username": "some",
"full_name": "Some",
"profile_picture": "..."
}
}
Well done! In this example fb2e77d.47a0473320504cb3ab4a1f626d174d2d is your access_token. Copy access_token value, use it in your app and enjoy you coding! :)
My issue was using v1 of Instafeed.js, rather than v2.
Once I switched to v2, everything started working.
<script src="/instafeed/dist/instafeed.min.js"></script>
<script src="https://ig.instant-tokens.com/users/.../instagram/.../token.js?userSecret=..."></script>
<div id="instafeed" class="instagram-feed">
</div>
<script>
(function(){
console.log(InstagramToken);
window.addEventListener('load', function () {
var feed = new Instafeed({
accessToken: InstagramToken,
});
feed.run();
});
})();
</script>
You haven't specified an access_token for your request.
I want to implement the Google Drive API to my web application using NodeJS and I'm struggling when I try to get a token via OAuth.
I've copied the code from this guide and run the script using Node and it returns an error in this line:
var redirectUrl = credentials.installed.redirect_uris[0];
Googling around I found that I can set that variable as http://localhost:8080 and set the same value in the Authorized redirect URIs configuration in the Google Developers Console and that error goes away, fine, it works. Now it asks for a code that I should get by using an URL.
https://accounts.google.com/o/oauth2/auth?access_type=offline&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fdrive.metadata.readonly&response_type=code&client_id=CLIENT_ID&redirect_uri=http%3A%2F%2Flocalhost%3A8080
Then I've added the client id and enter to that URL with Chrome and then returns a connection refused error. No clue what to do in here, I searched about my problem and I can't found an answer. By looking at the direction bar in Chrome I see that there's a parameter called code and after it, there's random numbers and letters. Like this:
http://localhost:8080/?code=#/r6ntY87F8DAfhsdfadf78F7D765lJu_Vk-5qhc#
If I add any of these values it returns this error...
Error while trying to retrieve access token { [Error: invalid_request] code: 400 }
Any ideas on what should I do? Thanks.
Did you follow all the directions on the page you indicated, including all of those in Step 1 where you create the credentials in the console and download the JSON for it? There are a few things to note about creating those credentials and the JSON that you get from it:
The steps they give are a little different from what I went through. They're essentially correct, but the "Go to credentials" didn't put me on the page that has the "OAuth Consent Screen" and "Credentials" tabs on the top. I had to click on the "Credentials" left navigation for the project first.
Similarly, on the "Credentials" page, my button was labeled "Create Credentials", not "Add Credentials". But it was a blue button on the top of the page either way.
It is very important that you select "OAuth Client ID" and then Application Type of "Other". This will let you create an OAuth token that runs through an application and not through a server.
Take a look at the client_secret.json file it tells you to download. In there, you should see an entry that looks something like "redirect_uris":["urn:ietf:wg:oauth:2.0:oob","http://localhost"] which is the JSON entry that the line you reported having problems with was looking for.
That "urn:ietf:wg:oauth:2.0:oob" is a magic string that says that you're not going to redirect anywhere as part of the auth stage in your browser, but instead you're going to get back a code on the page that you will enter into the application.
I suspect that the "connection refused" error you're talking about is that you used "http://localhost:8080/" for that value, so it was trying to redirect your browser to an application running on localhost... and I suspect you didn't have anything running there.
The application will prompt you to enter the code, will convert the code into the tokens it needs, and then save the tokens for future use. See the getNewToken() function in the sample code for where and how it does all this.
You need to use this code to exchange for a token. I'm not sure with nodejs how to go about this but in PHP I would post the details to the token exchange url. In javascript you post array would look similar to this ....
var query = {'code': 'the code sent',
'client_id': 'your client id',
'client_secret': 'your client secret',
'redirect_uri': 'your redirect',
'grant_type': 'code' };
Hope this helps
Change redirect uri from http://localhost:8080 to https://localhost:8080.
For this add SSL certificates to your server.
I recently opened a new Instagram account and registered a new client. The information I received back from Instagram included the client_id and the client_secret.
I will only run the script on my machine, and be the sole user of the project, so I don't need any user to "log in". But for some reason, whenever I try to make any calls to the Instagram-Node API, it returns the following error:
{ [Error: OAuthAccessTokenException: The access_token provided is invalid.]
code: 400,
error_type: 'OAuthAccessTokenException',
error_message: 'The access_token provided is invalid.',
retry: [Function] }
That's weird to me, because I have an identical setup with an older Instagram account and different credentials, that seem to be working just fine. Then again, that was before November, when Instagram changed some of their API policies.
I use the Instagram-Node like so:
ig.use({
client_id: "dxxxxxxxxxxxxxxxxxxxxxxx2",
client_secret: "4b0xaxaxaxaxaxaxaxaxaxaxa53c03100e4"
});
and make my first call like this:
ig.user_media_recent(user.toString(), options,...
I tried handling the authentication by rerouting my request through the redirect_uri as shown in the Instagram-Node documentation, but even then, all of my requests are unsigned, so it's not clear to me what I would do with the access_token any way.
Any help would be much appreciated!
Okay, the problem is a misunderstanding of the limits of the Sandbox Mode, they essentially make it impossible to look up media from users who are not in your sandbox.
The documentation here says:
The first point is important and it means that the API behaves as if
the only users on Instagram were your sandbox users, and the only
media ever posted were the last 20 for each of these users.
I was trying to find media from users who are not in my sandbox, and so I received an error. The reason that my previous credentials weren't affected is because they are still grandfathered into the grace period, June 2016, at which time they will expire as well. Thanks!
I ran into this same issue. If your app is using oauth, you will cause Instagram to spaz out if you pass the client_secret and client_id stuff again. I had to take these out of my code. So I just pass the access_token now.
ig.use({ access_token: token });
ig.user_media_recent(config.userid, { count: 20 }, function(err, medias, pagination, remaining, limit) {
Were my equivalant statements.
EDIT: I forget to mention. This is after a cycle of these for those confused:
api.authorize_user
api.get_authorization_url
I am working with a form system very similar to WUFOO that allows me to send data to an external website using WebHooks.
I have been able to connect my form to my ASANA system through Zapier but I cannot seem to get the API system to operate correctly. Can someone please advise or assist me on what I am doing incorrectly here?
In the screenshot note the following:
- Web URL functions for any web URL (https or http)
- HTTP method has POST, PUT, or GET options
- Data format allows me to input virtually anything so I can match up form fields with any necessary names for ASANA.
I simply cannot get the system to connect to ASANA. Please help me.
Screen shot of WebHook Options
I don't have access to your exact form builder but assuming it does what it says it is doing you can try the following. I'll use creating a task as an example.
Create a personal access token in Asana. To do this log in to Asana, click the icon in the top right corner and open "My profile settings". Go to the apps tab and create a personal access token. You will only ever see this token once so create a new one if you lose it. Also retrieve your workspace id, you can get it by opening app.asana.com/api/1.0/workspaces while logged in.
Now back to your form. For the website url place the specific endpoint you want to hit at Asana. For example, lets create a new task:
https://app.asana.com/api/1.0/tasks
Under the HTTP Method you want to select POST
Under the HTTP Headers you want to specify something like (replace 0/1234abcd with your access token):
{
"Authorization": "Bearer 0/1234abcd",
"Content-Type": "application/json"
}
You can use Send Raw Data and specify something like the following in the raw data section (replace 1234 with your workspace id):
{
"data": {
"workspace": 1234,
"name": "The name of the task"
}
}
You can of course add other fields- please see the API reference for more information:
https://asana.com/developers/api-reference/tasks
Let me know if that works for you.