I am running this command to create a VSCode publisher:
vsce create-publisher cprev
but I am getting this 401 error:
my shell showing the 401
I have a personal token created like so:
the azure devops console
anyone know why I am getting a 401? Is there some way to debug it, to get a more specific message?
One easy mistake to make when creating the PAT (Personal Access Token)
is to not select all accessible accounts in the Accounts field
drop-down (instead selecting a specific account). You should also set
the Authorized Scopes to All scopes for the publish to work。
Please set Organization in drop down list with All accessible organizations.
More details pleas take a look at this similar issue here: vsce create-publisher returns 401
Related
I am trying to use sendgrid on azure, but when I am creating the account, it gives me an error saying:
The portal is having issues getting an authentication token. The experience rendered may be degraded.
Additional information from the call to get a token:
Extension: SendGrid_EmailService
Details: code: 500, statusText: error, message: There was an error processing your request. Please try again in a few moments., stack:
It has been giving me this since morning, pretty annoyed. And also it disables two fields, and marks them as loading:
Screenshot of the two fields marked as loading (For a very long time)
Since sendgrid wasnt working I thought I'd try and use SparkPost- The signup was successful, but its been taking hours to deploy.
Then I thought of manually configuring the smtp settings so the host and user and stuff could be sendgrid, but I wasnt able to find a way to do so.
Could someone help me out please! Thanks in advance!!
EDIT: This problem has been solved by the Microsoft Team.
Looks like SendGrid has some technical problems. You should check first SendGrid official support website if this is the issue. I was using SendGrid for a while, but I had to move to another solution. When you are registering SendGrid account via Azure you getting standard SendGrid plan. That means that you are sending your mails through shared SendGrid IPs. This is probably ok for marketing emails, but if you intend to send any transactional emails like password reset, bills etc you will end up eventually with tearing your hair off the head, because shared SendGrid IPs are in most existing spam blacklists out there.
SendGrid app status
I was able to enter to SendGrid using the following steps from Aaryaman Maheshwari in this comment:
Steps from Aaryaman's answer:
Step 1: In order to find ur username for SendGrid, first, go to the
SendGrid resource and then click properties. Now copy the resource id.
Step 2: Now, in the azure online shell, open bash and type the
following command: az resource show --ids [THE COPIED RESOURCE ID]
Make sure to replace [THE COPIED RESOURCE ID] with the resource Id you
copied in step 1
Step 3: In the json string that the terminal outputs, look for the
username property and note that down
Step 4: After you do that you can manually go to sendgrid.com and then
enter the username you just retrieved and then the password which you
used to sign up with.
Thanks Aaryaman Maheshwari
In order to incresase security, Sendgrid has recently requested to enable 2 factors authentication to connect to your account (it started one or two weeks ago).
Since this moment, the "automatic" connection from Azure to Sendgrid stopped to succes, and we have the same 500 error.
Also, "basic authentication" (username / password) will stop to work (starting from 10 decemeber I believe) in your api.
I'm not sure this is the reason, but it happens at the same time ;)
Just to update:
There was bug identified on Azure Portal and our product engineering team have fixed the issue.
Provisioning SendGrid account via https://portal.azure.com/ and managing works as expected.
The alternate https://rc.portal.azure.com/ URL was shared during the impact and is no longer required to be used.
We had a discussion on Q&A thread. Once again apologies for all the inconvenience. Much appreciate the follow-up and great collaboration.
I've built an API-based integration with DocuSign (using their PHP SDK), and am now at the point of deploying to the production server. I have reconfigured everything with the production integration key, public/private key pair, user and account IDs, endpoint URL, etc. replacing the demo ones. The OAuth portion of the conversation is working fine, and I get a valid token back. When I then try to send an envelope, I hit a USER_LACKS_MEMBERSHIP error, and cannot figure out why. As far as I can see, everything about the API user is the same between the demo and production systems.
I've authorized the application and made sure that it's in the list of "Applications with Access to DocuSign".
I have enabled logging, but the only things that are showing up in there appear to be from my own navigation in the site, nothing related to the API calls at all.
Most of the documentation that I can find on this simply repeats the generic error text: "The UserID does not have a valid membership in this Account." If I go to the account admin and look at the list of users, the one I'm expecting is right there, with DS Admin permission; not sure what else might be done to give them "membership". One mentioned not using SendOnBehalfOf, but I'm not, so I can't really remove that.
All the code is identical, just configuration that's changed. Not sure where else to look. Anybody have any suggestions for what to try?
FURTHER INFORMATION
I've tried the getUserInfo call in the SDK, passing the same access token I use for the other call. It returns successfully, showing that it is for the user I'm expecting, in the one group we have, on the production server. And yet, when I enable logging again, as this same user, there is still zero record in the resulting logs of any of this API activity.
Attempts to do things like list templates with the SDK fail with the same USER_LACKS_MEMBERSHIP error.
Using the Diagnostics API (again, through the SDK) to check logging status shows that it is NOT enabled (despite my enabling it in the UI), but can be enabled with a separate call. Subsequently attempting to use listRequestLogs in the SDK generates a 404 error, though the URL matches what's listed in the API documentation (/v2/diagnostics/request_logs). Not sure whether these findings confirm that I'm somehow logging onto the API and the UI with different users (even though the user name and internal ID match), or that there's some problem with the logging facility in DocuSign.
The problem turns out to be the URL I was using for API calls. I switched from demo.docusign.net in testing to www.docusign.net in live, but being in Canada we need to use ca.docusign.net. For those who find this later, you can get the correct base path to use from the oauth/userinfo endpoint, or the getUserInfo() call through the SDK (PHP SDK, at least; don't know what the analogous call would be in others).
There are 3 things to consider:
API calls are made to an endpoint (URL) that contains the account # (either GUID or short form) in the url. Take a note of that number in the url.
Auth Token is a token for a specific user in a specific account.
UserId for the specific call. That is a specific user in the account.
If the user is not in the account, or there's a mismatch between #1 and #2 - you'll get this error. You must work with a single account and have it in all places as well as the user must be a member of this account.
Re:
I have enabled logging, but the only things that are showing up in there appear to be from my own navigation in the site, nothing related to the API calls at all.
Since the request logging is not showing your API activity, the problem is that the person you've logged in as on the web tool is not the same as the person (user id) that you've logged in as on your application.
Solution for OAuth Authorization Code authentication: double check that when your app is logging into DocuSign, you're using the account.docusign.com authentication server, not the account-d.docusign.com auth server. (Look at the URL in your browser during the login sequence.)
Solution for OAuth JWT authentication: re-check that the impersonated user id is from the production system and you're using the right authentication server
I am not sure if I am on the right path, but I am attempting to retrieve my contacts within an Azure Function. I don't need to present a login as this is only for my account. I just want to be able to retrieve my Contacts from the Graph without having to explicitly authenticate. Is this possible? My attempts have failed and I ultimately get stuck trying to add permission...
When I click to add Permission, I get this error:
I am trying to use AAD to authenticate. I tried creating the function within the Portal and also from VS. Any suggestions? Thanks!!
You could follow the steps below to fix the issue.
1.Navigate to the Authentication / Authorization of your function app, click the red frame part like the screenshot.
Go to Manage Permissions -> Add -> select the Windows Azure Active Directory API and Sign in and read user profile permission
Then refresh the portal, it will work fine.
I've downloaded the starter pack and performed all steps as mentioned in the tutorial. I can create accounts but if I log out and want to sign in again I always get the error invalid username or password. Can anyone share any pointers as debugging this is nearly impossible.
I've created several accounts already just to be sure the password was ok.
I've created the keycontainers
I've created the two applications that are needed in the custom policies (web app and native)
I've updated the extension file with the correct id's
yeah if you dont get your client IDS correct you cant log in and then it constantly reports as invalid credentials.
Double check that you are writing the object ids correctly.
I am trying to get data from Netsuite using RESTlet. For that, i am using the following details in PHP:
Consumer Key
Consumer Secret
Script Id
Deploy Id
Access Token Id
Access Token Secret
At first time of using these details, i got that error is Invalid login attempt.
I found why it is coming , because of the following any one or all of the wrong details.
Consumer Key
Consumer Secret
Access Token Id
Access Token Secret
After giving correct details it works fine and i stored all these details in DB. I didn't change anything. But after few days i am getting the same error.
I want to know whether the access token will expire after some days or why the error is coming.
I recently had similar issue, everything worked on my machine, but fail with same exception on the test server. Carefully debugged and saw that timestamps for generating request access token are with 12 min difference.
After synching times everything went fine. So even token definitions in NetSuite doesn't expires, timestamps for generating request tokens must be in 'some' time-window with time in the NetSuite environment.
Too bad that SuiteAnswers (https://netsuite.custhelp.com/app/answers/detail/a_id/44241/kw/44241) doesn't mention anything about time.
If you are trying to access a RESTlet through Token Based Authentication (TBA) and are receiving the INVALID_LOGIN_ATTEMPT error and the login audit detail is permission_denied, then the following may work.
Ensure that the role:
Isn't an administrator type role
Doesn't have the Web Services Only Role checked
Also double check that your related integration has the TOKEN-BASED AUTHENTICATION checked.
Note: to check your audit trail detail, go to Setup > Users/Roles > View Login Audit Trail, check USE ADVANCED SEARCH, and be sure to add Detail as a result column.
In my case I was getting the account id from the URL which is lowercase, while it should be upper case.
I was testing on a sandbox and sb1 should be xxxxxx-SB1 on the URL and Realm should be xxxx_SB1
Finally I found the answer for 403 error in my case, I changed the time offset with my standard CST time zone, and repost, it worked.
If you found this 403 error and have been trying every ways, check the time on your machine
If you are using user credentials for RESTlet Authentication ensure that the role in use doesn't have the web services only Role checked.
It has to ensure the token (Token ID) matches the proper Application on the Netsuite side.
Setup -> Integration -> Manage Integrations