I am trying POST method from postman for Step 2 of Auth Code Flow.
But, I am getting the response as-
{
"error": "invalid_request",
"error_description": "missing required parameter(s). (grant_type)"
}
I have already provided the grant_type as authorization_code.
Not able to figure out what is the problem.
Screenshot of Postman request attached along.
It should be:
grant_type=authorization_code
You can review the docs here:
https://developer.okta.com/blog/2018/04/10/oauth-authorization-code-grant-type
Related
My requirement is to get only the document library list of SharePoint via Rest API.
I added Files.ReadWrite.All application permission and got token with scope: https://graph.microsoft.com/.default
To filter only document library of SharePoint, I'm using this:
GET https://graph.microsoft.com/v1.0/sites/siteid/drives?$filter=(driveType eq "documentLibrary")
This threw me "400 Bad Request". I have no idea why I am getting this error. The complete error looks like:
{
"error": {
"code": "BadRequest",
"message": "Invalid filter clause",
}
}
Did anyone face the same scenario? I am totally confused. How to get rid of it? How to add filters in the Graph api query?
I tried to reproduce same in my environment and got below results:
I created one Azure AD application and granted API permission like below:
I got the access token via Postman with same scope as below:
POST https://login.microsoftonline.com/<tenant_id>/oauth2/v2.0/token
client_id: client_id
grant_type:client_credentials
client_secret: client_secret
scope:https://graph.microsoft.com/.default
Response:
When I used the above token to call below query, I got the same error as you:
GET https://graph.microsoft.com/v1.0/sites/<siteID>/drives?$filter=(driveType eq "documentLibrary")
Response:
To resolve the error, try modifying your filter query like below:
GET https://graph.microsoft.com/v1.0/sites/<siteID>/drives?$filter=driveType eq 'documentLibrary' &$select=id,createdDateTime,name,webUrl,driveType
Response:
I have an API which has Authorization has bearer token. I tested in post man and it's working. However, it's not working when I used web activity in the ADF.
I am passing the url in the URL section. Created new header, typed Authorization and gave value "Bearer token"
Getting below error
Error
Troubleshoot activity failures
{
"errorCode": "2108",
"message": "{\"error\":{\"type\":\"invalid_request_error\",\"message\":\"Request forbidden by administrative rules. Please make sure your request has an acceptable User-Agent header.\",\"documentation_url\":\"https://developer.dentally.co\"}}",
"failureType": "UserError",
"target": "Web1",
"details": []
}
Can anyone please advise?
I reproduced the same in my environment. I successfully generated a bearer Token with Postman.
To solve the above error code:2200. Please follow the below approach.
I used the same URL with web Activity and generated a bearer Token in the Azure data factory.
Generate bearer Token as shown below:
Connect Web activity 2 with newly created Web1 activity
Add dynamic expression : Bearer #{activity('Web2').output.data.Token}
Output:
Reference:
Sample Rest API URL for testing with authentication by Ashok Patel
I am trying to follow Revolut's tutorial for authenticating to their API and I'm stuck at requesting a reusable access token.
So far I've managed to:
1. Create public/private keys
2. Upload public key
3. Sign a jwt with the generated client_id
4. Get an authorisation code
But I am blocked at using the above for requesting a reusable access token.
As per this page, I'm supposed to create a POST request on https://b2b.revolut.com/api/1.0/auth/token with the following body:
{
"grant_type": "authorization_code",
"client_id": my_client_id,
"code": my_authorisation_code,
"client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
"client_assertion": my_jwt
}
Which I've done in Insomnia but I keep getting this error:
{
"error": "invalid_client",
"error_description": "client_id is missing"
}
Looking on SO for an answer I stumbled upon this answer, but I get this error all the time, even after I change the client_id.
Turns out the body should not be a JSON, it should have been url encoded, like this:
grant_type=authorization_code&client_id=client_id&code=code&client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&client_assertion=jwt
I am trying to get the refereh_token, access_token using Google Auth Exchange Code, went through the documentation but it doesn't work, I am using a react-google-login for Auth and getting the code in response and i am passing the code
https://accounts.google.com/o/oauth2/token but its giving error
{
"error": "invalid_grant",
"error_description": "Bad Request"
}
i have tried lots of ways
code=4%2FKxoYTS-jeq5-d6Lv7YvSz9ZrK0pJ_5lZsMExzNC1M0o&redirect_uri=https%3A%2F%2Fdevelopers.google.com%2Foauthplayground&client_id=407408718192.apps.googleusercontent.com&client_secret=************&scope=&grant_type=authorization_code
frontend is reactjs and backend is nodejs..
To get the ACCESS token using referesh token you have to call a api which will give you a new access token
call a POST APi https://www.googleapis.com/oauth2/v4/token
pass the body as x-www-form-urlencoded i.e
Header as
Content-Type : application/x-www-form-urlencoded
Body
client_secret : 'xxxxxxxxxxxxdxxxxxSSd'<YourClientSecret>
grant_type : refresh_token'
refresh_token : '1/DDPkddk514451xxxxxxxx' <YourRefreshToken>
client_id : 'xxxxxxxxxxxxxxx' <YourClientID>
for more reference you can read this https://developers.google.com/identity/protocols/OAuth2WebServer
I'm trying to call the outlook API with the following request:
https://outlook.office.com/api/v2.0/me/calendars
GET
Authorization: Bearer [my fresh bearer token]
I successfully retrieved an access_token from the token endpoint after the login and user consent.
However, every request I try returns 401 Unauthorized with the following header (showing that one cause it looks weird to me):
WwwAuthenticate [HttpHeaderValueCollection]: {Bearer client_id="00000002-0000-0ff1-ce00-000000000000", trusted_issuers="00000001-0000-0000-c000-000000000000#*", token_types="app_asserted_user_v1 service_asserted_app_v1", authorization_uri="https://login.windows.net/common/oauth2/authorize", error="invalid_token", Basic Realm="", Basic Realm="", Basic Realm=""}
As you can see, at the end there is error="invalid_token"
Also, there is app_asserted_user_v1 service_asserted_app_v1
Is there something I forgot to activate or configure properly?
EDIT: I did found this post but if I add a resource parameter like the OP, I get "Bad Request" and this code:
AADSTS90100: The 'resource' request parameter is not supported.
All right I found the answer myself and I hope it will help more people:
The problem was even before, at the step I was redirecting the user to the MS Login page.
At that point I used to give it the following scopes:
openid Calendars.ReadWrite offline_access profile
BUT, the Calendars.ReadWrite MUST but passed with its "full" name, being:
https://outlook.office.com/Calendars.ReadWrite
HTH