I'm using firebase and I'm trying to create a backend function that can fetch an access token using a refresh token.
I've been following along with the Microsoft Graph Documentation for refreshing an access token but I can not get it to work.
I don't understand what I could be doing wrong or even how to go about debugging this. Could it have anything to do with the redirect uri that is set in azure console?
As,i can see you are got "invalid_grant" error , please try a new request to the /authorize endpoint and verify that the code_verifier parameter was correct.
Please
Reference doc- https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow#error-codes-for-token-endpoint-errors
Related
I am trying to use GA4 API (with Google Python Client & Google Analytics Data Python Client) of Google with the Credentials authentication:
credentials = Credentials(
token=config['access_token'],
refresh_token=config['refresh_token'],
client_id=config['client_id'],
client_secret=config['client_secret'],
token_uri="https://accounts.google.com/o/oauth2/token",
scopes=['https://www.googleapis.com/auth/analytics.readonly']
)
This is working when my access token is not expired. However, this access token is expiring after 1 hour and I want to refresh it via following method:
credentials.refresh(google.auth.transport.requests.Request())
However, this code is returning "invalid_grant" error.
For that problem, I checked almost everything suggested (i.e. system clock/ntp, user permissions, etc.) however I couldn't fix the problem.
Also, I can't figure out about the refresh_token that I use is valid for Google Analytics 4 or not.
So, the questions are:
How can I able to solve this problem?
How can I assure that the refresh_token is valid for GA4?
If not valid, how can I refresh the refresh_token?
Is there any suggestion on the refresh of access_token, any other method or anything else?
Thanks
In my case, the solution was creating new OAuth client and generate a refresh_token for that account depend on the Google Analytics scope.
For that purpose, after I create the new client, I downloaded the client_secrets.json and run the Complete Example by Google and finally I am able to refresh the token.
I try to use the RGA Package (https://github.com/artemklevtsov/RGA) to get Data from Google Analytics core API.
authorize(
client.id=options()$apiSecrets$id,
client.secret=options()$apiSecrets$clientSecret,
cache=paste(getwd(),"daToken",sep="/")
)
So the cache is set to something like /User/foo/bar/daToken. I can see the file and everything works just right, I can access the data for now. After 30-60 minutes however the token expires it seems. Now on a new attempt there will be the error message Error : client error: (401) Unauthorized Auth error: Invalid Credentials
Why is the token not working any more? How to setup a longer live time? Plus: why is there an error and why does RGA don't try to get a new token?
Please read Google Oauth 2.0 documentation properly.
Access Token has lifetime of only 3600 seconds. After that you have to use Refresh Token to get new Access Token.
I have not used RGA package but I am sure there must be some mechanism to validate and refresh the Access Token.
As per the querybuilder
My API URI looks:
https://www.googleapis.com/analytics/v3/data/ga?ids=ga:12134345&
start-date=30daysAgo
&end-date=yesterday&
metrics=ga:pageviews,ga:pageValue,ga:entrances&
dimensions=ga:pagePath,ga:daysSinceLastSession,ga:sessionCount,ga%3
Abrowser,ga:city&filters=ga:pagePath==/home
But when i execute in my domain, it throws error as login
required. So for that i also passed API-KEY as &key="****" to the
above url. But still no success. Still i get the same error
Am i missing something? Can i embed this results to embed-api in charts
The api key is different from the access token. If you use the Query Explorer you can check a box in the report to include the access token in the query URI, which will allow you to just paste it into your browser's address bar (note: access tokens expire after an hour).
If you want to learn how to get an access token programmatically, you should check out the OAuth 2.0 section of the Google Developers site:
https://developers.google.com/identity/protocols/OAuth2
I am working on a WordPress plugin that requires the use of OAuth 2. So far I've included the necessary OAuth files in an include folder in my plugin, put in the ClientId, ClientSecret I've obtained, and was able to authorize the app. After I authorized the app I received a callback code that I am supposed to use to get the token I assume. I put that code in my plugin, refreshed the page, and saw the information that is supposed to be outputted. When I go to a different page, it tells me that I am not authorized to view the information because the access token may be missing. So essentially it feels like the code that is sent to retrieve the token is only able to be used once. Do I need to store the token somehow? Any suggestions would be greatly appreciated.
In OAuth2 three-pass procedure the auth_code must be used only to obtain the access token
invoking a specific URL of the authentication server. The access token obtained can be used to access the pages later, as long as it is valid.
Getting this as the response:
{"error":"unauthorized_client","error_description":"the client is not authorized"}
In the final step of OAuth 2.0 to use LinkedIn APIs. Couldn't get any material regarding this, so could anyone please help me with this ?
I am calling it as POST method too.
I was getting this error when I was not passing the correct value in the client_secret value in the POST to retrieve the access_token.
Once I passed in the correct value (BTW, linked calls this parameter as Secret Key on the developer console), this started working for me.