I am trying to access HERE API example with JetBrains with HTTP files. When I write request this way
GET https://discover.search.hereapi.com/v1/discover?at=52.5228,13.4124&q=petrol+station&limit=5
Authorization: Bearer {{API_KEY}}
I am getting an error
{
"error": "Unauthorized",
"error_description": "Token Validation Failure - unrecognized kid null"
}
And while I am accessing with
GET https://discover.search.hereapi.com/v1/discover?apiKey={{API_KEY}}&at=52.5228,13.4124&q=petrol+station&limit=5
I am getting a normal answer.
Why? Is it just wrong documentation?
Please use your bearer token generated from OAUTH, you can check this post to generate the bearer token from postman or with Python.
https://discover.search.hereapi.com/v1/discover?at=52.5228,13.4124&q=petrol+station&limit=5
Authorization: Bearer {Use your Bearer access token}
When you use "Authorization: Bearer" method don't use API_KEY, but YOUR_TOKEN that you get from OAUTH, more info in documentation https://developer.here.com/documentation/authentication/dev_guide/topics/request-constructing.html
Related
I want to get a list of courses from an audience by HTTP request, I have set the required areas in the project in Google Cloud, but I still get an error when I try to get the courses.
P.S - Please do not offer me documentation and libraries, do not try to convince me, I just need an HTTP request.
{
"error": {
"code": 403,
"message": "Request had insufficient authentication scopes.",
"status": "PERMISSION_DENIED",
"details": [{
"#type": "type.googleapis.com/google.rpc.ErrorInfo",
"reason": "ACCESS_TOKEN_SCOPE_INSUFFICIENT",
"domain": "googleapis.com",
"metadata": {
"method": "google.classroom.v1.Courses.ListCourses",
"service": "classroom.googleapis.com"
}
}]
}
}
I tried adding ?scope=https://www.googleapis.com/auth/classroom.courses.readonly to the end of the link
Here is the request template
curl \
'https://classroom.googleapis.com/v1/courses?key=[YOUR_API_KEY]' \
--header 'Authorization: Bearer [YOUR_ACCESS_TOKEN]' \
--header 'Accept: application/json' \
--compressed
Im going to assume that you are using courses list method
The call should look something like this in raw HTTP Request
GET https://classroom.googleapis.com/v1/courses HTTP/1.1
Authorization: Bearer [YOUR_ACCESS_TOKEN]
Accept: application/json
The access token ([YOUR_ACCESS_TOKEN]) you are sending must be authorized with the proper scope. If you check the documentation page for the method you are using you will see that you should have authorized the user with one of these scopes
So in your case the error Request had insufficient authentication scopes. means that when you requested authorization you did not request one of the scopes above. There for your access token has insufficient authorization scopes to make the request.
The solution is to reauthorize your user with one of the scopes required by the method in question.
You can read more about how to request authorization and what scopes are in the Using OAuth 2.0 to Access Google APIs documentation page.
Hint: Your very first in the oauth2 flow contains the scope.
https://accounts.google.com/o/oauth2/v2/auth?scope=https://www.googleapis.com/auth/classroom.courses&response_type=code&redirect_uri=http%3A//127.0.0.1%3A9004&client_id=client_id
This video may help you understand scopes Understanding Google OAuth 2.0 with curl since you appear to be using curl and not just raw HTTP calls.
I'm trying to get information about a bot using the bot token, like the way to get user, passing on the header Authorization: Bearer ${userToken}. I'm sending a request to the route GET https://discord.com/api/oauth2/applications/#me passing on the header Authorization: Bearer ${botToken}, and the response is 401. But if I send a request to the route GET https://discord.com/api/oauth2/users/#me with my token in the header, I got my data. I don't have sure if the bot token can be used for this, I check on the docs, and I found this https://discord.com/developers/docs/topics/oauth2#get-current-application-information, but I don't understand what I need to pass in the header to get the data.
Yes, and you're very close to the correct solution.
The issue is with the "Authorization" header, instead of "Bearer" you should use "Bot" when using a token for a bot user.
In your case the header should be:
Authorization: Bot ${botToken}
CURL example:
curl --location --request GET 'https://discord.com/api/oauth2/applications/#me' \
--header 'Authorization: Bot <BOT TOKEN HERE>'
Regarding the question about "https://discord.com/api/oauth2/users/#me", try using "https://discord.com/api/users/#me" instead.
I have to access a private API (one of Air France flight company's API), and in order to use any of their API, I need an access token.
So in their guide, they say we need to use this cURL to get the token :
$ curl https://www.klm.com/oauthcust/oauth/token -d 'grant_type=client_credentials' -u fakeKey:fakeSecret
TERMINAL
When I execute this cURL in my terminal, and replace the fakeKey and fakeSecret (which I can't give you here unfortunately) by my own, it's working well and I got this answer (with a proper token in place of :
{
"access_token": <TOKEN>,
"token_type":"bearer",
"expires_in":3600
}
POSTMAN
When I do it in Postman, here is what I fill :
URL:
POST: https://www.klm.com/oauthcust/oauth/token
Authorization:
type: Basic Auth
Username: my secret Username
Password: my secret password
Headers:
Authorization: automatically generated from my username and password
Content-Type: application/x-www-form-urlencoded
Body
checked x-www-form-urlencoded
grant_type: client_credentials
That's all, and when I click on SEND, I got my answer and my token.
FETCH / AXIOS / HTTPRequest
So as I am not so good yet in fetching data, I used https://kigiri.github.io/fetch/ to translate from my cURL to a fetch JS method. It return me this code :
fetch("https://www.klm.com/oauthcust/oauth/token", {
body: "grant_type=client_credentials",
headers: {
Authorization: "Basic <HASH_COMPILED_FROM_USERNAME_PASSWORD>",
"Content-Type": "application/x-www-form-urlencoded"
},
method: "POST"
})
The <HASH_COMPILED_FROM_USERNAME_PASSWORD> is exactly the same as the one Postman compiled.
So this fetch seems OK for me, however on Chrome it returns a Response for preflight has invalid HTTP status code 503.
Opera is returning me Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin <MY_WEBSITE> is therefore not allowed access. The response had HTTP status code 503.
However it seems weird that the mistake come from their site, I think it's more something that I missed in my fetch request. Do you have an idea ?
Thanks !
Well, the answer finally has been : the request must come from a back-end, otherwise the response won't have anything inside it (or error 503). Thanks #sideshowbarker to your well explaining comments !
I am getting 400 error message as shown in image below, when I try out the Translation API using Try it out link http://docs.microsofttranslator.com/text-translate.html
I am using the Access Key generated from Azure Portal for Cognitive Services Free trial.
MS Azure Portal Link
I have read on MS support blogs and I tried all the suggestions mentioned in them. But everytime, I get the 400 Status error as shown below.
Can someone please help me to resolve this issue??
You need to get an access token first (docs here) by doing a POST request:
curl --header 'Ocp-Apim-Subscription-Key: <YOUR-API-KEY>' --data "" 'https://api.cognitive.microsoft.com/sts/v1.0/issueToken'
And then use that token in the Authorization header. (appId has been deprecated).
curl -X GET --header 'Accept: application/xml' --header 'Authorization: Bearer <YOUR-TOKEN>' 'https://api.microsofttranslator.com/v2/http.svc/Translate?&text=this%20is%20my%20name&from=en&to=af'
You can use Microsoft Translator API in 2 ways (see the docs):
in 1 step: invoke (GET) https://api.microsofttranslator.com/V2/Http.svc/Translate?text=Neoliberismo&from=it&to=en, passing Ocp-Apim-Subscription-Key: your_subscription_key as request header
in 2 steps, with OAuth:
invoke (POST) https://api.cognitive.microsoft.com/sts/v1.0/issueToken, passing Subscription-Key=your_subscription_key as query parameter or better passing Ocp-Apim-Subscription-Key: your_subscription_key as request header
you'll get a token that expires after 10 minutes
invoke (GET) https://api.microsofttranslator.com/V2/Http.svc/Translate?text=Neoliberismo&from=it&to=en, passing Authorization: Bearer the_token as request header
We are using Apigee Platform to host our api's. Our Api Proxy in Apigee is configured to use Oauth 2.0 client_credentials and implicit grant types.
We are creating Console To Go to provide testing console for our API's to developers and Configured the console to use Oauth 2.0 Implicit Grant Flow.
When we test the actual calls, we always get 401 from Apigee. Here is the response
HTTP/1.1 401 API is secure. Needs security Credentials
WWW-Authenticate:
Bearer realm="null",error='invalid_token",error_description='oauth.v2.InvalidAccessToken: Invalid access token"
Content-Length:101
Content-Type:application/json
{
"fault": {
"faultstring": "Invalid access token",
"detail": {
"errorcode": "oauth.v2.InvalidAccessToken"
}
}
}
Actual Request that was sent to our API was:
GET /whodini/v1/discovery?email=puneet%40whodini.com HTTP/1.1
Authorization: OAuth M********N (Masked for security)
Host: whodiniinc-test.apigee.net
X-Target-URI: http://whodiniinc-test.apigee.net
Connection:
Keep-Alive
ValidateAccessToken policy of Apigee looks for token value in Authorization: Bearer {token} header and my suspicion is it fails with 401 because actual request made by Console to go contains Authorization: Oauth {token}.
Is there any way to
1. Control Authorization header value while using Oauth Implicit Grant Flow so that while making API calls Console to go uses Authorization: Bearer M********N instead of Authorization: OAuth M********N
Add a rule in the ValidateAccessToken policy of Apigee Proxy to that it interprets Authorization: OAuth M********N (Masked for security)
Please follow the below steps to resolve your issue:
Go to https://apigee.com/togo
Login
Select OAuth 2.0 Implicit Grant Flow (User Agent)
Select 'Draft Version' as '14 or later'
Click 'Save Credentials' button
Hope this helps. Please let me know if you have any further questions.
Thanks,
Archendra