https://graph.microsoft.com/v1.0/users/userID/
And I get the correct response
https://graph.microsoft.com/v1.0/usersuserid/photo/$value/
And I get user resource can't be discovered
I have added Directory.Read.All, Group.Read.All, User.Read, User.ReadBasic.All permissions to the application.
Am I missing something? thx
Related
How can I request more claims from the AzureAd server to populate my ASPNET Core Application..?
I'm trying to get claims coming through with AzureAd.
We have extensionattribute1 to extensionattribute15 defined in our onprem, and it's being synced. Yet I can't get them when I study the Claims collection in the ClaimsPrincipal object...
I've set the OpenIdConnectOptions with GetClaimsFromUserInfoEndpoint to true
I tried changing the manifest, but when trying to do so I can't save them (getting error like´Failed to update application AspNetCoreWebApplicationWithAzureAd. Error details: Request_BadRequest´). Additionally I also have no idea or haven't found documentation on what those values are (string / bool / array of strings)
"groupMembershipClaims": null,
"optionalClaims": null,
"acceptMappedClaims": null,
I've been trying to get this working using the steps in this link: https://learn.microsoft.com/en-us/azure/active-directory/active-directory-claims-mapping. The "Example claims mapping policies" section and the comments have some useful info.
So far I've got about half the claims I've mapped to come over during a login via AzureAD. I'm working with Microsoft support to figure out why its not fully working.
If I can get it going I'll post a fuller series of steps to save someone else the pain in the future! But hopefully this gets you going in the meantime.
PS: I had to set "acceptMappedClaims" to true in the application manifest which hasn't been mentioned in any of the articles I've read.
I am trying to use the gravity forms rest api, https://www.gravityhelp.com/documentation/article/web-api/ but I receive a 401 error no matter what I try. I've tried using all the methods listed in the documentation and in Steven Henty's article, https://www.stevenhenty.com/gravity-forms-api/ but it doesn't seem to work.
If I am logged into a wordpress site as administrator should I not be able to use a link like:
http://mydomain/gravityformsapi/forms/
Thank you for any suggestions.
For mine case it was that I haven't clicked the update button "Web API" Tab.
Make sure you click update button , although it does show the API Key's but still you have to click update button to enable API.
I was getting the same thing due to some weirdness about the route endpoint. When calculating the signature you don't use a trailing slash on the route: forms/1.
But you do use a trailing slash in the URL (otherwise I got a 301 Moved Permanently):
http://demo.gravityforms.com/gravityformsapi/the_route/?api_key...
It looks odd to have /?api_key... but that is what works for me.
Here's the ruby example I was using with the demo credentials:
GravityFormsAPI.generate_URL(site: 'demo.gravityforms.com', route: 'forms/1', public_api_key: '5b225f8382', private_api_key: 'fc6d1bc71d2ebfc')
Hope this helps.
Sometimes i received intermittent 401 error after a lot of research i find this article
Azure DocumentDB Intermittent 401 error when querying REST API via Obj-c
If the signature contains + sign i received 401 error
Maybe that help other person
Sorry for my english writing
Based on the solution here I'm posting this answer.Imagine you have created the URL and it didn't work and you got 401. Then after a little time you realized the error that Opps! The parameters I was passing needed a bracket and you run the code again and you again got 401.
Why is that?
This is because the parameters which are apiKey, Signature and Expire time are the same and you only changed the other parameters with your GET request. However these three parameters are used to authenticate the user so that means the old signature which was generated to deny the permission will deny it again no matter what.
So to fix that I just changed the expire time from 1577922200 to 1577933200. I could've changed it to anything but the thing is I just need to give something new so that a new signature can be generated. So when I changed it started working.
OTHER POSSIBLE REASONWhile making the signature using SHA1 you use NSString *string_to_sign = [NSString stringWithFormat:#"%#:%#:%#:%#",api_key,http_method,route,expires];
as per the documentation. But in order to make CCHmac you have to pass it two things:
Key
Data
and based on the link it is created as
const char *cKey = [api_private_key cStringUsingEncoding:NSASCIIStringEncoding];
const char *cData = [string_to_sign cStringUsingEncoding:NSASCIIStringEncoding];
So what I was mistaking is that I was using API Key in cKey instead of API Private Key. So I change it as per tutorial said and it worked. Otherwise I was getting 401 not matter what I try.
for HERE REST api I have registered app_id and app_key and appended them in url but it is giving me this "error"Unauthorized","error_description":"Unauthorized. The request is not from an authorized source "
Also, the FAQs page mentions the following:
How do I generate an app_id and app_code for my application?
To generate an app_id and app_code for an application, you need to
sign in then go to https://developer.here.com/plans to select and
register for the appropriate plan.
At the final step in the registration process, an app_id and app_code
is automatically generated for your application.
Please note, it can take up to an hour for a new app_id to be whitelisted against all services.
So if you had just created your credentials when you got this error, you may want to try again.
Looking back at the error I received when I attempted to access the API, however, I got the following response:
{"details":"invalid credentials for I5zJljd5cZyOx5SyROKT","additionalData":[],"type":"PermissionError","subtype":"InvalidCredentials"}
So it may be that Jason's comment above is more appropriate but I'll leave this answer for other users who may come searching after creating new credentials.
A good way to check your credentials would be to make a valid URL call to any of the REST APIs - e.g. the Geocoder API: https://geocoder.cit.api.here.com/6.2/geocode.json?searchtext=London&app_id={YOUR_APP_ID}&app_code={YOUR_APP_CODE} - it gives an error response for an invalid pair.
As mentioned in the answer : Need separate credentials for WSE API? - you may need to request additional access for the HERE Platform extensions
selfservesupport#here.com here is the support. Describe ur problem and attach an snapshot where you get error at what request. (URL)
I'm trying to get access token of facebook client when a user logged in with asp.net's oauth template. But I couldn't acquire the access token when i tried some methods that i found on internet like;
AuthenticationResult result = OpenAuth.VerifyAuthentication("RegisterExternalLogin.aspx");
string actok = result.ExtraData["accesstoken"];
This try wasn't successfull. How can i acquire the access token?
I see noone has replied to your question even though it has been 10 days so I'll take a stab at it.
You mentioned that you are using asp.net's OAuth template. So I think you are looking at the line
AuthenticationResult result = OpenAuth.VerifyAuthentication("RegisterExternalLogin.aspx");
in the ExternalLoginCallback() action in AccountController.cs
As far as I can tell your syntax is correct. In fact also tested it out myself and it works. I guess you can try another way of accessing the same property
String myaccesstoken_value1 = result.ExtraData.Values.ToArray()[5];
That will give you the same result as result.ExtraData["accesstoken"]
If that does not work either then I would imagine that there is some problem with the authentication itself, rather than with your syntax here. I'm assuming you have VS2012 Express, so use the debugger to see what values are present in your variable 'result'. If it is empty, then it would indicate why you second statement errors out, and it would also indicate that there is a problem in the code before you get to this point.
Also keep in mind during testing that when you log into your app using OAuth providers such as Facebook, even when you log out of the website you continue to remain logged into facebook. You actually have to go to facebook.com and click logout there also (unless you write some additional code in your asp.net app to do a remote logout). I don't know if this applies to your situation, just giving you a heads up.
Please vote if this helps.
I am running dotnetopenauth 3.3.0.9283 (nightly build), it works great and it solved my previous problem ( DotNetOpenAuth get email and redirect problem )
So now I am able to get the users email from gmail only! I have tried yahoo and myspace but i always get "Object reference not set to an instance of an object." I ran the sample that came with the build, ajaxlogin.aspx and loginProgrammatic.aspx they both give me the same error message.
this is the only line i added to the sample (and also set email to required)
var email = OpenIdAjaxTextBox1.AuthenticationResponse.GetExtension<ClaimsResponse>().Email;
You've got too much code on one line.
GetExtension<T>() will return null if the Provider doesn't actually include that extension in the response. So you must always check that it returns a non-null value before dereferencing it.
You're getting null back from Yahoo because they don't support giving away their users' extra information (yet) except for a small whitelist of RPs.
I don't know about MySpace, but I suspect they just don't support it either.