Oauth 2.0 : facing issue to get authorization code

Hi fuenteso

I got the Oauth issue resolved, error was with appropriate permissions on the account and also some extra characters that went in the client id. Here is how I solved this issue, this may be useful to someone.

1. Log into community and then run the following call in your browser (be sure to add the URL encoded client ID and you can leave the redirect uri as is):
2. Get Authorization Code:
   GET
   https://<communityname_withouthttps>/auth/oauth2/authorize?client_id=<urlencodedclient_id>&response_type=code&redirect_uri=<exact_callbackuri_with_https_nothingextra>
3. You should receive an authorization code that can be leveraged to obtain the access & refresh tokens
4. https://api.lithium.com/auth/v1/accessToken
   Header:
   Content-Type : application/json
   client_id : <client_id_without_encoding>  Body ==> JSON(application/json)
   {
   

   "client_id":"<client_id>",
   "client_secret":"<client_secret>",
   "grant_type":"authorization_code",
   "redirect_uri":"<redirect_url>",
   "code":"<AuthCode>"

   }

Thanks

Raj

What are the appropriate permissions required?

I am getting the following response

{
"status": "Unauthorized",
"message": "client-id header or client_id query parameter is not authorized. Set your header to the value of your clientId or URL encode it to set as query param",
"statusCode": 401
}

Hi shravani

1. Check to see if you are in Rest-Api role --> This was done by admin/support for me.

2. Check to see if you are passing in client-id correctly in header (No encoding)

Let me know if this helped :)

Thanks

Raj

. 

Hi rajpi

Thanks for helping.

I have tried it but it is still not working:smileysad:.

shravani Did you ever get around your 401? 

I'm getting the following on a newly generated authorization code:  {"response":{"httpCode":401,"message":"Unauthorized","status":"Authorization code is NOT authorized"}

 rajpi I think it's happy with my client-id etc. as if I tweak those I get a different error.  My user has both Make REST API calls that read and modify data from the community marked as Enabled. 

  {"response":{"httpCode":401,"message":"Unauthorized","status":"Authorization code is NOT authorized"}

Any help greatly appreciated!

Thanks rajpi

I'm using the same redirect-uri as I do to obtain the authorization code.  When I tweak it intentionally to something invalid I receive (leading me to believe unchanged it may be valid):

"response":{"httpCode":400,"message":"Bad Request","status":"client_id + client_secret + redirect_uri is NOT not valid"}}

I've checked/tried encoding/decoding the authorization code and other values with the same result (and generated new fresh authorization codes) and get this response: 

{"response":{"httpCode":401,"message":"Unauthorized","status":"Authorization code is NOT authorized"}}

Double checking permissions again.

I'm testing from curl and python/urrlib2 with the same result.

Thanks for the help

Does this work with SSO?

I'm also trying to authorize a back-end API following the directions here, under the heading "Using the authorization grant flow via a back-end API call":

https://community.lithium.com/t5/Developer-Documentation/bd-p/dev-doc-portal?section=oauth2

We use SSO for access to our community. I can't figure out how to get the authorization code. And, as previous replies have shown, the /auth/v1/accessToken request only returns a "400 Bad Request" with this body:

{
    "response": {
        "httpCode":400,
        "message":"Bad Request",
        "status":"client_id + client_secret + redirect_uri is NOT not valid"
    }
}