Forum Discussion

vishwajeet_hol's avatar
vishwajeet_hol
Expert
11 years ago

Oauth 2.0 : facing issue to get authorization code

Hi,   I am trying to implement Oauth 2.0 authorization. I am not familier with it. I have referred below link on lithosphere : http://community.lithium.com/t5/Community-API-v2/OAuth-2-0-authoriza...
fuenteso's avatar
fuenteso
Leader
9 years ago

Hi rajpi,

 

Not exactly. I don't remember the details, but I think I was trying to get the token to do some editing actions on community, but I was using a component and I belive that was the issue. I was told the call has to come from a back-end evironment (can't use an endpoint either).

 

So I ended up building the component in a way where I have to manually log in to the community before using it.

rajpi's avatar
rajpi
Adept
9 years ago

Hi fuenteso

 

I got the Oauth issue resolved, error was with appropriate permissions on the account and also some extra characters that went in the client id. Here is how I solved this issue, this may be useful to someone.

 

  1. Log into community and then run the following call in your browser (be sure to add the URL encoded client ID and you can leave the redirect uri as is):
  2. Get Authorization Code:
    GET
    https://<communityname_withouthttps>/auth/oauth2/authorize?client_id=<urlencodedclient_id>&response_type=code&redirect_uri=<exact_callbackuri_with_https_nothingextra>
  3. You should receive an authorization code that can be leveraged to obtain the access & refresh tokens
  4. https://api.lithium.com/auth/v1/accessToken
    Header:
    Content-Type : application/json
    client_id : <client_id_without_encoding>  Body ==> JSON(application/json)
    {
    "client_id":"<client_id>",
    "client_secret":"<client_secret>",
    "grant_type":"authorization_code",
    "redirect_uri":"<redirect_url>",
    "code":"<AuthCode>"
    }

Thanks

Raj

  • shravani's avatar
    shravani
    Guide
    9 years ago

    What are the appropriate permissions required?

    I am getting the following response

    {
    "status": "Unauthorized",
    "message": "client-id header or client_id query parameter is not authorized. Set your header to the value of your clientId or URL encode it to set as query param",
    "statusCode": 401
    }

     

  • rajpi's avatar
    rajpi
    Adept
    9 years ago

    Hi shravani

     

    1. Check to see if you are in Rest-Api role --> This was done by admin/support for me.

    2. Check to see if you are passing in client-id correctly in header (No encoding)

     

    Let me know if this helped :)

     

    Thanks

    Raj

  • shravani's avatar
    shravani
    Guide
    9 years ago

    Hi rajpi

     

    Thanks for helping.

    I have tried it but it is still not working:smileysad:.

     

  • darmlin's avatar
    darmlin
    Contributor
    9 years ago

    shravani Did you ever get around your 401? 

     

    I'm getting the following on a newly generated authorization code:  {"response":{"httpCode":401,"message":"Unauthorized","status":"Authorization code is NOT authorized"}

     

     rajpi I think it's happy with my client-id etc. as if I tweak those I get a different error.  My user has both Make REST API calls that read and modify data from the community marked as Enabled. 

      {"response":{"httpCode":401,"message":"Unauthorized","status":"Authorization code is NOT authorized"}

     

    Any help greatly appreciated!

     

  • rajpi's avatar
    rajpi
    Adept
    9 years ago
    darmlin Check your callback url, encodings in your request
  • darmlin's avatar
    darmlin
    Contributor
    9 years ago

    Thanks rajpi

     

    I'm using the same redirect-uri as I do to obtain the authorization code.  When I tweak it intentionally to something invalid I receive (leading me to believe unchanged it may be valid):

    "response":{"httpCode":400,"message":"Bad Request","status":"client_id + client_secret + redirect_uri is NOT not valid"}}

     

    I've checked/tried encoding/decoding the authorization code and other values with the same result (and generated new fresh authorization codes) and get this response: 

     

    {"response":{"httpCode":401,"message":"Unauthorized","status":"Authorization code is NOT authorized"}}

     

    Double checking permissions again.

     

    I'm testing from curl and python/urrlib2 with the same result.

     

    Thanks for the help

     

     

  • tealiumjustin's avatar
    tealiumjustin
    Expert
    9 years ago

    Does this work with SSO?

     

    I'm also trying to authorize a back-end API following the directions here, under the heading "Using the authorization grant flow via a back-end API call":

    https://community.lithium.com/t5/Developer-Documentation/bd-p/dev-doc-portal?section=oauth2

     

    We use SSO for access to our community. I can't figure out how to get the authorization code. And, as previous replies have shown, the /auth/v1/accessToken request only returns a "400 Bad Request" with this body:

     

     

    {
    "response": {
        "httpCode":400,
        "message":"Bad Request",
        "status":"client_id + client_secret + redirect_uri is NOT not valid"
    }
}