Hi, I am trying to implement Oauth 2.0 authorization. I am not familier with it.I have referred below link on lithosphere :http://community.lithium.com/t5/Community-API-v2/OAuth-2-0-authorization-grant-flow/ta-p/138402 Done POST call through 'poster'(add on) on Firefox using following details :URL : https://<community_url>/auth/oauth2/authorizeclient_id=<client_ID_of_community>response_type=coderedirect_uri=https://<community_url>/getaccesstoken But facing issue to get authorization code, which is very first step of OAuth 2.0 authorization grant flow.Am I going in right way ?I have confusion about 'redirect_uri' parameter. What it should be ? Let me know if you have any suggetion for the same.Thank you in advance. Regards,Vishwajeet.

Did you ever find out how to make the call? I'm having the same issue and it is so frustrating :(

Hi , Looks like Lithium oAuth 2.0 code authorization service is broken, I am trying to enable backend api flow. And after logging in I am being redirected to the redirect uri, I looked at the Uri redirect that i got back, and it does not have authorization code. https://<Community_Url_without_https>/t5/oauth/2userauthorizationpage?response_type=code&client_id=<client_id>&redirect_uri=<Community_Url_without_https> 1. I am authorized inside my network and SSO enabled with my AD network. ==> I am not an admin, I have client_id, secret and tenant id for oauth work flow.2. I explicitly signed of and signed in several times but it does not make any difference here I appreciate if some one can take a quick peek, and send me a private message, as this looks to be a blocker for many to onboard a backend api flow. ThanksRaj

Hi rajpi, Not exactly. I don't remember the details, but I think I was trying to get the token to do some editing actions on community, but I was using a component and I belive that was the issue. I was told the call has to come from a back-end evironment (can't use an endpoint either). So I ended up building the component in a way where I have to manually log in to the community before using it.

Hi fuenteso I got the Oauth issue resolved, error was with appropriate permissions on the account and also some extra characters that went in the client id. Here is how I solved this issue, this may be useful to someone. Log into community and then run the following call in your browser (be sure to add the URL encoded client ID and you can leave the redirect uri as is):Get Authorization Code:GEThttps://<communityname_withouthttps>/auth/oauth2/authorize?client_id=<urlencodedclient_id>&response_type=code&redirect_uri=<exact_callbackuri_with_https_nothingextra>You should receive an authorization code that can be leveraged to obtain the access & refresh tokenshttps://api.lithium.com/auth/v1/accessTokenHeader:Content-Type : application/jsonclient_id : <client_id_without_encoding> Body ==> JSON(application/json){"client_id":"<client_id>","client_secret":"<client_secret>","grant_type":"authorization_code","redirect_uri":"<redirect_url>","code":"<AuthCode>"}ThanksRaj

Hey Vishwajeet What community are you trying this for? The redirect_url would have been defined for your community when the client id was set up. If you didn't provide us with one when requesting your client id and secret, normally we would have just used your base community url, but I can check this for you. Thanks Noaman

Oauth 2.0 : facing issue to get authorization code

24 Replies

rajpi
Adept
8 years ago
darmlin Check your callback url, encodings in your request
darmlin
Contributor
8 years ago
Thanks rajpi

I'm using the same redirect-uri as I do to obtain the authorization code. When I tweak it intentionally to something invalid I receive (leading me to believe unchanged it may be valid):
"response":{"httpCode":400,"message":"Bad Request","status":"client_id + client_secret + redirect_uri is NOT not valid"}}

I've checked/tried encoding/decoding the authorization code and other values with the same result (and generated new fresh authorization codes) and get this response:

{"response":{"httpCode":401,"message":"Unauthorized","status":"Authorization code is NOT authorized"}}

Double checking permissions again.

I'm testing from curl and python/urrlib2 with the same result.

Thanks for the help
tealiumjustin
Expert
8 years ago
Does this work with SSO?

I'm also trying to authorize a back-end API following the directions here, under the heading "Using the authorization grant flow via a back-end API call":
https://community.lithium.com/t5/Developer-Documentation/bd-p/dev-doc-portal?section=oauth2

We use SSO for access to our community. I can't figure out how to get the authorization code. And, as previous replies have shown, the /auth/v1/accessToken request only returns a "400 Bad Request" with this body:

{ "response": { "httpCode":400, "message":"Bad Request", "status":"client_id + client_secret + redirect_uri is NOT not valid" } }
robertcavanna
Mentor
8 years ago
I've been struggling with this error for a couple of weeks. I was finally able to get a code. The trick was making sure that the Client ID was URL encoded. The redirect_uri must NOT be encoded. Once I did that, the response has the code I was looking for in the URL. This conflicts with the developer documentation which shows an un-encoded client ID and an encoded return_uri.

https://community.lithium.com/t5/Developer-Documentation/bd-p/dev-doc-portal?section=oauth2

Forum Discussion

Oauth 2.0 : facing issue to get authorization code

24 Replies

Related Content

Aurora OpenID Connect/OAuth 2.0 setting descriptions

OAuth in python

Facing issues Downloading a file with third party API

Aurora: Add co-authors to blog posts

Aurora: Remove co-authors from blog posts

Recent Discussions

How to fetch all labels associated with TkbArticlePage and count how many times each label is used

In Aurora, add additional <script> and <meta> tags

Setup content filter for arabic language

24.10 API change breaks navigation

How to create/subscribe the Webhook in Aurora