I wanted to create a simple Instagram access token generator that can be used by any user. Something like this:
http://instagram.pixelunion.net/
Now I am able to create a simple access token generator like that using some cURL in php and this
https://www.instagram.com/developer/authentication/
Though the issue is, this access token generator works for the user whose app credentials are used in php and who are included as sandbox user to this client, for all other users it is showing this.
{"code": 403, "error_type": "OAuthForbiddenException", "error_message": "You are not a sandbox user of this client"}
Can anyone say what should I do for a generic access token generator
Screenshot of my app:
Looks like you are not a sandbox user, thats the reason it is failing, use the account used to create developer account to login and that should work.
The example website you have posted is reviewed and live, so any user can login. You are in sandbox mode.
ok, I am able to achieve what I desired.
The reason for it was the app needed to be submitted for review. Though at first it got rejected, as it requires a video url showing what this app really want to achieve and how it is doing that. So, I created a video corresponding to all work and submitted again, it got approved and finally the code work as expected.
Here is an output of that:
http://webkul.com/instatoken/
If anyone feels to ask anything about it, they can ask it here.
I have used following use case for permission review:
Related
I'm very new to auth0 and authenticating and facing a problem for two days with authenticating a user to our api. How i understand to get an access token is:
A user click on a sign in button on our app.
The user will be redirected to the auth0 hosted login screen.
When the user has correctly signed in on any social platform or registered account then the user will be redirected to my call back URL.
When the user is on the callback url then the user will receive an access token.
Please correct me if im wrong. Now i left out with a few questions.
Im using laravel with auth0 and used the example files of the page: Auth0 Laravel quicktart. So the login is working but when i vardump the user, i get all the user's info but my accessToken is null.
But when i save the accessToken in a session on the callback url, the accessToken look like this: tha63vkb0nnbr6vc. Isnt the length way too short for an access token? I don't understand why i get null when i dump the user but on a callback url it show a short length of string.
Maybe i got it totally wrong and this isnt the access token to use it for my api. On the other note, when i try to receive a token with postman i get an error: "error_description": "Invalid authorization code". my postman look like this: Screenshot of my postman. The code value ive sent is Crk_ri8mKcKX7IcX (the red bordered string in the image).
The value is the code parameter i took from the redirect url. And my redirect url look like this: example.com/public/callback?code=Crk_ri8mKcKX7IcX&state=5-ym0uFBxpiiBqcK_ivb2QIYxsIzAEMX#. Is this the right way to do it? i did exactly how it was indicated in the Auth0 Authorization Code API] at the auth0 athorization token api but it still doesnt work.
Maybe i get this error because the user already authorized so i cant do it twice but if so, why is my access token so short and it doenst work?
I'm very new to this so please excuse me if i got it all wrong. Also my post is maybe to long to put my codes in here but my codes is exactly the same as the aformentoined Auth0 Laravel quicktart example
I would really appreciate it if someone can help me ive been struggling for 2 days now.
Thanks alot for taking your time and reading my post!!
I've been working on this for 3 days now, trying various methods, hunting through the gmail api docs and stackoverflow, but I'm still not sure if it's even possible.
I'm trying to send email with the gmail api in a cron-style process. (not literally cron, but similar). So there is no user interaction.
I set up credentials on the https://console.developers.google.com/apis/credentials page, but when I try to use it, I get errors. I also ran the quickstart.php from https://developers.google.com/gmail/api/quickstart/php#step_2_install_the_google_client_library but that seems that the credentials it creates expire after 3600 seconds. I'm also not even sure how to use those as it doesn't have similar keys as the other credential file.
And then I saw on the credentials page, if you try to create a new set of credentials for the gmail api, for a cron-job, it won't let you. It simply says "User data cannot be accessed from a platform without a UI because it requires user interaction for sign-in."
My question is, is it even possibly to run a cron job to send email with the gmail api without building my own classes that implement curl to read and scrape web pages?
Edit: I appreciate everyone's help but I'm just looking to see if anyone has actually done it. So far, no one's admitting it. I've looked at the service level credentials. I've looked at the user level credentials. I've tried the quick-start. The quick start works, but even using the result immediately to send an email fails with a login failure.
I've read the documentation about refreshing the key as well.
It just seems to me that google has made so much available to the api that they may have forgotten doing anything without user interaction. Hey, I get it. Trying to write for everything is complicated. I'm not complaining. I'm seriously only asking if anyone can even actually use gmail for this.
You can request an offline access the first time the user logs in and refresh it when the access token expires. You have to ask the user to login the first time though.
First, before generating the login url, you need to set the access type to 'offline'. To do that, add the following line of code before calling $this->client->createAuthUrl().
$this->client->setAccessType($accessType);
That will prompt the user for offline access the first time they're authenticating. Then, in your callback function, you should authenticate the user based on the received code and get the refresh token:
$this->client->authenticate($code);
$tokens = $this->client->getAccessToken();
$refresh_token = $tokens->refresh_token;
Save the refresh_token in your database and you will be able to create new access token every time it expires. You do that with the following code:
$this->client->refreshToken($refreshToken);
Note: This answer is based on Google's PHP SDK and the client is their client object. I created a wrapper for their API that you might find useful and easier for implementation. You can check it here, it has most of the functions covered.
I don't know the the Gmail API specifically but if you are using oAuth to get the credentials there is usually a refresh token that you can use to renew your credentials (basically get a new set) programmaticly. You can read more about it here.
Edit:
You need the UI the first time you get the token information. This can be done by a button in the settings or something that stores the returned info in a permanent place like a database. Then for the 'cron' type calls you reference the access token or if expired use the refresh token to get a new access token.
Evening saw this issue was mentioned and double support multiple Okay, maybe this is something easy for many people, but I'm having trouble with, and keep getting this error repeatedly.
I think the problem in part: App Review. publish_actions but I do not know what to do for it to be accepted. Full declared then.
Without Review, most permissions only work for users with a role in the App. Try with your App Admin and it should work. Make sure you add the permissions you need in the "scope" parameter, and read about Login Review: https://developers.facebook.com/docs/facebook-login/review
HereĀ“s an example of a login flow with the JavaScript SDK, take a look at the "scope" parameter: http://www.devils-heaven.com/facebook-javascript-sdk-login/
while creating the app in facebook we app an appid and app key give that and in setting add publish action in permissions.
Basically, I'd like my users to be able to register and log into my site using their Soundcloud accounts (much like Google or Facebook).
But I'm following the login flow from their docs (http://developers.soundcloud.com/docs#authentication), and I understand how to redirect them to the Soundcloud connect screen to authorize my app. And from that, I get a code that I can exchange for an access token. But after that the docs state this:
You should now store the access token in a database. Associate it with
the user it belongs to and use it from now on instead of sending the
user through the authorization flow.
So they're assuming that I already have registered users who then connect to Soundcloud through some other function of my app. But what I want, is for them to be able to create their account from their Soundcloud user info. I think this is initally possible, but when they return to log in again, I need that access token to identify them. But I can't get that access token without sending them through the auth flow again.
I'm guessing what I want to do can't be done, but it's also possible I'm overlooking something. Any help would be appreciated!
I've done this with IMGUR OAuth2 API. After you get the access token, make a new request to their /me endpoint. This way, you'll have the SoundCloud id for that particular user. Now you can check if you already saved this user in your database. If you have, just save the new token to make sure this user has granted your app access to their SoundCloud. I'm not sure if I were clear enough. Let me know if you need any further help .
I am incorporating facebook login into a website I am creating.
Once the user is logged in through facebook, what code is needed to access the users email, name, telephone number, etc?
I have my own system where they log in to the website and the code I have written allows me to check their information.
I am going to allow both methods of use and need to know how to get access to the code that pulls the user data from facebook once allowed by the end user.
Thanks!
Check the facebook documentation, it's very well documentated. They use data graphs. You can search up about OAuth too.
The code for each of the things you mentioned is a little complicated to be explained here, but basically you need to work with access tokens and the permission the user gives you.
Links for how this works here and an example with basic permissions would be this.