We have created application in Azure active directory.Before that, I have experienced by providing same permissions in Azure directory to get access token. But I could not get it by using same application with same permissions now.
My Request is:
https://login.microsoftonline.com/common/oauth2/authorize?client_id=my_client_id&redirect_uri=https://xxx/msd1/authorize.php&response_type=code
Response
stdClass Object
(
[error] => invalid_grant
[error_description] => AADSTS65001: The user or administrator has not consented to use the application with ID 'client_id'. Send an interactive authorization request for this user and resource.
Trace ID: 6f01144c-4dc0-4911-9923-1cf134d264f0
Correlation ID: f5765d5f-7109-48a3-89f0-2729c15551c3
Timestamp: 2016-05-20 06:09:47Z
[error_codes] => Array
(
[0] => 65001
)
[timestamp] => 2016-05-20 06:09:47Z
[trace_id] => 6f01144c-4dc0-4911-9923-1cf134d264f0
[correlation_id] => f5765d5f-7109-48a3-89f0-2729c15551c3
)
Where i went wrong? Is this permission related problem?
How to get access token for this?
Maybe the account you used to register the application is not with the administrator permission or is not in the same Office 365 subscription (tenant).
We can find the requirement:
Sign in to the Microsoft Azure management portal by using an account with administrator permission. You must use an account in the same Office 365 subscription (tenant) as you intend to register the app with. You can also access the Microsoft Azure portal through the Office 365 admin center by expanding the ADMIN item in the left navigation pane and selecting Azure AD.
Please refer to App registration for CRM Online for details.
Related
I know this question has been asked for several times here but none of the solution worked for me.
Following are the steps I followed to create a service account:
Logged in to Google Play Console account.
Then navigated to Settings > API Access from the left panel.
Scrolled down to Service Accounts section and clicked on Create Service Account.
Followed the instruction mentioned on dialog opened.
While creating service account on Google API Console selected Service account Permissions as Project > Owner
Created key and downloaded in json format.
Now came back to Google Play Console and clicked on Grant Access to grant permission as Administrator.
Now I am using this service account to validate In App Purchases on server but I am getting this error:
{
"errors": [
{
"domain": "androidpublisher",
"reason": "permissionDenied",
"message": "The current user has insufficient permissions to perform the requested operation."
}
],
"code": 401,
"message": "The current user has insufficient permissions to perform the requested operation."
}
}
I am using this php lib and service account method to verify purchases.
To show google analytics reports->overview in my admin panel, I use
[Best API to display Google Analytics data in my Admin panel with Codeigniter PHP?
and download from [https://github.com/erebusnz/gapi-google-analytics-php-interface][2]
I follow all the steps
Create a Google Developers project
Create service account for this project, see instructions
Download the .p12 file for this service account, upload to the same folder as gapi.class.php
Enable 'analytics API' on the Google Developers console
In Google Analytics Administration > User Management, give the service account 'Read and Analyse' permissions on the analytics accounts you want to access
and make one file named index.php which code as follow
<?php
require 'example.account.php';
foreach($ga->getResults() as $result)
{
echo $result->getUniquePageviews();
echo $result->getPagePath();
}?>
I made change in gapi.class.php
const account_data_url =
'https://analytics.google.com/analytics/web/#embed/report-
home/a110062270w164329621p165035928/';
const report_data_url =
'https://analytics.google.com/analytics/web/#realtime/rt-
overview/a110062270w164329621p165035928/';
and in example.account.php
$ga = new gapi("eva-277#eva-ceramic.iam.gserviceaccount.com", "key.p12");
but after then it shows error
Fatal error: Uncaught exception 'Exception' with the message 'GAPI:
Failed to authenticate user. Error: "{ "error": "invalid_grant",
"error_description": "Invalid JWT: Token must be a short-lived token
(60 minutes) and in a reasonable timeframe. Check your iat and exp
values and use a clock with the skew to account for clock differences
between systems." } "' in file path....
I try above matter in localhost but in google analytics account show information correctly.
I am using Paypal API Code integration in my project. It is working fine while using Sandbox credentials. Getting error while using Live credentials. Changed Url sandbox to Live. copied exact username, password & signature by using notepad. Still i am getting the same eoor. Can you please tell me if any changes i have to do. Searched in google but not succeded.
tested in multiple servers. getting same error in both servers.
Error : Security header is not valid
Array
(
[TIMESTAMP] => 2014%2d05%2d01T21%3a22%3a22Z
[CORRELATIONID] => da5fb2a0d16b7
[ACK] => Failure
[VERSION] => 76%2e0
[BUILD] => 10800277
[L_ERRORCODE0] => 10002
[L_SHORTMESSAGE0] => Security%20error
[L_LONGMESSAGE0] => Security%20header%20is%20not%20valid
[L_SEVERITYCODE0] => Error
)
Make certain to use your Live PayPal Account Credentials and point all of your endpoints at the live PayPal Server.
User Name:
Password:
Signature:
If you attempt to use your sandbox credentials with a live endpoint you will get security header errors.
I have seen this happen simply because of the credentials not matching with the endpoint.
Here is the going live documentation from the PayPal Developer site:
Going Live PayPal API Developer Documentation
Here is a listing of PayPal Endpoints:
PayPal Endpoints
This is happening in our local web server installed using XAMPP
Steps to reproduce the issue:
Registered the account with Janrain.com
Created the app "testapp" and configured the engage application with the
providers Yahoo!, Twitter and Linked In.
Downloaded the Janrain Engage Drupal 7 module from the Janrain website
Installed this module in my local web application.
Activated the plugin and in the Janrain Drupal settings page, I entered the following details - a) Engage Server & b) API Key
After giving these details, clicked on the "Save Configuration" button. Finally, instead of the information being saved, we get the error message
"Error message Error contacting Engage. Please verify your internet connection and try again."
I tried to look in to the code, the below line was creating the issue
$lookup = RPX::lookup($api_key, $rpx_server);
Checked the "lookup" function code and found that I was able to connect with the Engage server but some problem with the response.
In this "lookup" function, we are getting the below JSON response
stdClass Object
(
[request] => POST https:// rpxnow.com /plugin/lookup_rp HTTP/1.0
Referer: http:// localhost /testapp
User-Agent: Janrain_Engage_Drupal_Module
Proxy-Authorization: Basic
Host: rpxnow.com Content-Length: 105 [data] => "" [protocol] => HTTP/1.0 [status_message] => OK [code] => 200)
9) Found that "data" facet in the JSON response was missing
Please let me know what is the solution for this issue?
This sounds like a web server configuration issue... the drupal_http_request() function is probably failing to run. There may be any number of fixes depending on what is specifically happening. More info here: https://drupal.org/node/222454
I am trying to get the WSO2 Identity Server (4.0.0) to authenticate simplesamlphp (1.10.0) sessions.
The WSO2 IS host is running # https://sim2:9443/ # IdP server.
The simplesamlphp scripts are running # http://dellperf1/simplesaml/ # Configured as SP
Configuration
On the the WSO2 end, I have configured an Issuer as follows:
wso2 IS Issuer Configuration
I have configured some users, both by using the "Add User" under configure -> User and Roles and by "Sign Up" function on the WSO2 IS homepage.
I have configured simplesamlphp as follows -
config/authsources.php
entityID matches "Issuer" in the WSO2 config - it's my company name, so I've obscured it.
14 // An authentication source which can authenticate against both SAML 2.0
15 // and Shibboleth 1.3 IdPs.
16 'default-sp' => array(
17 'saml:SP',
18
19 // The entity ID of this SP.
20 // Can be NULL/unset, in which case an entity ID is generated based on the metadata URL.
21 'entityID' => '$ISSUER HIDDEN',
22
23 // The entity ID of the IdP this should SP should contact.
24 // Can be NULL/unset, in which case the user will be shown a list of available IdPs.
25 // 'idp' => NULL,
26
27 // The URL to the discovery service.
28 // Can be NULL/unset, in which case a builtin discovery service will be used.
29 // 'discoURL' => NULL,
30 'privatekey' => 'saml.pem',
31 'certificate' => 'saml.crt',
32 ),
metadata/saml20-idp-remote.php
93 /*
94 * $MY IdP
95 */
96
97 $metadata['https://sim2.FQDN:9443'] = array(
98 'name' => array(
99 'en' => '$company IdP test server',
100 ),
101 'description' => 'WSO2 ID Server',
102 'SingleSignOnService' => 'https://sim2:9443/samlsso',
103 'SingleLogoutService' => 'https://sim2:9443/samlsso',
104 //'certFingerprint' => '04b3b08bce004c27458b3e85b125273e67ef062b'
105 'certFingerprint' => '6bf8e136eb36d4a56ea05c7ae4b9a45b63bf975d'
106
107 );
Whenever I visit http://dellperf1/simplesaml/ , select the Authentication tab -> Test Authentication sources -> default-sp and select "$company IdP test server", I am correctly redirected to the wso2 server and presented with the "SAML 2.0 based Single Sign-On" page.
This is where I hit problems. I don't seem to be able to authenticate using any user I have created, either using Add User, or Sign up.
I only get the following in the Carbon logs:
[2013-01-29 11:36:57,269] WARN {org.wso2.carbon.identity.sso.saml.processors.AuthnRequestProcessor} - Authentication Failure, invalid username or password.
The users are in the default profile, which has the following configured as roles: "identity,everyone".
If I try to log in using the (default) admin:admin password, I seem to be able to authenticate, but simplesamlphp throws an exception:
SimpleSAML_Error_Error: UNHANDLEDEXCEPTION
Backtrace:
0 /var/simplesamlphp/www/module.php:180 (N/A)
Caused by: Exception: Unable to find the current binding.
Backtrace:
2 /var/simplesamlphp/lib/SAML2/Binding.php:95 (SAML2_Binding::getCurrentBinding)
1 /var/simplesamlphp/modules/saml/www/sp/saml2-acs.php:11 (require)
0 /var/simplesamlphp/www/module.php:135 (N/A)
I think I am hitting two issues here:
1) The users I am creating are unable to be authenticated using SAML - whereas the admin user can be. Why might this be? Profiles or policy issues?
2) Even if I could authenticate with a users I have created, other than admin, would I get the same Binding backtrace?
I have seen some traffic on the wso mailing lists in December 2012 around the binding WSO2 IS supports - am I fighting a losing battle here?
If simplesamlphp and WSO2 IS won't currently play well together, can someone from the WSO2 crowd suggest a simple method for testing SAML-2.0 against their IS?
If User can not login, it means that you have not configure login permission to that user... Please assign login permission to "everyrole" and check..
I guess one of my friend has tried the simplesamlphp integration with WSO2 Identity server, Please find blog post that he has written from there [1]. I guess this would help you.
[1] http://blog.facilelogin.com/2013/06/wso2-identity-server-saml2-idp-with.html