I am trying to consume oauth2 api using auth code. In first step, i received auth by providing client id and secret, and now in 2nd step, i need access token using that auth code.
I tried below c# code
var client1 = new RestClient("https://ant.aliceblueonline.com/oauth2/token");
var request1 = new RestRequest(Method.POST);
request1.AddHeader("Content-Type", "application/x-www-form-urlencoded");
request1.AddParameter("code", "xxxxxxxxxxxxxxxxx");
request1.AddParameter("grant_type", "authorization_code");
request1.AddParameter("redirect_uri", "https://ant.aliceblueonline.com/plugin/callback");
request1.AddParameter("client_id", "MM01418");
request1.AddParameter("client_secret", "xxxxxxxxxxxxxx");
IRestResponse response = client1.Execute(request1);
In response, I get
The OAuth 2.0 Client supports client authentication method "client_secret_basic", but method "client_secret_post" was requested. You must configure the OAuth 2.0 client's "token_endpoint_auth_method" value to accept "client_secret_post
Tried a lot but could not resolve it.
First of all as you're working with C# I would like to recommend you to use IdentityModel to interact with any OAuth2 authorization server or OpenId Connect Provider.
Let's start by the definition of a Client: A client is an application that is allowed to request acces tokens on behalf of the user. In your example your server runing the code you posted is the client.
To be able to use the token endpoint to request a new access_token a client must be able to prove its identity first, by providing a client_id and client_secret (like a user and password for clients).
There are two methods for providing this client credentials, from IdentityServer4 documentation about secrets:
Authentication using a shared secret
You can either send the client id/secret combination as part of the POST body:
POST /connect/token
client_id=client1& client_secret=secret& ...
..or as a basic authentication header:
POST /connect/token
Authorization: Basic xxxxx
In this case, the error response is saying that just one of those methods is allowed, which is Authentication header
So instead of passing your client_id and client_secret along your request body:
request1.AddParameter("client_id", "MM01418");
request1.AddParameter("client_secret", "xxxxxxxxxxxxxx");
you need to concat client_id and client_secret with a collon as separator like "MM01418:xxxxxxxxxxxxxxxx" and apply base64 codification. Then add it to your request as header, of the form Authorization: Basic TU0wMTQxODp4eHh4eHh4eHh4eHh4eHh4. You can do this in c# by using the following code:
var credentials = string.Format("{0}:{1}", clientId, clientSecret);
var headerValue = Convert.ToBase64String(Encoding.UTF8.GetBytes(credentials));
var client = new HttpClient();
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", headerValue);
or instead leave this low level details to a library like IdentityModel Nuget Docs that implements the correct requests for you depending on the case.
Related
I have registered an app in Azure. I can get access_token from oauth2/v2.0/token from password grant. I can also get refresh_token from oauth2/v2.0/token using refresh_token grant
But, How do I request a resource in Microsoft Azure using an access_token?
In short how can we use the generated access_token in azure?
When you would request anything on azure you have to pass your access
token as your request headerrequest.Headers.Authorization which is
Bearer token.
Here I am giving you an example how you could access azure resource using your access token.
//New Block For Accessing Data from Microsoft Graph Rest API
HttpClient _client = new HttpClient();
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, string.Format("https://graph.microsoft.com/v1.0/users"));
//Passing Token For this Request
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", "Pass Your Token Here");
HttpResponseMessage response = await _client.SendAsync(request);
//Get User List From Response
dynamic objGpraphUserList = JsonConvert.DeserializeObject<dynamic>(await response.Content.ReadAsStringAsync());
I am accessing Azure Active Directory User List using access token. I got this response
See the screenshot below:
Azure Resource API Access Sample :
As Per Gaurav Mantri's Recommendation I am also giving you another example how you could get azure resource group information. See below code snippet
//How You Would Request Microsft Resource Management API For Resources List
var azureSubcriptionId = "Your_Azure_Subcription_Id";
var resourceGroupName = "Your_Resource_Group_Name";
HttpClient _client = new HttpClient();
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, string.Format("https://management.azure.com/subscriptions/{0}/resourceGroups/{1}/resources?api-version=2019-10-01", azureSubcriptionId, resourceGroupName));
//Passing Token For this Request
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", "Pass Your Token Here");
HttpResponseMessage response = await _client.SendAsync(request);
//Get User List From Response
dynamic objAzureResourceGroupList = JsonConvert.DeserializeObject<dynamic>(await response.Content.ReadAsStringAsync());
Also Tested on PostMan.
For more details you could refer Official Docs
Hope this would help you.
This process has been defined very clearly here: https://learn.microsoft.com/en-us/rest/api/azure. Especially look at the section titled Create the request which will tell you exactly what needs to be done.
I am following the Yahoo official documentation (https://developer.yahoo.com/oauth2/guide/openid_connect/getting_started.html). I can successfully get an authorization code after user logins with Yahoo. I am now at step 3, trying to exchange the authorization code for a token, but Yahoo keeps returning an http error 500.
To exchange the authorization code for the access token from Yahoo, I am using the following RestSharp syntax:
var client = new RestClient(provider.TokenUrl);
RestRequest request = new RestRequest() { Method = Method.POST };
request.AddParameter("client_id", codeModel.clientId, ParameterType.GetOrPost);
request.AddParameter("client_secret", provider.Secret, ParameterType.GetOrPost);
request.AddParameter("code", codeModel.code, ParameterType.GetOrPost);
request.AddParameter("grant_type", "authorization_code", ParameterType.GetOrPost);
request.AddParameter("redirect_uri", codeModel.redirectUri, ParameterType.GetOrPost);
request.AddHeader("Content-Type", "application/x-www-form-urlencoded");
var response = client.Execute<TokenResponseModel>(request);
responde.data returns the following:
content: {"error":"ACCESS_TOKEN_GENERATION_FAILED","error_description":"Access token generation failed"}
StatusCode: InternalServerError
The official documentations states: "The request parameters below are transmitted using HTTP POST in the request body. You can, however, also send the parameters client_id and client_secret in the HTTP Headers instead".
I have tried both methods (clientid and secret as part of the body and as an Basic Authorization Header) and both return the same result.
When sending the clientid and secret as part of the Basic Authorization header, both parameters above are replaced by the following:
client.Authenticator = new RestSharp.Authenticators.HttpBasicAuthenticator(codeModel.clientId, provider.Secret);
As stated before, the only message returned by Yahoo is "internal server error".
Is there something wrong with the RestSharp syntax that could be causing this? Any other ideas will be greatly appreciated.
Needless to say, all parameters of the request contain the data they need.
Thanks
When you create your application profile at YDN you must make sure to select at least one API permission. For example try "Profiles (Social Directory) Read Public".
If your application has no API permissions then token generation will fail just the way you described.
If you already created an application with no permissions then you will have to delete it and create it again.
I'm trying to upload a photo using the Picasa Web Albums Data API in C# and I'm using RestSharp to help me with the HTTP requests.
I have the client ID and the client secret, but I don't know how to put that on the http request to make the authentication.
I'm getting the error:
Modification only allowed with api authentication.
The StatusCode that is returning is Forbidden
Here is my code where is my user ID and is my album ID.
The method "Authenticantion()" returns a token that I already have.
[HttpPost]
public string PostImage(){
var restclient = new RestClient(BaseUrl);
RestRequest request = new RestRequest("https://picasaweb.google.com/data/feed/api/user/<userID>/albumid/<albumID>") {Method = Method.POST};
string imageBase64 = "data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAkGBwgHBgkIBwgKCgkLDRYPDQwMDRsUFRAWIB0iIiAdHx8kKDQsJCYxJx8fLT0tMTU3Ojo6Iys/RD84QzQ5OjcBCgoKDQwNGg8PGjclHyU3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3N//AABEIAIUAyAMBEQACEQEDEQH/xAAcAAABBQEBAQAAAAAAAAAAAAAAAQIDBAUGBwj/xAA6EAABAwIDBgMFBgYDAQAAAAABAAIDBBEFITESE0FRYXEGIpEUMkJSgSMzYqGx0QdDgpLB4TVTchX/xAAaAQEAAwEBAQAAAAAAAAAAAAAAAQIDBQQG/8QAMREAAgIBAwMDAgMIAwAAAAAAAAECAxEEEjETIUEFMlEiYRRCkSMzUoGhsdHhNHHx/9oADAMBAAIRAxEAPwD3FACAEAhNkA3eM29jbbt2vs3zsoyuAOupAqAEAIAQAgBACAEAIAQAgBACAEAIAQAgBACAEAIAQHmuNfxbw6mdUx4dRzVIieWNqLjdvIyJGdyL8eKxnbjsuT1Vafd3lweTYx4sbisrq+eB7nSEh0r7B3qNOnJYKpuXd9z2SuShiKwj1Dwx4nw6WppW4dLNE6Vzd5Bsm0Y47V8lza650XdSUsL+hWVfUi8dz1FrgRdpuOi7yaayjltY5FUgVACAEAIAQAgBACAEAIAQAgBACAEAIAQAgBACA+WMQpGYfUzYdUl0LaV7omGUZua0kA+i8UstvB168OKJcOo4a2WKjpm3iik3jnvGVwf04WWVk3FOTNopP6T0ajw+Cima+NgjEoIDguDZfOyDT8HpUYo3KXFp6c7hz3MeORycOYVY6i2lfRLseedMJvg0I8YqOEzvqVovUblxIyelh8FuHHKgZOLHjsvRX6tcvdhmMtHHwX4MbiebSsc3qMwuhV6tXLtNYPNLSyXBoQ1MU33cjXdL5roV6iqz2SyeeUJR5RMtioIAQAgBACAEAIAQAgBACAEAIAQAgBAeK/xHwanxfGhK8ENjndtluV22zHqFw43OF1qXydiFalXHPhGRhrGU+J7IY1jZQAABYDkpt71myWGdjFEKuhdBtBr2+aN54EaLjb1XZ34Zq35K1PWMqmmmrWbM0brFpNnNPQq1lU6frqeUThM04qcAACZ3dwzXkzGfddiHLHKJN1PHYtAcPw5qHBruhvhIfHUcDe6je1yVdZZZOrK15MZQL1PidRFk2Qub8rs17qvU76+Hkwnp4S8GjBjLTlPER1bmunV61F/vI4PNLStcMux4hSyaSgf+sl0Ia/Tz/N+vYxdM14JmzRu917T2K9KthLhme1/A8EHRWyiAupAIAugAuaNSAo3JDDAOB0IKKSfAwwupAXQCoAQAgBAVcRq20VHLUPt5BkOZ4LDU3qip2PwaVVuyaijyrFyZWukc67r3J5kr5ume6XfydvG1YOfmLWP27jJtwV0EsrAZ2eHwyFokAIBANlxrI7m0XTwT1eHU1e5rpBu52izZG5ZcjzCtVa61tfBTLi8kFqmjLWT+ZugeNCsLaYvvE3i4zXYtwzg6HNYqbj2ZnKD8k5cyUfagO68Qrb0+zM+8eBjqZ4zhdtjiDqqurPeJZWL8xEJSw2NwRzWWJRL7U+CRtQeao7JIzdZIKm+pRXMr0x2+B4qeqV2D2zn5leN0/kjYPFS8fG5bLUWLyV6aFNZIB9471V/xdq/MOkn4GGtedXOP1Vfxc3yy3SQ11TfUrN6hkqsYZwq9b7k7Bpq5Izdkj29nFFqbE/pb/Ut0ovlFSHxXiVH4soqWd28wuZgjffZ2myONmkHW3Puvq/SdROyn9o8vJ4NXQovMUeijRdc8AqAEAIDnMdf7bLuAfsozc24uXz/qM+vPYn2X9/8AR0dKumt3lnN1uFxPa/XMWXMblU+zPepbuTk6/D2xzNa4eRxsujTfvjnyS4ncxEBthwOS5tc/pyUku4Scx7ymXdExHsex7Cx4DgciCFRPHJSUWnlGbV0z6S8sV3Q8ebVEq4yPTXap9pciwVYyDl5pVSjwTKousnGVlVTweeUCVzmSi0rQR+a06ifZoot0e6ZXdSDWKT6OUOMXwzVXfKGmlnA0a7sVR0PwSrIMaYphrE/6BUenl8E5g+GJaT/rf/aVXpteB9PyOG+Okcn9pU7LPgj6fkeIah38p31VlVY/BG6C8i+zTH3nMb9bqypl5ZHUiOFMB78p+gU9KvyyHY/CF3EI+Y93Jsq+CN8hRBAdR+alQgRvmUqvC8EfUMqqqmifNEQ5j3EktINxbrde/T6qdXaLIlCVnKLPhPxlPX+JJ8Jrjk9hkpy5lnC2oNsuoX1NFvUjlnMvqUH2O9XoPOCAhqpNzTySD4WkrK6eytyLQjukkcq59ma3XyykddRKkrrleeyXc3ijBxyn3lO4MyeR5TyPBX0dm2Zo+DQoKts8TJWnJ7Q63JYNOqTi/BEllFouvxV9xVITatmCqSfwTjJaglDhb1UxsXkxlHBn12HFhMtILt1MY4dv2Wrxg9FV/wCWZUhmIzaVhOtPk9EoJlyOrys5YOtrgwlT8E7Khp4rJyceUZOtkrZRwJUq37mbiSNlWsbXjko4jzMeDj6rTq/cbRu8cfiNk6n3J2oa6QNGbh6qrn9wo58ED6uFurgT0Ue7hGqpk/BWkxBvwNv3V1S33ZtHT/LKzq2VxysB0WnRWDTpQQ0zSO1cVCqihiK4InXdqtFiPBGfBueE8ABxRmKyR7Lo2lrXfNdd70uNrTlL2+Dka6yDe1cndLsHOBAU8X/4+bt/leTXf8eRtp/3iOScciF8pux2OwkQOuVjOXc0KlXHtxFUpntmW8GJhdR7JVS4fIciTLD2JzH0P6hdPU1dWKsX8ysX4NyOXJc5pouSNeLqNwaHA7OipIjBcgqBo7Iq9d2O0jCVb5RHV4fFVXfE7dy87ZHuvQseCa75Q7Pgy5opqV2zMy3JwzBUNZPdCcbFmI0PHBVwWwOEjho4qjhF8oq4pj9+/wCb1VHTAr00G/f8wRUxI6aGmZ/zFXVUfgtsRE5xOpK0jHHBbjgiLraLVINiHNTgqOaFVsq2TsjJsAsZTKs6LA8C3pE1SLMB0PFdnQemueLLl2+Dm6rWL2QOtYxrGhrRYDIAL6BHKHKQCAr1zN5SStAudk2WGpjvpkvsXrltmmcbLkvjLHhncRAVhJlsDHC+SybLGHjeHPlaJaYtbURO24nHS/I9DoupotUvbLhhxzwJhmICqhuGljgdl8bveYeIK01Gm2MJmkx99F4ZRLkrX81m0B97rNoholildGcjkoUnHgpKKkXGVMb27MgB6ELeN6fZmDra7ohlwuknF4iYnfh09F6IyUuGXjqbIc9ypJg9Uz7t8cg9CrbTeOsrfuWCu+jrI/egf/SLquEaq6qXDIXCRps6N47tKYRonF+Rm0eRTCJwIS46NJ+issEDDtX913orJogGi7w0uFzoCcyrN9smbwa9BhlTVEbqM2PxHRVq012of7OPb58Hntvrr9zOowvAIqbZkn87+XBd3Sel10vdPvI5V+snZ2j2RuNFhYaLqnjFQAgBAIUBx+LU/s9VJGB5b3b2K+P9Qp6VridnT2b4JmcuVk9ItlVgY5oKopbXknJgYrhksUxraIHefzIx8Y/ddrSayM49OwnHlDaGvbM0WOfda3adxJTNNkgdoV4ZQZYla/qspRBIHhZODK4H3BVHFkYHMkcw3Y4hFuXBDinyTtrZW62PdaRusRR0xHCvePgH0Wn4iXwV6CYv/wBF/BqdeXwPw6GOr5fwqOrJk9CI32+XoE6kiehAa6vmdq4eiOUnySqIIqzOpZaiOonpYJJ4zdkroxtNPQrWq2+HsYlp4SLjfEdRTQhkRyGnFdOv1LVpY7GD0NWe5Vq/4jT4U6GSsonT0xfaV8Vg5g5gcV1dJq7LMqw8t+kjHvE9FgmZUQsmicHRvaHNcDkQV0jnvsSIAQAgBAZHiCk30G+YPNHr1C5Xqmm6te9cr+x69JbtltfDOUeNk5L5Ca2s66AFUZIEXVJIqNLcrWVFJplsmRieC715npCGTHUH3X9+R6rq6X1FRW2zgnOTNhrZYJDDUNdG8atcM/8AfddJ1QsW6DyiU/k0IqsOAIddeWVDRYssmBzWDrYJBL1WbrA7eqvTAu96qOmQG9TpAN6mwCbxTsAhkUqAGmRXVYyRudtZK6WAyNzNpaKWCuCtUYU7ER7O2Mvc/Jo5Femi2W9KHJlYo7cy4PVsHpBQYZS0gNxDE1l+wX1COC3kuKSAQAgBAI5oc0hwuCjBx2MUTqSoLQPs3ZtP+F8h6lo+hZ2X0vj/AAdnTXdSHfkzNCuPhnrHNcoIY5UcSoiyaBFVUdPWM2J4w5vC+o7LanU2UvMGMsxpvD88Xmopw4D4Zcj6hdar1WEli2P81/gspEQjrqf76lksOLfMPyXoVuns9kl/YumhzKi+RuO4sjrJRIJ+qp0y2B296hRsGBRIeahxGBwe7RRhENAXuU7UVAbR1JTsVHtaSqOSBMyIHusZWElyloXzyBsbddTyW+l0l+qf09l8mF19dS78nVYPhUNGA8jblOrivqNLoq9MsR5+fJyLtRO55fBtNGS9ZgKgBACAEAICriFHHWU7o368DyKxvohdW4T4L12OuW5HFVdNJTTGKVtnD0K+L1Wknp7Nk/8A07lVsbY5RBdeRrJqK11lRxaIaHhwVH9yMAqbRgLkaJgYF2uKrhkYAuB4XRJrgnDEuPlCt9XyO41xYAfs2+i0ipfxE4fyQmVrdI2jsFuqpPmTL4+5z3ip9e9sE9BLI0w7RLGNvckakceX1XY9OhUsxn5+Tz3qa7wLuFyGqoKadzTvJImucNmxvxyWV0GrHFLz/wBmkbE4KT7GhHTSvOTD6KY6TUz4gykr6o8yLsOGTvObLd8l6q/R75e9pf1PPLX1L29zSpsHtYyuHYBdCj0iivvL6meSzW2S9vY2KWBkQ2WNsF1UsLCPHk0IhZATDRAKgBACAEAIAQFDFMOir4rOFnj3XDgvPqNPXqIbJo0qtlXLMTi62lmo5THM2x4Hgey+S1egt00vq7r5OzTfG1duSDaXjwbjmvVHAD9pZusBtKNhGAumwBtAIoNkjHSALSNIwROmvkt41YLELnDhqt1FkixRue8C13HQLaqieolsrRlbdCqOZHUYfh7ImXLBtHVfWU1RpioxODZZKbyy+2BrdAAtTMkbGgJGMQFiONAWGCyAegBACAEAIAQAgBAVK6hhrIiyZlwqygpLbLglNxeUcbimD1NDd8bXTQ9PeH7rhar0fDcqP0OlTrVxZ+pltkBzByXFnU4vbJYZ74yUu6Hh6z2Fhd51TYBDKp2AY6Q2V1WgRF7itFFEgGucjaROSSKMvkEcTduQ8OXUrbT6WzVPC4+TC7URqXfk6XCcJENnyeaQ6lfU0aeGnhsgv9nEstlZLMjabFbQLYzHiK6AkbEgJWxhAStaAgHIAQAgBACAEAIAQAgBAMfG14sQgMTEvDlLVkuDNiT52GxWdlMLViayXhZKHtZz9X4ar4M4JWSjk8WPqFzbPSapextHshrpL3LJmS0mIQ3EtFJ3YQ7/AH+S8c/Sblw0z0R11b5IDIWe/FK3vGV55en6hflNVqqn+Ybvmng8/wBBUfg9R/Cy3Xr/AIkSxMmlNoaaZ/Ztv1WkPTdRJ8YM5ayqPk06PAa+ozm2YWHgDdy99PpMI97Xn7Hls17faCwdNhuCw0bfI3Pi46ldaMYxWIrCPA5NvLNQRADJWIHCNAODEA4NQC2CAVACAEAIAQAgBACAEAIAQAgBAIQCgI3QxnVqAidRQO1YEA32Cn+QICRlLE3RgQEzWNboEAtkAWQCoAQAgBACAEAIAQAgP//Z";
request.AddParameter("client_id", this._clientID);
request.AddParameter("client_secret", this._clientSecret);
request.AddParameter("grant_type", "client_credentials");
request.AddHeader("GData-Version", "3");
request.AddHeader("Content-Type", "image/jpeg");
request.AddHeader("accessToken", Authenticantion());
request.AddBody(#"Content-Length: 5951
Slug: banana.jpeg " + imageBase64);
var tResponse = restclient.Execute(request);
var responseJson = tResponse.Content;
var token = Authenticantion();
return responseJson;
}
The OAuth2 authentication normally happens inside a user flow, where the user makes the login with the user and allow (or not) some scopes to the app (e.g. access Picasa, read only for Google Drive).
You can check the complete flow through this link: OAuthPlayground. And get your own token at the end of the flow to use with your HTTP requests. One thing to take care is about refresh the tokens, inside the playground it's possible to set to never expire. But on the real world you would need to implement this refresh.
The Picasa API is a little outdated, I'd recommend you to use GoogleDrive instead, it's much more flexible and up to date.
GoogleDrive_API_Docs
It's also possible to make this flow via OAuth2_ Server to server, but I never tried before.
I'm using Trello's Developer API's implementation of OAuth to post stuff to a list.
I've successfully made a request and got my oauth_token and oauth_token_secret back from https://trello.com/1/OAuthGetRequestToken
But when I call https://trello.com/1/OAuthAuthorizeToken, passing the oauth_token that I've just received, I get a response of 'App not found'.
Can anyone help?
EDIT: Here's what I'm getting back from https://trello.com/1/OAuthGetRequestToken
oauth_token=8d0e43fd0cc67726567d49ae5e818852&oauth_token_secret=[secret]
And here's the Authorization header I'm sending (escaped in C#)
"OAuth oauth_version=\"1.0\", oauth_signature_method=\"HMAC-SHA1\", oauth_nonce=\"8335006\", oauth_timestamp=\"1414663625\", oauth_consumer_key=\"9612eaca23c7bdd3eca60dc8c2a8159c\", oauth_signature=\"M6sLyyfHGYXOtQnLJexDx96kbFo=\", oauth_token=\"8d0e43fd0cc67726567d49ae5e818852\""
Am I doing something wrong or is this an error on Trello's end?
EDIT: I'm using RestSharp to call the Trello API, as below:
var client = new RestSharp.RestClient("https://trello.com/");
var request = new RestSharp.RestRequest("1/OAuthAuthorizeToken", Method.GET);
EDIT: Here's the complete RestSharp code:
var client = new RestSharp.RestClient("https://trello.com/");
var request = new RestSharp.RestRequest("1/OAuthAuthorizeToken", Method.GET);
Uri uri = new Uri(string.Format("{0}/{1}", client.BaseUrl, request.Resource));
string authHeader = GenerateAuthorizationHeader(uri);
//This is the output of GenerateAuthorizationHeader()
//string authHeader = "OAuth oauth_version=\"1.0\", oauth_signature_method=\"HMAC-SHA1\", oauth_nonce=\"8335006\", oauth_timestamp=\"1414663625\", oauth_consumer_key=\"9612eaca23c7bdd3eca60dc8c2a8159c\", oauth_signature=\"M6sLyyfHGYXOtQnLJexDx96kbFo=\", oauth_token=\"8d0e43fd0cc67726567d49ae5e818852\"";
request.AddHeader("Authorization", authHeader);
The GenerateAuthorizationHeader method uses OAuth.OAuthBase to generate the TimeStamp and Signature for the OAuth request.
Looks like it might be a trello problem...
this user, had the wrong key by the sounds of things.
are you 100% sure that the key is correct.
Getting "App not found" from Trello Authentication
I had the same problem, the thing here is that OAuth is version 1.0
When you get the token and token secret from the first call you have to make your user to visit https://trello.com/1/OAuthAuthorizeToken not you.
In your case you have to redirect your user to https://trello.com/1/OAuthAuthorizeToken?oauth_token=8d0e43fd0cc67726567d49ae5e818852&scope=read,write,account
He will get a page where he can Allow the access. Then you will get a verification code in the page after the authorization to continue with your process (GetAccessToken).
You can try this as a test, in a real application you have to specify a callback url and an application name in the OAuthAuthorizeToken call.
I am using the following API to allow me to interact with Google Blogger. I need to insert a post into the users blog. However I am having trouble with my PostAsync functionality. I get a 401 telling me that my request isn't authorized despite having an API Key, however I think I may not be properly inserting my OAuth token.
I have the following code,
This is the code where I set up my authorization header, (note the key there is fake but is the same form as what i think is the OAuth token)
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("ya29.AHES6ZTBZi1dWPVdlcF7qAD-nSM6XxwY2323232m4lXW");
And this is my PostAsync function
HttpResponseMessage response = await req.PostAsync(URLs.postBlogURL + blogID + URLs.postBlogURLPost, new StringContent(json));
Can anyone tell me where I am going wrong? Cheers.
[UPDATE]
I amen't sure whether the authorization has to include the string bearer in it.
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer ya29.AHES6ZTBZi1dWPVdlcF7qAD-nSM6XxwY2323232m4lXW");
This is how I was able to get the proper OAuth auth header set for my request:
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue( "Bearer", _accessTokenWrapper.Token.access_token );
The first parameter to the constructor is the scheme to use for the Authorization header. So in the request, the header reads:
Authorization: Bearer {the access token string}