How to regenerate the access token using refresh token through C# or PowerShell using native application client id?
Having the following inputs:
$RefreshToken = "refresh_token"
$ClientId= "client_id"
I have found many ways to regenerate access token using refresh token, but all those are using web app client id and client secret.
As far as I know, if you use native application, we will use silent auth(grant flow). It will just return the access token not the refresh token.
I guess you use web application code flow to get the access token and refresh token.
If you use this way, it must need the client secret and refresh token to generate the access token.
Related
I have been using Force.com Toolkit for .NET for long time. Recently one of a client has started complaining for session invalid issue. So I started digging up and found that I have to refresh token by calling TokenRefreshAsync for which I need to pass on refresh token which I get during authentication. But I am getting null refresh token from SF.
I have tried everything possible thing I found on the internet without any success. Perform requests on your behalf at any time (refresh_token, offline_access) is added in OAuth Scopes:
Refresh token expiry is set at 2 days:
This is the simple code I am using to authenticate:
var task = authClient.UsernamePasswordAsync(consumerKey, consumerSecret, username, password, callback);
task.Wait();
What am I missing here?
The Username-Password Oauth Flow does not provide a refresh token on Salesforce, regardless of scopes:
This OAuth authentication flow passes the user’s credentials back and forth. Use this authentication flow only when necessary. No refresh token is issued.
If you want a refresh token, you'll need to implement a different OAuth flow (preferable!), or eschew the refresh token and reauthenticate when your access token expires. The latter makes you vulnerable to credential and security token changes on the part of the authenticated user, however, which using a more suitable OAuth flow grants resilience against.
I have a Refresh token (which is generated by an external tool) and the goal to access the data from
GET https://www.googleapis.com/analytics/v3/management/accounts/~all/webproperties/~all/profiles/~all/goals
via C# . For this, I need to generate the Access Token. Is this even possible without knowing the client id and the client secret?
To retrieve an access token using a refresh token you must know the client id and secret that created it.
You would do a HTTP Post to the following
https://accounts.google.com/o/oauth2/token
client_id={ClientId}.apps.googleusercontent.com&client_secret={ClientSecret}&refresh_token=1/ffYmfI0sjR54Ft9oupubLzrJhD1hZS5tWQcyAvNECCA&grant_type=refresh_token
The Office365API provides a nice way to get an access token but there are no example on how to handle the situation when the token expires. Moreover, there does not seem to be a refresh token.
On the blog "How to: Integrate Office 365 with a web server app using Common Consent Framework"
[ http://msdn.microsoft.com/en-us/library/office/dn605894(v=office.15).aspx ] there is the notion of getting a refresh token along with the access token. When the access token expires the refresh token can be used to get another access token / refresh token set without requiring the user to log into their office 365 account again.
Does anyone know how to handle the expired access token using the Office365APIs?
The way i do it is
await _outAuthenticationInfo.ReauthenticateAsync(ExchangeResourceId);
I want to post an update to my own facebook page from a .NET service. I can make a FB App and that wants 'publish-actions' and 'manage_pages'. But how can I get an accessToken in code. The posts would be infrequent so I don't mind generating a new access token each time, but I need it done by the service without any interaction from me.
Following scenario 5 of https://developers.facebook.com/roadmap/offline-access-removal/ should allow you to authorize once as a user and then use the page token indefinitely without any need to re-authorize.
Exchange the short-lived user access token for a long-lived access token using the endpoint and steps explained earlier. By using a long-lived user access token, querying the [User ID]/accounts endpoint will now provide page access tokens that do not expire for pages that a user manages. This will also apply when querying with a non-expiring user access token obtained through the deprecated offline_access permission.
https://developers.facebook.com/roadmap/offline-access-removal/
I am developing an application based on google Oauth. Now my all authentications are done. Even I have now the access token and secret. Now I dont know how to use this access token and secret.
Please I really need Help on this. I have already done the hard work which is getting access token and secret. Only need to know how to use this token and secret to call an api.
To use the access key/secret you
set inputparameters for the google client service
create a token using the access key and secret, and the inputparameters
set the token in the google client service
In Python, using the gdata library:
self.gd_client.SetOAuthInputParameters(
gdata.auth.OAuthSignatureMethod.HMAC_SHA1,
self.consumer_key, consumer_secret=self.consumer_secret)
oauth_input_params = gdata.auth.OAuthInputParams(
gdata.auth.OAuthSignatureMethod.HMAC_SHA1,
self.consumer_key, consumer_secret=self.consumer_secret)
oauth_token = gdata.auth.OAuthToken(key=access_key,
secret=access_secret,
scopes=gdata.gauth.AUTH_SCOPES,
oauth_input_params=oauth_input_params)
self.gd_client.SetOAuthToken(oauth_token)
After that you can call the service methods to retrieve the data.
Nico