There appears to be a conflict between the validation of the request and the requirements of the request. The API call requires that the scope be set to 'app'. It also requires a userId. However, when the two are combined you get the below messages indicating you cannot combine the two.
API https://docs.smooch.io/rest/#pre-create-app-user
REQUEST
{ host: 'api.smooch.io',
path: '/v1/appusers',
method: 'POST',
headers: {
'Content-Type': 'application/json',
'Authorization': `Bearer ${token}`
}
Example body.
{
scope: 'app',
userId: 'some_userId',
credentialRequired: true,
email: 'test#email.com',
properties: { picture: 'https://s.gravatar.com/avatar/.....' }
}
RESPONSE BODY
{"error":{"code":"bad_request","description":"Invalid JWT body. Cannot use userId param with app scope"}}
RESPONSE HEADERS
{ connection: 'close',
server: 'nginx',
date: 'Tue, 21 Feb 2017 14:47:50 GMT',
'content-type': 'application/json; charset=utf-8',
'content-length': '105',
'x-powered-by': 'Express',
vary: 'X-HTTP-Method-Override',
etag: 'W/"69-huba/v8EazhrDAoySthrKw"',
via: '1.1 vegur' },
statusCode: 400,
statusMessage: 'Bad Request' }
I think you might be confusing two separate concepts - the JWT payload vs the HTTP request body.
scope is defined in the payload of your JWT credential (Bearer ${token} in your code sample). More information about JWTs and scopes can be found here.
userId should be specified in the HTTP request body.
I'm not sure what language you're using, but here's an example in Node.js:
var jwt = require('jsonwebtoken');
var token = jwt.sign({ scope: 'app' }, SECRET, { headers : { kid: KEY_ID } });
var request = require('request');
request.post({
url: 'https://api.smooch.io/v1/appusers',
headers: {
'Authorization': `Bearer ${token}`
},
json: {
userId: 'some_userId',
credentialRequired: true,
email: 'test#email.com',
properties: { picture: 'https://s.gravatar.com/avatar/.....' }
}
});
Related
I'm trying to receive an access token from the Zoom api via Oauth. No matter what form I try and send the body as, 'Content-Type': 'application/json' or Content-Type:application/x-www-form-urlencoded, it always errors to { reason: 'Missing grant type', error: 'invalid_request' }.
var options = {
method: "POST",
url: "https://zoom.us/oauth/token",
body: JSON.stringify({
grant_type: "authorization_code",
code: process.env.AUTH_CODE,
}),
redirect_uri: "https://zoom.us",
};
var header = {
headers: {
Authorization:
"Basic " +
Buffer.from(process.env.ID + ":" + process.env.SECRET).toString("base64"),
},
"Content-Type": "application/json",
};
var tokCall = () =>
axios
.post("https://zoom.us/oauth/token", options, header)
.then((response) => {
console.log(response);
})
.catch((error) => {
console.log(error.response);
});
tokCall();
I'm fairly certain the answer lies in either the data type in which Oauth is receiving the data, or where/if it's receiving the body at all. Any suggestions would be gratefully received.
The error is being thrown because you're sending the data as the body of the post request when the Request Access Token Zoom API is expecting to find them as query parameters which you might know as query strings.
Reference
https://marketplace.zoom.us/docs/guides/auth/oauth#local-test
Image of page from link to highlight the use of query parameters and content-type requirement for API call
Change
var options = {
method: "POST",
url: "https://zoom.us/oauth/token",
body: JSON.stringify({
grant_type: "authorization_code",
code: process.env.AUTH_CODE,
}),
redirect_uri: "https://zoom.us",
};
to
var options = {
method: "POST",
url: "https://zoom.us/oauth/token",
params: {
grant_type: "authorization_code",
code: process.env.AUTH_CODE,
redirect_uri: "<must match redirect uri used during the app setup on zoom>"
},
};
The Content-Type header should be set to application/x-www-form-urlencoded as this is a requirement of the zoom API itself.
BTW, axios requires you to name the body field/object of your request as data and also there's no need for JSON.stringify() method since axios does that for you under-the-hood
Though it's a late answer, I'd like to share it since it took me some time to complete this using Axios.
So to make Zoom authorization, you need to do:
Base64 encode the secret and client id
const base64EncodedBody =
Buffer.from(`${ZOOM_CLIENT_ID}:${ZOOM_CLIENT_SECRET}`).toString('base64');
URI encode the grant_type, code and redirect_uri
const data =
encodeURI(`grant_type=authorization_code&code=${code}&redirect_uri=${redirectUri}`);
Send the request
const response = await axios.post('https://zoom.us/oauth/token', data, {
headers: {
Authorization: `Basic ${base64EncodedBody}`,
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': Buffer.byteLength(data),
},
});
I'm trying to post data using axios.
handleAddClickAxios = (token, title, text, category, creationDate) => {
const api = "http://localhost:3000/tasks/";
console.log("login clicked");
let data = JSON.stringify({
title: title,
text: text,
category: category,
creationDate: creationDate,
done: false
});
console.log(data);
axios.post(api, data, {
headers: {
Authorization: `Bearer ${token}`,
"Content-Type": "application/json"
}
});
};
Now I have 400 error, in some options I got Unauthorized error. I tried many times, but i failed.
Console:
Apptask -
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI1ZGNmZjFhMjQzZWUwNTJmNmNkMjAzYzgiLCJpYXQiOjE1NzQ1ODQzMDl9.P9cKtljoFXbCo6X540tQ27d_jeouOwwRJ6HKhpsy-PY
asdad
App.js:100 login clicked
App.js:108
{"title":"asdad","text":"aaaaaaaaaa","category":"","creationDate":"2019-10-0,
9:31","done":false} :3000/tasks/:1 POST http://localhost:3000/tasks/
400 (Bad Request)
Request details in devtools:
You need to send data without JSON.stringify like this:
let data = {
title,
text,
category,
creationDate,
done: false
};
Also your creationData is not valid, it must be in this format:
"2019-11-24T09:06:29.271Z"
I'm trying to send a http request to Githubs graphql api(v4). My guess is that the format of my query is wrong. The code below is used to send a POST request to the api.
app.get('/fetch-data', function(req, res, next) {
const access_token = settings.dev.TOKEN;
const query = {query: { viewer: { 'login': 'muckbuck' } }};
const options = {
uri: 'https://api.github.com/graphql',
method: 'POST',
headers: {
'Accept': 'application/json',
'Authorization': "Bearer " + access_token,
'User-Agent': 'request',
'contentType': "application/graphql",
},
data: query
};
function callback(error, response, body) {
console.log(response.body)
if (!error && response.statusCode == 200) {
console.log(body);
console.log('lol');
}
}
request(options, callback);
});
The error message that I get:
{"message":"Problems parsing JSON","documentation_url":"https://developer.github.com/v3"}
I believe your GraphQL is malformed in that the query key is supposed to contain a string, not a complex structure. See also this example from the GitHub API documentation.
You may also want to set Content-Type to application/json as is recommended by the GraphQL introduction. application/graphql does not seem to be a registered media type and appears to alter the behaviour of GraphQL.
I'm looking at connecting to an https web api, I've obtained my token, and my username by receiving an email about it, and there isn't really any sample code to connect to the webservice using node; however there are examples for Java and C#, and based on those this is what I came up with...
/* WEB API: https://www.careeronestop.org/Developers/WebAPI/technical-information.aspx?frd=true */
// UserID: ...
// Token Key: ...==
// Your agreement will expire three years from today on 12/8/2019 and all Web API services will be discontinued,
// unless you renew.
var https = require('https');
var username = '...';
var tokenKey = "...==";
var options = {
host: 'api.careeronestop.org',
port: 443,
path: '/v1/jobsearch/' + username + '/Computer%20Programmer/15904/200/2',
method: 'GET',
headers: {
'Content-Type' : 'application/json',
'Authorization' : '' + new Buffer(tokenKey.toString('base64'))
}
};
var req = https.request(options, function(res) {
console.log(res.statusCode);
res.on('data', function(d) {
process.stdout.write(d);
});
});
req.end();
req.on('error', function(e) {
console.error(e);
});
Unfortunately however, it returns a 401 Unauthorized, so is there anything that needs added to this to get it working? Some headers maybe?
I used this form to submit a request and then looked in the Chrome debugger network tab to see exactly what request was sent.
The authorization header is supposed to look like this:
Authorization: Bearer 901287340912874309123784
You also want this:
Accept: application/json
So, assuming tokenKey is already a string since it appears to have been sent to you in an email, you can change your code to this:
headers: {
'Content-Type': 'application/json',
'Accept': 'application/json',
'Authorization': 'Bearer ' + tokenKey
}
For a service called mOTP, I need to send a parameter with name 'private'. Here is my Parse cloud code.
var phnNum = request.params.phnNum;
var validationParams = {"private":"MyPrivateKey"};
Parse.Cloud.httpRequest({
method: 'POST',
url: 'https://api.mOTP.in/v1/otp/MyAPIKey/'+MySessionID,
headers: {
'Content-Type': 'application/json;charset=utf-8'
},
params: validationParams,
success: function(httpResponse) {
console.log(httpResponse.data.Status);
console.log(httpResponse.data.Result);
if(phnNum == httpResponse.data.Result) {
response.success("Success");
} else {
response.error("phnNum not matched");
}
},
error: function(httpResponse) {
console.error('Request failed with response code ' + httpResponse.status);
response.error("URL hit failed");
}
});
The mOTP service gives response in JSON. But always I am getting the response as 'Method not supported'. I am not able to find where I am doing mistake. Please help.
mOTP docs: http://dial2verify.com/mOTP_Missed_Call_OTP_Authentication/Documentation.html
First of all, You should pass a body message with the POST method.
The content-type should be 'application/x-www-form-urlencoded' according to the documentation.
Parse.Cloud.httpRequest({
method: 'POST',
url: 'https://motp.p.mashape.com/v1/otp/{APIKey}/{SessionId}',
headers: {
'X-Mashape-Key': 'YOUR-X-Mashape-Key',
'Content-Type': 'application/x-www-form-urlencoded'
},
body: {'private': 'Your_mOTP_Private_Key'},
success: function(httpResponse) {
response.success(httpResponse.text);
},
error: function(httpResponse) {
response.error("error: " + httpResponse.status);
}
});