I am experiencing issues requesting "upload" authorization from Vimeo users OTHER than the user that created/registered the app.
Example:
User-A creates/register's new App-A via the Vimeo developer console. User-B is asked to authorize App-A to upload on their behalf. User-B is redirected to Vimeo authorization UI and sees the following:
This app will enable you to:
Access all of your videos
This app will not allow you to:
Like videos
Update your video info
Upload videos to your account
Delete your videos
Despite specifying scope in the authentication request URL:
https://vimeo.com/oauth/authorize?client_id=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx&locale=en_US&oauth_token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx&redirect_uri=https%3A%2F%2Fxxxxxxxxxxx.xxxxx.com%2Fapi%2Fauth%2Fvimeo%2Fverify&response_type=code&scope=upload&state={%22sessionId%22%3A%2243a9a9d1a7bd44d5a27d0f91b6185875%22}
BUT...
If I send the same request, but login as User-A instead then:
This app will enable you to:
Access all of your videos
Upload videos to your account
This app will not allow you to:
Like videos
Update your video info
Delete your videos
Am I missing something obvious?
Check the upload permissions you have been granted. If you only have owner permission, you can only request upload scope for the app owner.
If you have additional permissions, they are based on the target users subscription level.
If you think you should still be able to upload, or if you need additional upload permissions you will need to contact vimeo directly at vimeo.com/help/contact
Related
I have a list of 500 Instagram usernames in a spreadsheet. I want to extract the bio of all 500 accounts and put those in a spreadsheet. I am using Google Apps Scripting. I don't know how to get access to instagram's api where I can access the bio. I've look at other websites where I can pull up the Instagram accounts bio (like http://www.pikore.com/humordailyy) but those still don't have API. Is there a way I can get API? If not, is there a way I can crawl through the HTML or something to get the bio? Thank you.
As discussed in documentation, Instagram API requires authentication - specifically requests made on behalf of a user. Authenticated requests require an access_token which you could receive by doing the following:
Direct the user to our authorization url.
If the user is not logged in, they will be asked to log in.
The user will be asked if they would like to grant your application access to her Instagram data.
The server will redirect the user in one of two ways that you choose:
Server-side flow
Implicit flow: This method is less secure, but allows applications without any server component to receive an access_token.
For Implicit Authentication Flow which is for applications without any server component, simply follow these steps:
Step One: Direct your user to our authorization URL
https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token
At this point, Instagram present the user with a login screen and then a confirmation screen where they grant your app’s access to their Instagram data. Please note that you may provide an optional scope parameter to request additional permissions outside of the “basic” permissions scope.
Step Two: Receive the access_token via the URL fragment
Once the user has authenticated and then authorized your application, Instagram redirects them to your redirect_uri with the access_token in the url fragment. It will look like this:
http://your-redirect-uri#access_token=ACCESS-TOKEN
Simply grab the access_token off the URL fragment and you’re good to go. If the user chooses not to authorize your application, you’ll receive the same error response as in the explicit flow.
error: access_denied
error_reason: user_denied
error_description: The user denied your request
I am using drive api in my app and it works well , but sometimes when multiple users are logged in and I try to open a file in the browser with the link fetched via drive api I see the error message "You need permission. Want in? Ask the owner for access, or switch to an account with permission. Learn more" .
Steps to reproduce :
login to google drive with one account.
login with a second account and use drive api.
when you try to open public files you get that error.
If you add access token in url it seems to resolve the issue but thats a security risk. If you add authuser param to url that also works, but I can't find a way to get current user's authuser param.
Any help is appreciated.
I am integrating ASP.NET application using Google Drive API. For this after authentication we re uploading Files to Google drive. I am using Google client library to Call the APIs.
Everything is working as expected I am able to authenticate user successfully and able to upload the file successfully.
In one scenario when the user Google account is suspended then I am getting refresh token from Google but my upload method is failing and it is not uploading the file to Google drive.
I want to restrict the user on Signup screen itself, when account is suspended.
What parameter do I have to pass to achieve this please suggest?
Unfortunately this info is not easily available. You have two options :
Use the Directory API to see if the user is suspended. This requires additional OAuth permissions to be provided by an admin of the domain.
At login, try and perform a Drive API call to see if you get an error or not. If you get an error (with a couple of retried) and the error message matches the one you had for suspended users, then you can deny access to the user.
I am attempting to use the Vimeo API to upload a video to my own account (I have a PRO account). I have requested upload access and the request is still pending.
When I attempt to get an upload ticket with a request to: http://vimeo.com/api/rest/v2?method=vimeo.videos.upload.getTicket
I receive the response:
<?xml version="1.0" encoding="UTF-8"?>
<rsp generated_in="0.0073" stat="fail">
<err code="701" expl="The user does not have a PRO account." msg="Cannot upload"/>
</rsp>
The request is to my own account, which is a PRO account. Has anyone run into this issue before?
Your app page should show you which upload permissions you have been granted.
If it says the request is pending, it means it has not been approved by Vimeo staff yet.
If it says "owner" it means the app owner can upload to their own account.
If it says "PRO", "Plus" or "Basic" it means that users with those subscription levels are able to upload to their own account using your app.
If you think you should be able to upload, and can not, contact Vimeo at vimeo.com/help/contact
Lately I've been noticing a strange behavior when trying to access Drive specific actions. The use case is as follows:
the user installs the Chrome Store application
the user launches the application, we get a refresh token for the email and the profile scopes
the user wants to export a document into Google Drive
error message 403: appNotInstalled is returned
If the user goes to Google Drive and opens a file from there using our application, they are redirected to a new authorization dialog that asks for the email, profile, drive scopes. After the user grants access, the initial export also works fine. My assumption is that the initial refresh token that we had was no longer valid, even though exchanging it for an access token worked and the refresh tokens don't expire.
Shouldn't we receive a more descriptive error message in this case that would suggest that we simply have to redirect the user to the authentication dialog instead of the Chrome Store listing?
The issue might be that you are using a different client id/secret than the one you registered for the Drive SDK.
A quick test would be to:
revoke all granted tokens for your application on your test account
visit your application from the New Tab Page, it should redirect you to the authorization page: copy the URL you generated (do not approve).
visit your application from Drive, it should redirect you to the authorization page: copy the URL (do not approve).
Make sure the 2 URLs are identical (they should be), especially look for similarities in the scope and client_id query parameters.