I am trying to register OAuth client, following the docs, but none of the links containing /developers in the path are working for me. I am either getting redirected to the https://my.tapkey.com/AdminUI/ and infinite load, until i refresh the page, or getting status code 502 Bad Gateway.
The ones I am having problems with are:
https://my.tapkey.com/AdminUI/developers/oauth-clients
https://my.tapkey.com/AdminUI/developers/identity-providers.
I tried on different OS's, using proxy, but nothing worked for me.
I am trying to register OAuth client, and explore more of the TapKey web api, but this one is a blocker for me.
You caught us here - we have changed the website a bit, and updated documentation is on its way but not yet published. We are working on it right now.
Developer section has moved to Tapkey Integrator Portal available on https://portal.tapkey.io .
Use the same login credentials you are using with Tapkey.
Related
I'm trying to understand the process of login to a website using the Network tab on Google Chrome because I have to use that process for autenticate accounts on an mobile application.
The login is completed when I reach the page "HomepageStudente.do", but I don't understand how to replicate all this on Postman. I've tried to do this:
Right-click on the SSO request
Copy as Curl (bash)
And it seems to work, but when I do the same thing with the second request (POST) I get a different message compared to the one on the Network tab.
Those 3 calls are based on automatic redirect by the browser, and I don't understand how to replicate it on Postaman. Is this possibile to do? Any other suggestion on how to use those requests for authenticate an account outside the website (example mobile app)?.
Thanks
I've installed the Android app on facebook developer app page, set everything in the same manner as for the app for which there was no such error. Opening for Facebook login the exact same URL that works for the other app:
"https://www.facebook.com/v2.8/dialog/oauth?
client_id=myClientId
&scope=publish_actions
&response_type=granted_scopes &redirect_uri=https://www.facebook.com/connect/login_success.html"
);
I've added https://www.facebook.com/connect/login_success.html to the Valid Oauth URIs in my app settings of course. My app has everything set the same way for both apps, except for their package names, yet for this one I get 'URL blocked: This redirect failed because the redirect URI is not whitelisted in the app's Client OAuth Settings.' But it is!
So I don't understand, obviously Facebook sends me the wrong error message so it's impossible to figure out where's the bug.
I've solved it by waiting about an hour and trying again. So apparently this is not mentioned in the docs anywhere but it can take really long before a new Facebook app gets registered and until then no URI can be whitelisted. This means if you just added your app and you're getting this error message no matter what you've tried of the dozens of suggestions you find on the web, it's most likely not your fault, just wait. I wish I knew this before trying all those things.
I'm experiencing the same issue as the one mentioned here, for which there was no conclusive answer: Asp.Net Owin authorized request works in Incognito mode but not "normal" Chrome
I am unable to comment on that question as I do not have the reputation to allow but was going to ask whether it is something to do with the fact that my project includes both Web Forms and Web API and there is a conflict going on with the authorization cookie.
Has anyone else come across this issue?
Thanks
For the benefit of anyone else with the same issue:
It was indeed due to forms authentication being enabled at the same time as OWIN bearer tokens.
If you are logged in via forms authentication, then try to call a web api end-point in the same browser, it uses the cookie information which gets recognized by Web Api authorization.
In incognito, there is no such cookie so behaves as expected.
I'm trying to use WSO2 API Manager 1.10.0 on an existent micro-services project with REST APIs following WSO2 tutorial.
I have installed it on my computer as well as a copy of my application and configured AM to manage requests (GET, POST and DELETE) to my resource but I always obtain a "Response code 0" with Response Header
{
"error": "no response from server"
}
Trying to contact my application using Advanced REST Client I obtain 200 with the correct result.
My APIs use a token inside the header to authenticate the user passed so I have implemented a dummy API without authentication but I still have the same issue.
I have tried also the Cloud version with our test server but still obtaining the same result.
I found this guide http://wso2.com/blogs/cloud/video-setting-up-custom-url-for-api-store-and-gateway/ but I don't know if this can be a solution for the problem in localhost.
Setting up the custom url in WSO2 API Cloud wont help. Thats there for a different purpose. There are two things you can do.
If you are interested in going ahead with the cloud version, you can get help from them. You can send a support request and the cloud team will help.
You can troubleshoot your local instance. When doing so, first, try to invoke your api via curl and see whether it gets a response. Sometime, your api can work fine, but due to some reasons, the result might not reach the api console.
If the curl works fine or not, you can check the logs to see whether there are any errors printed. Some more questions:
Is your backend service exposed via http or https?
If it is https, then if its certificate is not a CA signed one, API Manager will fail during the handshake. If so, you will have to add the cert to api managers client-truststore.jks
In the cloud scenario, your backend should be accessible from internet and the certificate story is valid for cloud too.
Are you trying to access the api using swagger console (or any web application). There are couple of reasons you could encounter this issue. one could be certificate not installed in the browser.
If this happens you should see some error log in the api manager console (something related to CA not found). for that first you can copy the backend url (swagger console shows the url it used to send the request) and paste it on a new browser window and install the certificate to the browser.
also you can get an idea about the issue by using a tool like firebug and check the request. (it will show the error for not connecting the AM)
Finally I have found the issue: the API Manager does not accept plain text response, responding using a JSON solves the problem.
Using other mediatype such as XML or TEXT/HTML it reports 406, with text plain it returns Error 0.
I'm new to the SSO world and I've recently installed WSO2 Identity Server 5.0 and done my best to hook in a service provider but I just can't seem to figure out how to make SSO happen.
Here is my current situation and goal:
I have a MojoPortal website where a user can log in. From there, the user can click a link to our FTP site powered by GoAnywhere. We want the user to be logged into the FTP site just by clicking the link instead of having to log in to it as well. The FTP site is SAML2 enabled so I chose the WSO2 ID Server to give SSO capabality between my mojoPortal and goAnywhere sites.
Here is what I think needs to happen - sanity checks welcome:
1. User clicks to access the FTP website and my mojoPortal website needs to create a SAML request and send it to the ID server. I can't seem to get a grip on doing this from an ASP.NET page.
2. ID server gets the request and validates it (you can test the request in the "SAML Request Validator" tool in the WSO2 console, right?)
3. ID server sends a response to the GoAnywhere FTP site which can be simulated with the SAML Response Builder tool in the ID server console.
4. The FTP sites says either OK or NO to access.
5. Not sure what happens next - how does the user get redirected to the FTP site.
So I have big issues: I don't understand the flow in great enough detail and I'm also having difficulties in getting the technologies to work together.
Any comments / help at all are greatly apprciated!
MojoPortal website - is this SAML2 Web Browser based SSO supported? If yes, then the solutions is clear.
You just have to register your 2 sites in WSO2 IS as SPs.
Then what will happen is , once the user log-in to the MojoPortal website, he user will have a live login session, therefore once he clicks on the FTP site, he will be able to access it without having to log-in again.
Hope this clarifies your doubts.