I want to create application Which will share post in company page.
I have Permissions in linkedin :
Using documentation im trying to get Token. but i have error :
{
"error": "access_denied",
"error_description": "This application is not allowed to create application tokens"
}
https://learn.microsoft.com/en-us/linkedin/shared/authentication/client-credentials-flow?context=linkedin/context
*** Real credentials was Replaced by xxxxx
Use this Postman Collection for the LinkedIn Oauth 2.0 API. And follow these steps in this article
All the permissions you have are 3-legged permission and you are trying to get token using 2-legged process.
Please follow below workflow to create access/bearer token using 3-legged flow:
https://learn.microsoft.com/en-us/linkedin/shared/authentication/authorization-code-flow?context=linkedin/context
If your application needs access to information from a member's LinkedIn profile, use the Authorization Code Flow to request permission from the member.
PS: Company page post also requires Authorization Code Flow.
You can use Postman Collections here to view some examples and use cases.
An update documentation for Postman Oauth 3 is here
Follow these steps in this article
https://www.linkedin.com/oauth/v2/authorization?
client_id=yyyyy
&redirect_uri=xxxx
&scope=r_liteprofile%20r_emailaddress%20w_member_social
&response_type=zzzzz
Related
I have a flutter application with a DRF back end. currently using Dj-rest-auth for regular authentication (token).
I'm at a point where I'd like to implement social authentication (specifically Google).
I searched a few resources but still don't quite get the workflow.
https://github.com/iMerica/dj-rest-auth/pull/336/commits/8f5cc65049c4bcb0c650bde707f5023013497b20
my guess is:
you set up your application on google cloud console.
You make a request to get an "access token" to the google auth on the Frontend (in my case flutter)
send that access token to your Back end - django to confirm. which then sends back a regular token for authentication?
Any guidance would be appreciate.
Your guess is accurate.
The exact flow would be to:
Set up API credentials on Google cloud console
Use Sign in with google which gives you an object with a token.
Use the recieved token to hit your dj-rest-auth endpoint for google authentication and mint your own jwt token and return it.
Now, depending on whether your requirement is for flutter or django I could help better with code referrences for it.
MY goal is to setup the Cognito Hosted UI to validate users after login. I have followed the steps laid out in the OAuth2 blog here: https://developer.okta.com/blog/2018/04/10/oauth-authorization-code-grant-type
My steps are as follows.
User logs into the AWS provided login screen.
It redirects to my website and I pull down the authorization code in Angular.
I send the code as part of my headers to the backend Nodejs
I use the code to get a token and then validate the token
This stream works but then what? I want to validate the AWS token for each API call but I have no idea how to access the token.
I am guessing that I am either missing the point of this procedure or that the token is somewhere I am unaware of.
Any help would be greatly appreciated.
Usually you have your own UI that redirects to Cognito to authenticate, after which the UI sends the access token to the API on every request.
All of the code samples on my Quick Start Page work like this and use Cognito.
If it helps, this is what the OAuth Technical Messages look like. Feel free to ask any follow up questions
I'm looking for a way to check if the correct integration permission has been ticked on the app settings as well as the Page webhook settings.
Is there a way to get what permissions does an app access token has? Specifically for Workplace custom integration. Just like me/permissions on graph api.
Update:
I got it working as #Prateek said. Using https://graph.facebook.com/v7.0/community?access_token={accessToken}&fields=install
I also had the answer on how to get the page webhook events. Using https://graph.facebook.com/v8.0/app/subscriptions?access_token={accessToken} in this case it needed an app access token instead of page access token.
Try /community GET API
https://graph.facebook.com/v7.0/community?access_token={accessToken}&fields=install
I am running a working AWS Cognito service on a frontend application which can successfully do the basic stuff - login, logout, signup, etc..
Right now I am trying to get user attributes through the backend API, such that:
1) The user login in the application and gets a JWT.
2) The JWT is being sent to the backend server.
3) The server has to extract the email of the user by using the access token
The closest thing that I found to what I need is this Cognito service.
So I am making a GET request to "https://mydomain.auth.eu-central-1.amazoncognito.com/oauth2/userInfo"
With Authorization Header as they are asking for, but I keep getting this response:
{
"error": "invalid_token",
"error_description": "Access token does not contain openid scope"
}
I have tried searching for this error but couldn't find any explanation about the error.
Thanks by advance
Erez, are you using a custom UI?
Because the custom UI uses flows that are completely separated from the OAuth2 ones (USER_SRP_AUTH, USER_PASSWORD_AUTH). Tokens that are released with these flows are not OpenID Connect compliant (basically they don't contain the openid scope) so you cannot use them to gather user infos (since the userinfo endpoint is OpenID Connect compliant and needs to be invoked with jwts compliant with OIDC standard).
We're also struggling on that, i'm sorry.
I had this exact problem and it was my fault. I was sending the id_token instead of access_token property of the token.
I program in PHP, so I was sending as header "Authorization: Bearer ".$token->id_token instead of "Authorization: Bearer ".$token->access_token. Now it works.
Hope it helps you or someone.
I am still experiencing the same issue. My problem relies on programmatic use of signIn service (not Hosted UI via federated login) in Amplify framework. After a long googling, I have discovered that this is because "openid" is not including in the scope of token. Only "aws.cognito.signin.user.admin" is included.
You can find a reference here, thread is still open https://github.com/aws-amplify/amplify-js/issues/3732
This solution seems to be fine for me How to verify JWT from AWS Cognito in the API backend?
If I understand correctly, you are successfully getting the #id_token sent to your front end from Cognito (steps 1-3). You can enable scopes on the #id_token by selecting the following options in your Cognito Pool App Client Settings:
I had a similar issue and I spent a couple of hours to find a solution. The access token you received it from cognito in your frontend application you need to send it to your backend then decode it and verify it. here is a good documentation from aws: https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html
We are oftenly getting "Media Builder Not Found" Exception while publishing media using Instagram Graph API.Can anyone know how to fix it?
Triggered URL:
Url1 : https://graph.facebook.com/v2.10/<userId>/media?access_token=<token>&image_url=<imageUrl>
&caption=<caption>
Url2 : https://graph.facebook.com/v2.10/<userId>/media_publish?creation_id=<creationId>&access_token=<token>
Yeah, this is tricky and sad - Facebook really has outdone itself here. The issue is that uploading to Instagram using Facebook API requires 2 types of access tokens.
When you call /media endpoint to upload an image, a user access token must be used.
When you use /media_publish to publish a previously created image - you must use page access token
Good luck!
I had the same issue, in my case, using the page token to create the media object and then using the user token to publish it, solved it.
What's strange though is that before I got the Instagram permissions approved, everything worked just by using the page token...but after I got the permissions approved it started failing and I had to use the user/page token combination to make it work.