I'm following the steps described in this Slack tutorial on authorizing Postman. When I get to the end and try to request the token from Postman, the Slack OAuth window pops up and I can authorize.
On Postman however, I get an error message:
Could not complete OAuth 2.0 login.
Check Postman Console for more details.
Checking the Postman console shows:
POST https://slack.com/api/oauth.access
bad_client_secret
Error
If checked and double checked, and I'm sure I copied the right client secret value.
Can anyone see what I'm doing wrong? Thanks!
Related
I am having a hard time making a Cloud Run app that would serve as an internal API for employees (no frontend).
This would have endpoints like: POST api.mydomain.com/post-some-data where i want to pass some body parameters.
After IAP is setup and applied through a Load Balancer, I can enter the url in a browser and a consent screen appears. I log in with an account that has permissions and the relevant code runs as expected.
BUT
When trying with Postman, having the OAuth2 set as Authentication, setting all the token configurations etc - I get a consent screen in the browser as expected. After authentication I get a Access Token back to Postman in the format ya28.a0 ... w0123. When clicking "SEND" it returns
Invalid IAP credentials: Unable to parse JWT
My question
What is required to reach the endpoint (code/app) with the given OAuth header after consent? It works from the browser directly but not through Postman after getting the Access Token from browser consent. The endpoint/app is not reached at all from my understanding. So I cant break down the header in the endpoint-code as far as I know.
The goal is to be able to pass body parameters and having a nice shared API collection in postman. And that cant be done in the same way directly through a browser.
Thanks,
I've set up all the necessary steps in GCP for a Cloud Run app secured by IAP.
I've made sure a simple endpoint works as expected directly through a browser + consent screen.
I've successfully made Postman OAuth2 go through my consent in GCP and ask for auth.
I've got an Access Token back to Postman before sending the request.
I'm following this tutorial here to attempt to authenticate using Token Based Authentication with Netsuite:
through postman using Netsuite's Postman environment, but I continue to receive "401 Invalid login attempt".
When I check the Login Audit Trail, I see that there is no role being assigned to my authentication attempts -- it's just blank. To me, this indicates that the token is not properly assigned to the User/Role, but I've walked through the directions several times and everything appears to be setup properly.
I've seen other similar posts about this, but those seem to boil down to the Netsuite Account ID formatting. However, my Netsuite Account ID is all numbers, so I don't think this is a factor.
This should work fine assuming you have created an integration and an access token. Configure Oauth 1.0 in postman with the following fields filled out correctly:
signature method (should be HMAC-256)
consumer key (from the integration you created in netsuite)
consumer secret (from the integration you created in netsuite)
access token (from the access token created in netsuite)
token secret (from the access token created in netsuite)
realm (your account id, if using a sandbox, make sure the realm looks like 1234567_SB1, with an _ and not a -)
You won't be able to complete TBA using postman because using netsuite TBA requires a callback URL that netsuite will redirect you to with the necessary credentials (access token and & token secret).
I'm having this exact same issue. I have custom code written in Salesforce APEX that is connecting to NetSuite just fine. We also have a Workato integration that is connecting to NetSuite just fine.
No matter what I do in Postman, I get a 401 Invalid Login response. I'm losing my mind...
I finally got this to work for me. Postman had a request header of "Connection"="keep-alive". Once I removed that it worked fine! Wow.. I've been trying to get this to work for weeks, looking at it every few days for an hour or two. What a frustrating error message "Invalid Login".
I am trying to get request with endpoint after successful login.
I achieved to be login and take the token but I could not take the list with this token. I am using postman. Whenever I click the url link i sent with token i can see the valid json with my safari.
{
"message": "Forbidden"
}
what i sent https://qo7vrra66k.execute-api.eu-west-1.amazonaws.com/products?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
How can I send and successfully take this request from postman ? Also I couldnt understand why postman don`t allow this like safari.
I tried your endpoint and got no error.
I created an AWS Lambda function which invokes the endpoint of ML model I created in sagemaker. I tested it and it's working fine. Next I created REST API that calls this lambda function. I set any authentication type as NONE. Anyone with the url can access it. I created it following this aws blog. I tested my url in postman. It's working fine in postman but when I entered the url in chrome, its throwing {"message":"Missing Authentication Token"} error. Can someone please tell how do I get rid of that error while testing my url in chrome
The error is misleading. It's got absolutely nothing to do with tokens. What is actually happening is that the URL you are trying to access is invalid.
API Gateway's URL looks like this: https://xxxxxxx.execute-api.some-region.amazonaws.com/your-stage but it's very likely that you created an endpoint on API Gateway, which would then be accessible via https://xxxxxxx.execute-api.some-region.amazonaws.com/your-stage/YOUR_ENDPOINT
If you hit the base URL or a path which does not exist, you will get that weird, misleading Missing Authentication Token message.
So, long story short, hit a valid path for your API and it should work just fine.
Tip: maybe you are doing a POST request via Postman but whenever you try with the browser it issues a GET request, which would also result in an invalid path and therefore the Missing Authentication Token message.
I have Postman set up following this guide:
https://learn.microsoft.com/en-us/aspnet/core/security/authentication/azure-ad-b2c-webapi?view=aspnetcore-2.2#use-postman-to-get-a-token-and-test-the-api
When I attempt to get new Access Token, Postman prompts a window with my B2C Sign in page.
I then attempt to sign in, however receive the following error in Postman: Error invalid_request
There is no other additional details. I feel I've followed the guide exactly.
What am I missing here?
In the request, you need to make sure the callback url same with your app reply url and api id uri of the Scope same with your API in the B2C.
The request is:
And the result like this: