htabbach | 2016-06-15 15:47:51 UTC | #1
Hello,
I am trying to get the access token and when I redirect to the link below using my client id I am getting back Unauthorized Client. what am i doing wrong?
https://login.mypurecloud.com/oauth/authorize?client_id=<my-client-id>&response_type=code&redirect_uri=<http://example.com/oauth/callback>
KevinGlinski | 2016-06-15 16:51:03 UTC | #2
is the redirect uri specified in your client configuration? It needs to match exactly.
KevinGlinski | 2016-06-15 16:53:20 UTC | #3
And i assume that you removed your client id from the url above and aren't sending a blank id?
htabbach | 2016-06-15 16:56:13 UTC | #4
Yes, I have a valid URL, which is really a blank html page for now, and I included the valid client id in the link. This is just a sample link, the real link has the valid url and client id
tim.smith | 2016-06-15 17:04:24 UTC | #5
Here are things to double check:
- Make sure there's no typos or extra characters in the client ID
- Make sure the responsetype is correct for the OAuth client you're using. Auth Code Grant clients should use `responsetype=code` and Implicit Grant clients should use
response_type=token - Make sure the redirect URI matches character for character.
http://site.com/ is not the same as http://site.com - Make sure you're using the correct environment. If your org and client ID exist in mypurecloud.ie, for example, you must log in and use the API via login.mypurecloud.ie. Neither client IDs nor orgs span environments at this time.
tim.smith | 2016-06-15 17:07:43 UTC | #6
Also, you posted this in the .NET SDK category. Can you elaborate on how you're implementing the OAuth flow in your application?
htabbach | 2016-06-15 17:22:56 UTC | #7
Thank you for the response
1- There are no typos 2- response_type is code 3- the redirect url matches character for character 4- We are on PureCloud
htabbach | 2016-06-15 17:23:56 UTC | #8
As far as implementing the OAuth, right now all what I am truing to do is get the AccessToken but the code will be server-side type of code.
KevinGlinski | 2016-06-15 17:42:32 UTC | #9
Can you PM me the actual url you are using?
htabbach | 2016-06-15 18:03:00 UTC | #10
Did you get it the message?
KevinGlinski | 2016-06-15 18:08:53 UTC | #11
The url you sent me wasn't the same as above. In the url you sent me had response_type=token, above was response_type=code. If i take your url from the PM and replace token with code, i get to the login page
from the oauth spec
invalid_client - most commonly returned when the redirect url given does not match the configured url unauthorized_client - returned when the response_type requested doesn't match the configured response type
(i actually didn't know they were distinct codes until now)
htabbach | 2016-06-15 18:16:43 UTC | #12
I am kicking myself right now, nice catch, I think that solved it for now. Thank you!
htabbach | 2016-06-15 18:26:18 UTC | #13
I have another question, the documentation explains that the authorization server redirects to the specified redirect URL where I need to extract a querystring parameter "code", however, when the authorization server redirects, I am getting a parameter called rid, is it the same parameter?
KevinGlinski | 2016-06-15 18:32:27 UTC | #14
rid is part of the request on the login.mypurecloud.com url. after you log in from that screen you get redirected back to your web server and that url contains the auth code.
htabbach | 2016-06-15 18:34:30 UTC | #15
I did login when I was prompted but did not get redirected, I see a PureCloud page with two big icons: Architect and Collaborate
KevinGlinski | 2016-06-15 19:03:05 UTC | #16
that is expected if you navigate to login.mypurecloud.com directly and login. Before posting my last response, i navigated to the url you send me (after making the fix) and logged into purecloud and then was redirected back to your redirect url with the auth code.
htabbach | 2016-06-15 19:49:33 UTC | #17
Do we have to login every time we use the API to get the code? That would not work with automated API integrations!
KevinGlinski | 2016-06-15 19:54:33 UTC | #18
If you have a service without UI, you can use the client credentials grant https://developer.mypurecloud.com/api/rest/authorization/use-client-credentials.html
KevinGlinski | 2016-06-15 19:56:33 UTC | #19
otherwise, you can hold on to your bearer token in your service and next time your user comes in test the token to make sure it is still valid, otherwise redirect them to the login
htabbach | 2016-06-15 19:58:56 UTC | #20
This will be a service so logging in is not an option, I will create another Client Credentials type client but it is asking for the roles, what roles should it have?
KevinGlinski | 2016-06-15 20:01:41 UTC | #21
whatever roles your service needs to do its job
htabbach | 2016-06-15 22:54:45 UTC | #22
Thank you for the help. So going the client credential way, the url and the auth code are not used, when I execute the following command with the correct client id and client secret i am getting this error:
Error calling PostToken: {"error":"unauthorized_client"}
the command i am calling is:
Dim accessTokenInfo = Configuration.[Default].ApiClient.PostToken("clientid", "clientsecret")
Any ideas why?
htabbach | 2016-06-15 23:00:58 UTC | #23
Never mind, I found the issue and fixed it.
Thanks
htabbach | 2016-06-16 17:01:46 UTC | #24
I have a question about the method GetConversationIdRecordings, is this the right forum for it?
system | 2017-08-28 19:24:53 UTC | #25
This post was migrated from the old Developer Forum.
ref: 80