https://learn.microsoft.com/en-us/linkedin/shared/integrations/people/handle-lookup
I am trying to call this API as the documentation shows, but I get this error back:
Here is the headers I am sending:
{'Authorization': 'Bearer xxxxxx', 'cache-control': 'no-cache', 'X-Restli-Protocol-Version': '2.0.0', 'X-Forwarded-For': '198.51.100.1', 'Caller-Account-Age': '2', 'Caller-Device-UUID': 'a859b63d-7135-4d96-be47-c21d392bfad2'}
I have authenticated with the right scopes and got the right OAUTH token and validated it by calling the userinfo endpoint
Here is the response I get back from calling this API:
https://api.linkedin.com/v2/clientAwareMemberHandles?q=handleString&handleString={something#something.com}
{'serviceErrorCode': 100, 'message': 'Not enough permissions to access: GET-handleString /clientAwareMemberHandles', 'status': 403}
All I am trying to do is get the user LinkedIn profile for a specific email address.
Also, is there a way to reach out to Linkedin support for this?
The API listed above.
Was expecting the member profile associated with the email.
Context
I'm migrating to Google's new auth solution that doesn't require 3rd party cookies using the following guide:
My app is a frontend built in Vue.js and a backend in Python (Flask).
Problem
Once I receive the Authorization token from Google (looks something like 4/0AdQt...bg), I'm unable to exchange it for a refresh & access token.
For Python, the official Google documentation only shows an example that uses Flask (using the Flow object) to request the token and verify it.
I've tried to build a simple POST request with postman
import requests
url = "https://oauth2.googleapis.com/token"
payload='code=4%2F...bg&client_id=92...cac42tg.apps.googleusercontent.com&client_secret=hw...u8D&redirect_uri=https%3A%2F%2Fco...pp&grant_type=authorization_code'
headers = {
'Content-Type': 'application/x-www-form-urlencoded'
}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)
But I get the following unhelpful 400 Bad Request response
{
"error": "invalid_grant",
"error_description": "Bad Request"
}
I tried to change the different form parameters and got different errors (The OAuth client was not found., Unauthorized, invalid_request, ...) so most likely the error is in the actual code.
If anyone has faced a similar issue, I'd love some help!
I want to do an API call using request of my user in Calendly like Documentation but I can't do it. I don't know if I need something else in my code, thanks.
import requests, json
api_key = 'aaaaaaaaa'
header = {
'Authorization' : api_key
}
response = requests.get('https://api.calendly.com/users/me/', headers= header)
print(response)
print(response.json())
I'm getting a 401 response:
<Response [401]> {'title': 'Unauthenticated', 'message': 'The access token is invalid'}
I suspect you're trying to use the API Key for API v2. The API Key only works with Calendly's legacy API v1. API v2 supports the following two authorization schemes:
OAuth authorization code flow, or
Personal Access Tokens.
See developer.calendly.com/getting-started for more details.
If you are using a personal token with the API v2, you need to prepend Bearer before your token.
Example:
header = {
'Authorization': f'Bearer {api_key}'
}
Source:
https://calendly.stoplight.io/docs/api-docs/YXBpOjM5NQ-calendly-api
I've been trying to use the developer tools on my browser to find ways of getting information, so I am attempting to get a large list of Steam user's names via an HTTP request for fun.
The problem was that I can't use the network tab of the 'Inspect Element' feature to track my search query because it is sent via JavaScript when the enter key is pressed. Fair enough... I look through the js file and find the GET request. It requires a session ID, so I open the console and get my session ID.
Here is where I am stuck: This is the GET request from the js file
url: 'https://steamcommunity.com/search/SearchCommunityAjax',
type: 'GET',
data: {
text: search_text,
filter: search_filter,
sessionid: g_sessionID,
steamid_user: g_steamID,
page: this.m_nPage
}
I have tried passing all the arguments as if I were actually using the browser, via python (the session ID is blocked in case it is sensitive?):
data = {'sessionid': '********', 'text': 'test', 'filter': 'users', 'steamid_user': 'false', 'page': 1}
requests.get('https://steamcommunity.com/search/SearchCommunityAjax', data=data)
And the requests yields a 401 response, I am not authorized. I tried another request with JUST the session ID, in case there was a formatting error with the other parameters, but to no avail.
I should note that I am able to do this via the web interface without logging in. The only form of authentication for this request seems to be the session ID.
Like I said, I really have no need for this to work, but I felt it would be nice to know why it isn't working, so I can improve my skills! Thanks for your help.
I am writing a Python script to edit an Excel spreadsheet that lives in SharePoint. We have Office 365 for Business. I am using Microsoft Graph API.
I registered the Python app with Microsoft Azure Active Directory (AD) and added the following 2 (app-only) permissions for Graph API: (1) Read and write files in all site collections (preview) and (2) Read directory data. (I had our company administrator register the app for me.)
My Python script uses the requests library to send REST requests:
import json
import requests
MSGRAPH_URI = 'https://graph.microsoft.com'
VERSION = 'v1.0'
def requestAccessToken(tenant_id, app_id, app_key):
MSLOGIN_URI = 'https://login.microsoftonline.com'
ACCESS_TOKEN_PATH = 'oauth2/token'
GRANT_TYPE = 'client_credentials'
endpoint = '{0}/{1}/{2}'.format(MSLOGIN_URI, tenant_id, ACCESS_TOKEN_PATH)
headers = {'Content-Type': 'Application/Json'}
data = {
'grant_type': GRANT_TYPE,
'client_id': app_id,
'client_secret': app_key,
'resource': MSGRAPH_URI
}
access_token = response.json()['access_token']
return access_token
def getWorkbookID(access_token, fileName):
endpoint = '{0}/{1}/me/drive/root/children'.format(MSGRAPH_URI, VERSION)
headers = {
'Content-Type': 'Application/Json',
'Authorization': 'Bearer {}'.format(access_token)
}
response = requests.get(endpoint, headers=headers)
print response.text
assert response.status_code == 200
items = response.json()['value']
workbook_id = None
for item in items:
if item['name'] == fileName:
workbook_id = item['id']
return workbook_id
access_token = requestAccessToken(TENANT_ID, APP_ID, APP_KEY)
workbook_id = getWorkbookID(access_token, WORKBOOK_FILENAME)
The Python app successfully requests and receives an access_token from the Microsoft server. The access token starts like this
eyJ0eXAiOiJKV1QiLCJub25jZSI6...
Then it requests a list of my files in getWorkbookID():
GET https://graph.microsoft.com/v1.0/me/drive/root/children
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJub25jZSI6...
This is the response to that REST request:
{
"error": {
"code": "InternalServerError",
"message": "Object reference not set to an instance of an object.",
"innerError": {
"request-id": "aa97a822-7ac5-4986-8ac0-9852146e149a",
"date": "2016-12-26T22:13:54"
}
}
}
Note that I successfully get a list of my files when I request it via Graph Explorer (https://graph.microsoft.io/en-us/graph-explorer).
EDIT:
Changed the title from "Microsoft Graph API Returns Object reference not set to an instance of an object" to "Azure AD "scope" Missing from Access Token Response".
Changed the "me" in the uri of the GET request to "myOrganization", after reading this: graph.microsft.io/en-us/docs/overview/call_api
That is,
GET https://graph.microsoft.com/v1.0/myOrganization/drive/root/children
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJub25jZSI6...
Now get the following response.
{
"error": {
"code": "AccessDenied",
"message": "Either scp or roles claim need to be present in the token.",
"innerError": {
"request-id": "bddb8c51-535f-456b-b43e-5cfdf32bd8a5",
"date": "2016-12-28T22:39:25"
}
}
}
Looking at an example in graph.microsoft.io/en-us/docs/authorization/app_authorization, I see that the access token response body contains a "scope" property that lists the permissions granted for the app during the app's registration. However, the access token response I receive from the server does not have the "scope" property. Here is what my access token response looks like.
{
"token_type":"Bearer",
"expires_in":"3599",
"ext_expires_in":"0",
"expires_on":"1482968367",
"not_before":"1482964467",
"resource":"https://graph.microsoft.com",
"access_token":"eyJ0eXAiOiJKV..."
}
Questions:
I had the administrator register the app in Azure AD and check the boxes for the Microsoft Graph API application permissions needed. Apparently that is not enough. What else is needed? Why are the permissions not in the access token response body?
What is the correct URI for the GET request? Is "MyOrganization" the correct value in the URI?
Thanks all for your responses. After more research, I found the answer to my question.
The original problem: "Microsoft Graph API Returns Object reference not set to an instance of an object"
The request
GET https://graph.microsoft.com/v1.0/me/drive/root/children
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJub25jZSI6...
gets the response
{
"error": {
"code": "InternalServerError",
"message": "Object reference not set to an instance of an object.",
"innerError": {
"request-id": "aa97a822-7ac5-4986-8ac0-9852146e149a",
"date": "2016-12-26T22:13:54"
}
}
}
As #SriramDhanasekaran-MSFT noted, /me refers to the currently signed-in user. In our case, we do not have a signed-in user, so we cannot use /me. Instead, we can either use /myOrganization or nothing, it is optional.
The updated problem: "Azure AD "scope" Property Missing from Access Token Response"
The updated (replaces /me with /myOrganization) request
GET https://graph.microsoft.com/v1.0/myOrganization/drive/root/children
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJub25jZSI6...
gets the response
{
"error": {
"code": "AccessDenied",
"message": "Either scp or roles claim need to be present in the token.",
"innerError": {
"request-id": "bddb8c51-535f-456b-b43e-5cfdf32bd8a5",
"date": "2016-12-28T22:39:25"
}
}
}
As #SriramDhanasekaran-MSFT and #DanKershaw-MSFT mentioned, the reason why the access_token response was missing the scope property is that the permissions had not been "granted" in Azure AD by the administrator.
However, the solution that #SriramDhanasekaran-MSFT provided:
https://login.microsoftonline.com/common/oauth2/authorize?client_id=&response_type=code&redirect_uri=http://localhost&resource=https://graph.microsoft.com&prompt=consent
doesn't help me because my app doesn't have a redirect uri. The solution to granting the permissions is simpler than that: simply have the administrator login in to Azure AD and click the "Grant Permissions" link to grant the permissions.
Additionally, /myOrganization/driver/root/children lists the contents of the administrator's drive. As #PeterPan-MSFT noted, to list a different user's drive, replace /myOrganization with /users/<user-id>.
Success:
My application can now edit my Excel spreadsheets online, without the intervention of a human user. Contrary to what #PeterPan-MSFT stated, this is possible with Graph API and there is no need to download the Excel spreadsheet and edit offline.
Summary:
There were two problems: (1) using /me and (2) the application permissions had not been granted in Azure AD by the administrator.
Since client_credential token flow is being used (i.e., there is no authenticated user context), any request with /me is not valid as /me refers to current signed-in user. Please try with delegated token if you to access files in user's drive.
To access root drive in Sharepoint, request url is /drive/root/children (myorganization is optional).
With regards to missing claims, admin has to consent the app. You can force consent by asking the admin to access the below url (replace with that of your app's)
https://login.microsoftonline.com/common/oauth2/authorize?client_id=&response_type=code&redirect_uri=http://localhost&resource=https://graph.microsoft.com&prompt=consent
As #juunas said, the first error information below should be the NULL exception in .NET which be caused at the server end, but also not an API bug or a permission issue.
error": {
"code": "InternalServerError",
"message": "Object reference not set to an instance of an object.",
You can refer to the SO thread to know this case which seems to update for backend, please try again later.
To explain for the second error when you changed the option me to myOrganization in the Graph API url, as #SriramDhanasekaran-MSFT, it's accessing files for the current user or a specified user with <user-id> instead of me.
However, based on my understanding, you want to edit an Excel spreadsheet lived in SharePoint for your orgnization, it seems to be not suitable via using Graph APIs. Per my experience, it should be done via using the APIs of OneDrive for Business to copy the Excel file to local to edit & upload to overwrite it, please refer to the dev documents for OneDrive and try to use the API for drive resource.
Hope it helps.