i register on https://bridgedataoutput.com/ for using bridge data api. as per documents
https://bridgedataoutput.com/docs/platform/API/zg-data#Zestimates
require access token. how I get access token ?
after login , I get detail of Client id, Client Secret and Server Token. i try server token but give me authorization error.
I try to do get request on this below API link
https://api.bridgedataoutput.com/api/v2/zestimates_v2/zestimates?access_token=P7cbhWXt2PLOGOHbctzuOJ1qF2mJYSSF7cI1IrUabGdt3u2IGMiFzu5XLCNk&address=%22123%20Main%20Street%22
Response
{"success":false,"status":403,"bundle":{"name":"AuthenticationError","message":"Invalid access_token format"}}
I had the same issue, and Bridge support said to use the Server Token as the access token. It needs to go in the URL, not as a header when I tried it. Here's an example.
https://api.bridgedataoutput.com/api/v2/OData/[DATASET_ID]/[RESOURCE]?access_token=[SERVER_TOKEN]
Zillow Public Records, Zestimates and Econimic Data does need additional approval. Please confirm in https://bridgedataoutput.com/data/feeds.
Related
I am logging in against identity server and getting a token back to a web application. Then i am getting the token and sending to an api. All works well. But i want to capture this token to use it for subsequent requests without having to call this line in controller actions. How do i do this?
var accessToken = await HttpContext.GetTokenAsync("access_token");
See this question for details now how to achieve that.
Also do check out this article
I have been struggling with this now for a while. So if someone could help me it would be great.
I am trying to get a simple access token from the TwitchTV API. I am referring to this link: https://dev.twitch.tv/docs/authentication/#getting-tokens
GET https://id.twitch.tv/oauth2/authorize
?client_id=<your client ID>
&redirect_uri=<your registered redirect URI>
&response_type=<type>
&scope =<space-separated list of scopes>
So thats where I begin to struggle already. How exactly do I make such requests in an ASP.NET MVC application? I see that I have an Startup.Auth.cs class where I can configure OAuth Authentications. But how does such authentication have to look like?
It then says in the documentation:
If the user authorizes your application, the user is sent to your
redirect URI, with an ID token and optionally an access token (if that
was requested):
https://<your registered redirect URI>#id_token=<an id
token>&access_token=<an access token>
Now how do I access this token? Can someone please give me a small Code example of how I should start with this API? I really dont have any experience with such technology. How do I have to configure my Startup.Auth.cs and how does my Action have to look like, that starts the authentication?
Please refer to the link above in your answer. Thank you!
You can create a redirect URI as callback URL.
when a user logged in in your app the callback will be triggered containing the Access Token and other information.
here is the sample snippet in PHP (https://yourhost.com/outhcallback.php)
<?php
$acccesstoken=$_REQUEST["access_token"];
$id_token=$_REQUEST["id_token"];
store_to_session(accesstoken);
?>
now you have the token. if this token you require in server-side store to the session and if require in client-side store to local storage.
I've been trying to consume an authorized ASP.NET Odata Web API by using an Odata client. I do know how to set the header with the token for the client, but where should the token be kept for re-use?. Because the Authorization header has to be set with each request, not just once. To be more precise, this is what I am down to:
Get user's credentials, pass them back to the API.
Get token.
Set the header for the Odata client with the token value.
I am struggling with the actions to be taken between 2nd and 3rd step: Where should the token be kept, so you could keep setting the Odata client Header with it?
This is how I set the authorization header value.
EDIT: In regards to the comment, I might've not clearly specified the issue. The problem arises, because controllers will be created for every request and will be garbage collected "sometime after" the request has completed. So, the token value will be gone.
have a look here, they are storing it in a cookie. If you do not want to expose the actual token on the client side, store it somewhere near your e.g. user profile / session, or store the token with a generated id in a lookup-table and save the id to a cookie.
this is another approach using ASP.NET Identity and ApplicationCookies
I am using Identity Server4 for a proof of concept project.I have implemented the identity server and I can receive an access token when I authenticate successfully.
For authentication I use, the following endpoint:
http://identity-vm-01/connect/token
and the details I post are:
Now, I would like to check if the token that I receive is valid. For that I am using the following endpoint.
http://identity-vm-01/connect/introspect
with a basic auth header using the client_id and client_secret as shown above, and pass token in the body.
But I receive an Unauthorized error. 401 . It will be great if someone could tell me what is that I am doing wrong.
Thank you
You need to define a scope secret for api1 (on the Scope class) and use the scope name and secret as client_id/secret.
Clients for the introspection endpoint are not really clients in the OAuth 2 sense - they are APIs.
I am using dotnetopenauth and working with google api. My problem is to get authorization code from my saved refresh token. If i can get that code then i can get accesstoken. i want to get that code not accesstoken directly. I was unable to find any method or url of end point which can return me authorization code from my refresh token. Thanx in advance
I think you have the OAuth 2 flow confused. Authorization codes do not come from refresh tokens. It's the other way around: you get refresh tokens in exchange for a one-time-use of your authorization code. Access tokens are obtained in any of three ways
In exchange for a refresh token.
In the initial exchange for the authorization code that returns both a refresh token and an access token.
OR, if you're using the implicit grant type instead of the authorization code flow, you get the access token in the url #fragment in response to the user's authorization redirect, but this only applies to JavaScript executing on the browser since fragments are not sent to web servers.