User Authentication using API + oAuth
356 views
Skip to first unread message
Ed Burns
Dec 21, 2011, 1:33:14 PM12/21/11
to Disqus Developers
Trying to authenticate a user via
https://disqus.com/api/oauth/2.0/access_token/
I've learned that the documentation is incorrect in that it specifies
the request as GET when it has to be POST.
However, after switching to POST, I get an invalid_grant error when
attempting to authenticate a user:
My Request:
grant_type=password&client_secret=(SECRET)&client_id=(PUBLIC)&username=(USERNAME)&password=(PASSWORD)
The Response:
array(2) {
["error_description"]=>
string(30) "Unallowed grant type: password"
["error"]=>
string(13) "invalid_grant"
}
Since the documentation specifically tells me grant_type should be set
to 'password', I'm pretty stuck on this.
Anyone have any experience with authenticating a user with
access_token requests?
Ed
https://disqus.com/api/oauth/2.0/access_token/
I've learned that the documentation is incorrect in that it specifies
the request as GET when it has to be POST.
However, after switching to POST, I get an invalid_grant error when
attempting to authenticate a user:
My Request:
grant_type=password&client_secret=(SECRET)&client_id=(PUBLIC)&username=(USERNAME)&password=(PASSWORD)
The Response:
array(2) {
["error_description"]=>
string(30) "Unallowed grant type: password"
["error"]=>
string(13) "invalid_grant"
}
Since the documentation specifically tells me grant_type should be set
to 'password', I'm pretty stuck on this.
Anyone have any experience with authenticating a user with
access_token requests?
Ed
Ed Burns
Dec 21, 2011, 1:41:00 PM12/21/11
to Disqus Developers
Ahh...didn't notice this part:
Certain applications may not have full access to a standard web-style
authorization flow. This is ideal for desktop and mobile applications.
Given this, we also support authorization by requesting the client's
username and password. This type of flow is restricted to approved
applications only, so you must request access first.
Requires approval first.
On Dec 21, 11:33 am, Ed Burns <ed.blogres...@gmail.com> wrote:
> Trying to authenticate a user viahttps://disqus.com/api/oauth/2.0/access_token/
Certain applications may not have full access to a standard web-style
authorization flow. This is ideal for desktop and mobile applications.
Given this, we also support authorization by requesting the client's
username and password. This type of flow is restricted to approved
applications only, so you must request access first.
Requires approval first.
On Dec 21, 11:33 am, Ed Burns <ed.blogres...@gmail.com> wrote:
> Trying to authenticate a user viahttps://disqus.com/api/oauth/2.0/access_token/
Marcor
Jul 3, 2012, 10:18:16 AM7/3/12
to disqu...@googlegroups.com
I've the same problem:
{"error_description": "Unallowed grant type: password", "error": "invalid_grant"}
How can I require the approval?
David Cramer
Jul 3, 2012, 10:20:11 AM7/3/12
to disqu...@googlegroups.com
Send me the following (da...@disqus.com):
- Application summary (what it is)
- Reason for wanting to use password auth (vs other auth)
- Information on yourself or the company that the application is being developed on behalf of.
Reply all
Reply to author
Forward
0 new messages