orcid public api integration

[Musaddique J Sanderwale]

Hello team,

I am trying to integrate orcId public apis for getting user's profile

I have followed following steps :  

1) I am hitting auth url :

e.g "https://orcid.org/oauth/authorize?client_id=<client_id>&response_type=code&scope=/authenticate&redirect_uri=http://peren.com:8080/Spring_Security/orcid/callback"

2) User is prompted with a page where he enters his credentials and authorizes to share the details. Then i am trying to create token by below code

PFB java code for post request for getting token

String code=request.getParameter("code");

HttpClient httpClient = new HttpClient();

PostMethod postRequest = new PostMethod("https://pub.orcid.org/oauth/token");

postRequest.addParameter("scope", "/read-public");

postRequest.addParameter("grant_type", "authorization_code");

postRequest.addParameter("code", code);

postRequest.addParameter("redirect_uri", callbackURl);

postRequest.addParameter("client_id", linkedinKey);

postRequest.addParameter("client_secret",linkedinSecret);

httpClient.executeMethod(postRequest);

accessTokenJson = postRequest.getResponseBodyAsString();

token response  for above request is

{"access_token":"608fcba2-b74e-47cc-a17c-c236371b4c24","token_type":"bearer","refresh_token":"9198163c-08a9-4669-8ffe-c5b50b9a5997","expires_in":631138518,"scope":"/authenticate","name":"Musa Sanderwale","orcid":"0000-0001-9622-0750"}

In the response that I am receiving, scope is getting modified to  /authenticate however I had sent it  /read-public in request url.

Now using the orcid i am trying to access user_profile by hitting get url

String profileUrl = "http://pub.orcid.org/v1.2/<orcid>/orcid-profile";

GetMethod httpGet=new GetMethod(profileUrl);

httpGet.addRequestHeader("Accept", "application/json");

httpGet.addRequestHeader("Connection", "Keep-Alive");

httpGet.addRequestHeader("Authorization", "Bearer "+accessToken);

httpClient.executeMethod(httpGet);

result = httpGet.getResponseBodyAsString();

here i am getting below error

Response: {"message-version":"1.2","orcid-profile":null,"orcid-search-results":null,"error-desc":{"value":"Security problem : Insufficient or wrong scope [/authenticate]"}}

Please advise on how to get the public profile of an user using orcid Public API.

[Monica Duke]

I think you should not be sending your token for authentication scope with your read-public request. The authenticate and read-public tokens work independently, as explained very well by Catalina some moths ago; you can find her answer in the archives dated 2^nd March I think this will explain

https://groups.google.com/forum/#!topic/orcid-api-users/_gV_UbAGzN0

 

Monica

 

--
You received this message because you are subscribed to the Google Groups "ORCID API Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to orcid-api-use...@googlegroups.com.
To post to this group, send email to orcid-a...@googlegroups.com.
Visit this group at https://groups.google.com/group/orcid-api-users.
For more options, visit https://groups.google.com/d/optout.

Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.

Jisc Services Limited is a wholly owned Jisc subsidiary and a company limited by guarantee which is registered in England under company number 2881024, VAT number GB 197 0632 86. The registered office is: One Castle Park, Tower Hill, Bristol BS2 0JA. T 0203 697 5800.