Token API (/oauth/token) does not return ORCID Id and Access Token

[nagesh madale]

Hi Team,

I need to login my app using ORCID.

As per ORCID API integration document (https://members.orcid.org/api/tutorial/read-orcid-records),

below API returning ‘code’:

               

https://sandbox.orcid.org/oauth/authorize?client_id=[Your client ID]&response_type=code&scope=/read-limited&redirect_uri=[Your landing page]

 

And using the same 'code', below API should return the researcher’s authenticated ORCID iD and an access token:

 

  URL=https://sandbox.orcid.org/oauth/token

  HEADER: Accept: application/json

  METHOD: POST

  DATA:

    client_id=[Your client ID]

    client_secret=[Your client secret]

    grant_type=authorization_code

    code=Six-digit code

    redirect_uri=[Your landing page]

               

However its returning response as:

{

    "error": "unauthorized",

    "error_description": "An Authentication object was not found in the SecurityContext"

}

 

Kindly let me know if I need membership to get such public data/details using ORCID API.

 

If yes, Please share the cost details also.

Can we setup a call for the same. 

Regards,

Nagesh Madale 

[Wilmers, Catalina]

Hi Nagesh,

You do not need an ORCID membership to access public information on an ORCID record. You can use the free Public API, instructions on how to register for Public API credentials are at https://support.orcid.org/hc/en-us/articles/360006897174-Register-a-public-API-client-application With the public API you will need to change your scope from '/read-limited' to '/authenticate' which will let you get the ORCID iD and make read requests for public data.

For the error you are seeing, usually that error happens when the data you are sending isn't being received by ORCID. I'd suggest checking how you are posting the data to make sure it is being sent correctly. If you can share the actual code you're using to exchange the authorization code we can take a look as well and see if we can spot what is going wrong.

Best,

-Catalina

--
You received this message because you are subscribed to the Google Groups "ORCID API Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to orcid-api-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/orcid-api-users/17711494-af42-49f2-9a6c-8a5ca54527df%40googlegroups.com.

[nagesh madale]

Hi Catalina,

Thanks you for your response.

I have attached screenshot of request I made using Postman:Oauth_API_Error.JPG.

I received code using 'https://orcid.org/oauth/authorize' API, and same code I used to get further details.

I do not understand why it is giving me 'unauthorized' error.

Kindly suggest.

Regards,

Nagesh Madale.

To unsubscribe from this group and stop receiving emails from it, send an email to orcid-a...@googlegroups.com.

[Wilmers, Catalina]

Hi,

I think the issue is with your Postman setup. Try switching the data type to "x-www-form-urlencoded" and see if that works- that's solved similar issues for other Postman users in the past. When set to form-data the data isn't getting passed to ORCID, and we return the error as since our API is seeing a request without any data in it.

Best,

-Catalina

To unsubscribe from this group and stop receiving emails from it, send an email to orcid-api-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/orcid-api-users/1511a963-ae70-42c9-af63-4015589ffc39%40googlegroups.com.

[nagesh madale]

Hi Catalina,

Thank you.

By switching the data type to "x-www-form-urlencoded" worked for me. I got the required data.

Regards,

Nagesh Madale.

To view this discussion on the web visit https://groups.google.com/d/msgid/orcid-api-users/1511a963-ae70-42c9-af63-4015589ffc39%40googlegroups.com.