pat
April 18, 2016, 5:35am
1
I might be doing something wrong, however when I try to Authenticate following these steps:
I POST to: https://[key]:[secret]@api.transport.nsw.gov.au/auth/oauth/v2/token?grant_type=client_credentials&scope=user
But receive this is return:
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Body>
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring>Policy Falsified</faultstring>
<faultactor>https://api.transport.nsw.gov.au/auth/oauth/v2/token?grant_type=client_credentials&scope=user</faultactor>
<detail>
<l7:policyResult status="Assertion Falsified" xmlns:l7="http://www.layer7tech.com/ws/policy/fault"/>
</detail>
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>
Any advice, or a link to some docs?
Thanks
1 Like
I had a look at your application settings and they look OK. What happens when you use the Explore API for your application?
Apologies.
Actually that appears to be the case for some Chrome Advance Client and Firefox apps only. I have found using the curl command line without an issue.
curl -X POST "https://<key>:<secret>@api.transport.nsw.gov.au/auth/oauth/v2/token?scope=user&grant_type=client_credentials"
Original reply.
It would appear that you need to add a header of a Base64 encoding of api_key:secret
instead of using what is in the document.
i.e
Authorization: Basic YXBpX2tleTpzZWNyZXQ=
1 Like
pat
April 20, 2016, 8:02am
4
It appears your finding with eh Chrome Advance Clients holds true. Authentication fails in Postman due to it being a Chrome app.
Interesting discovery!
Thanks for your help
1 Like
tengis
June 5, 2016, 11:21am
5
Hi there,
Some how i’m experiencing same issue too.
tried curl & python etc …
it says The given client credentials were not valid
but my client id and shared secret both correct
ping @yvonne.lee
since you are explicitly asking… I will see what I can find out here… although I had thought (and hoped!) @Nirving had provided the answer.
Hi,
I tried @Nirving 's answer as well all same
Thanks
Hi @tengis
Let me preface to say that I’m not a developer (hence why we have this forum so the lovely people who are developers can help each other!)
But can you do the following
sign in
create an app
add the APIs you need for that app
go to API Explorer
choose the API and App/API Key
Choose OAuth2 as the auth type
Choose Client Credentials
API Key and Shared secret are prepopulated for you
Type in “user” to the Scope
add in the Token Endpoint (use this one https://api.transport.nsw.gov.au/auth/oauth/v2/token if you don’t have one)
Choose the API endpoint
Click on Submit
Grab the curl command and run it
Remember to run it whilst you still have authorisation (ie don’t walk away and come back to do it as it times out)
If still not working… send me a screenshot via a private/direct message and we’ll see what we can find.
@nirving @pat if either of you can provide us with words or how to update our documentation we are happy to do so for clarity
Wanted to close this one out as Tengis is now up and running. It was setting up the App itself that had an anomaly.