Solved: Re: Getting a token with Oauth, but not for integration

manojmn@cisco.com · ‎08-23-2022

Hello,

I am trying to create a couple of tools to monitor few of the rooms I am part of etc. using cron jobs from my mac or linux box. The user token is available
1. from the website and it expires after 12 hrs and there is no automated way of taking the token out. I need to go to the page and copy it
2. Oauth. What I figured is once I successfully do oauth the first time, the tokens that are received are valid for ever. I saw this being done for other oauth services by providing a dummy redirect url and getting the code out. I tried this mechanism, however the token api fails with
{"message":"POST failed: HTTP/1.1 400 Bad Request (url = https://idbroker.webex.com/idb/oauth2/v1/access_token, request/response TrackingId = ROUTER_6304FAC6-AED4-01BB-0140-AC12DDB50140, error = '(redirect_uri_mismatch) The redirection URI provided does not match a pre-registered value.')","errors":[{"description":"(redirect_uri_mismatch) The redirection URI provided does not match a pre-registered value."}],"error":"redirect_uri_mismatch","error_description":"The redirection URI provided does not match a pre-registered value.","trackingId":"ROUTER_6304FAC6-AED4-01BB-0140-AC12DDB50140"}

I had given the redirect url as http://localhost/, which is there in my integration also. Not sure if I am making a mistake somewhere. Can you please let me know if there is a way to get a token for this kind of a use case?

manojmn@cisco.com · ‎08-25-2022

Ok. I went and regenerated the client secret, hit the url to get the code again in the browser to get the code. Tried with it, it worked! Yaay!
Now I can regenerate any number of tokens using refresh I suppose. So I am good. Saved this info.

Thanks a lot.

View solution in original post

Jeff Marshall · ‎08-25-2022

Yeah, going forward you can use to the refresh token to generate new access tokens.

View solution in original post

yjmungekar · ‎08-24-2022

Hi,

On this webex apps integration page (https://developer.webex.com/my-apps/new/integration), Once you filled all required details and clicked on "Add Integration". On next page you will get OAuth Authorization URL copy this URL and paste in your favorite search engine and press enter you will be asked to enter your webex user email address then you will be shown to accept your integration app. After that in search engine title bar you will get your authorization code. Once you got Authorization code the follow below links steps (https://developer.webex.com/docs/integrations) Requesting permission section. Use POST request. you will get access_token and refresh_token

Thanks

Yogesh Mungekar

manojmn@cisco.com · ‎08-25-2022

This I was aware of. I actually have done multiple oauths before, so generally the procedure is the same

dtibbe · ‎08-23-2022

The token you'd receive via an integration's OAuth flow is not valid forever. But it does ship with a refresh token so that you may renew the access token until infinity. That must be done prior having the refresh or access token expired.

The error message you're receiving indicates that the redirect URL provided for that specific app does not match the one you've provided at your application configuration. Check if http://localhost/ is included in the redirect URL field at https://developer.webex.com/my-apps and that you've provided it in the OAuth link as parameter. If there is a mismatch, you'd receive that message

manojmn@cisco.com · ‎08-25-2022

Yes I confirmed that.

curl -vvvv -X POST -H "Content-type:application/x-www-form-urlencoded" --data client_id=<elided for security> --data client_secret=<elided for security> --data code=<elided for security> --data grant_type=authorization_code --data redirect_uri=http%3A%2F%2Flocalhost%2F https://webexapis.com/v1/access_token

I can give you the secret etc. as well. I am only experimenting right now, so I can destroy and recreate stuff

Jeff Marshall · ‎08-25-2022

When doing to the POST to /access_token to exchange the code for your tokens there is no need to URL encode the redirect_uri since it's being sent in the body of the request. Try changing to just "--data redirect_uri=http://localhost/".

manojmn@cisco.com · ‎08-25-2022

I had actually tried with http://localhost/, it didn't work is when I url encoded it

manojmn@cisco.com · ‎08-25-2022

Ok. I went and regenerated the client secret, hit the url to get the code again in the browser to get the code. Tried with it, it worked! Yaay!
Now I can regenerate any number of tokens using refresh I suppose. So I am good. Saved this info.

Thanks a lot.

Jeff Marshall · ‎08-25-2022

Yeah, going forward you can use to the refresh token to generate new access tokens.