Solved: Invalid scope with Android SDK

shain · ‎10-19-2022

I am trying to integrate WebEx into an existing Android application.
I have registered an application with a custom redirect uri, integrated the SDK and followed the sample to authorize using OAuthWebViewAuthenticator.

To keep it simple, i have added the scopes meeting:schedules_read and meeting:schedules_write during the registration.
I call the authenticator like this:

String scope = "meeting:schedules_read meeting:schedules_write";
OAuthWebViewAuthenticator authenticator = new OAuthWebViewAuthenticator(clientId, clientSecret, scope, redirectUri, email);
authenticator.authorize(binding.webview, result1 -> {

As a result i get an invalid scope error with the description "The requested scope is invalid"

The called url in the log contains this
scope=Identity%3ASCIM%20identity%3Athings_read%20meeting%3Alogin%20meeting%3Aschedules_read%20meeting%3Aschedules_write%20spark%3Aall%20webexsquare%3Aget_conversation%20spark%3Akms

Is there an error in how i define the scope string for the authenticator?

Janos Benyovszki · ‎10-24-2022

@shain okay, not sure why you are not able to repeat the successful login for a second time, might be some cache issue. Would you mind testing the Android KitchenSink app https://github.com/webex/webex-android-sdk-example and checking if you are able to do a login there 2 times in a row? In order to test that you would only need your new mobile integration details, but it would help determine if the issue is with the integration or something else.

View solution in original post

Janos Benyovszki · ‎10-24-2022

@shain okay, not sure why you are not able to repeat the successful login for a second time, might be some cache issue. Would you mind testing the Android KitchenSink app https://github.com/webex/webex-android-sdk-example and checking if you are able to do a login there 2 times in a row? In order to test that you would only need your new mobile integration details, but it would help determine if the issue is with the integration or something else.

shain · ‎10-24-2022

Hi Janos,

I have installed both the sample and my implementation on a new device.
I can login using the KitchenSink sample, which was not possible with the "old" app registration, and the login is now also successful in my implementation. I can retrieve the token from the authenticator.

Thanks again for your help, i'll begin to check out the possibilities of the sdk now.

shain · ‎10-23-2022

Hi Janos,

thank you for your help. It seems i did indeed something wrong when created the app registration, using the link from the wiki it created a "mobile integration" without asking for scopes. I replaced the client id/secret in my test implementation.

The first test worked, after logging in in the web view i got asked to grant permissions to my app and got a successful login in the code callback. The custom redirect uri was not called, as far as i know a web view cannot call a custom redirect uri?

However, i am not able to repeat that. Logging in a second time leads to the same error as before, the redirect uri is called with error invalid_scope and error_description "The requested scope is invalid"

Following https://github.com/webex/webex-ios-sdk/wiki/Basic-Usage i set the scope parameter to "spark:all" for the OAuthWebViewAuthenticator, but also tried leaving it empty to no avail.

Janos Benyovszki · ‎10-21-2022

@shain scopes are not really relevant for a mobile integration, if you configure them correctly. In fact, you shouldn't be able to select them if you choose the correct application type. If you are planning to use your app with the Android SDK, you will need to create the integration using the mobile SDK option when you create it:

Please also check the resources here, that will get you started with the Android SDK: https://github.com/webex/webex-android-sdk/wiki