Authorization Code Grant for Oauth

WeedleApp · June 5, 2023, 8:35am

I am currently trying to integrate Oauth into my app and I am following this blog post https://www.netlify.com/blog/2016/10/10/integrating-with-netlify-oauth2/. I can see there is provision for Authorization Code Grant as a server to server security mechanism, which will be best suited for my purposes, but I can’t seem to find any reference on how to use it. I have googled, checked the docs and tried several other things (try and error), but I can’t seem to find any information on how to use this. I’d like a link to a documentation or any reference at all that can point me in the right direction. Thanks

SamO · June 5, 2023, 4:24pm

Can you give this documentation and go and see if that helps.

geopopos · June 30, 2024, 8:47pm

from what i’ve seen it still does not exist

SamO · July 1, 2024, 6:54pm

okay can you provide some information so we can help you? Perhaps describing your issue in more detail?

geopopos · July 1, 2024, 7:22pm

i am attempting to set up a proper oauth flow in my web application.

The application it titled “Custom Lander Creator” under my oauth apps.

My current set up
Link that the user clicks: https://app.netlify.com/authorize?client_id=LN1DhO6Gn--SrOtB_6BP43jYgbhcd5Y7EUUX0tn_epg&response_type=code&redirect_uri=http://localhost:8000/custom_lander/options/netlify_redirect

This successfully takes the user to click authorize on netlify and redirects to my redirect_uri with a code.

SO I believe everything above is working properly.

However when I go to request an access token this is where the issue arises.

I’ve attempted 2 implementations of the access token call (the only different is the redirect_uri, once I tried with an encoded uri, once without to see if that would fix the issue)

code = request.GET.get(“code”)

call the netlify API to get the access token

client_id = settings.NETLIFY_CLIENT_ID
client_secret = settings.NETLIFY_SECRET

redirect_uri = “http://localhost:8000/custom_lander/options/netlify_redirect”

Create the payload

payload = {
‘grant_type’: ‘authorization_code’,
‘code’: code,
‘client_id’: client_id,
‘client_secret’: client_secret,
‘redirect_uri’: redirect_uri
}

Make the POST request

response = requests.post(‘https://api.netlify.com/oauth/token’, params=payload)

The response I get is
{‘error’: ‘invalid_grant’, ‘error_description’: ‘The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.’}

I checked that the code, client_id, client_secret, redirect_uri are all correct and set, but I am still getting this error.

What do I need to change for my implementation?

hrishikesh · July 4, 2024, 2:42pm

Duplicate of: Netlify API Oauth with Authorization Code

Topic		Replies	Views
Netlify API Oauth with Authorization Code Support netlify-api	1	89	July 4, 2024
Oauth application with response_type=code Support authentication	1	779	November 16, 2020
OAuth login flow not working as expected Support authentication , redirects	3	193	January 10, 2024
Scope OAuth2 grant w/ Netlify API Support netlify-api	1	576	October 5, 2020
Hosting the authorization page in an IFRAME? Support authentication , netlify-api	2	1038	October 10, 2020

Authorization Code Grant for Oauth

call the netlify API to get the access token

Create the payload

Make the POST request

Related topics