This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Community Hub Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Oauth token 404 response

Go to solution
DennisParker
Shkhara

‎08-30-2023 03:17 AM - edited ‎08-30-2023 03:20 AM

I am setting up oAuth flow in postman and all works ok until it calls the token URL at which point it fails with a 404 as per the below. If anyone has some ideas on this help would be much appreciated:

 

POST https://www.strava.com/api/v3/token
 137 ms
  • Network
    ▶Request Headers
    Content-Typeapplication/x-www-form-urlencoded
    AuthorizationBasic MTEyOTM1OmIyOTUxMjZiYmIwYTBkZThkNzVjNDdkYWMwZDc3NDJkYTI1ZWIzZDY=
    User-AgentPostmanRuntime/7.32.3
    Accept*/*
    Cache-Controlno-cache
    Postman-Token5338b39b-26c7-4e29-8522-37083712d01d
    Hostwww.strava.com
    Accept-Encodinggzip, deflate, br
    Connectionkeep-alive
    Content-Length133
    Cookie_strava4_session=oi9vk4mpurrq5ere7c9msr25p75menc6
    • Request Body
      1.  grant_type: "authorization_code"
      2.  code: "e2632985384fd78ff6d482d42fedb3cfcb20cf7d"
      3.  redirect_uri: "https://oauth.pstmn.io/v1/callback"
        ▶Response Headers
        Content-Typeapplication/json; charset=utf-8
        Transfer-Encodingchunked
        Connectionkeep-alive
        DateWed, 30 Aug 2023 10:06:54 GMT
        Via1.1 linkerd, 1.1 linkerd, 1.1 b66a7470c341bb8edfe0c35c17d6e508.cloudfront.net (CloudFront)
        VaryAccept, Origin
        Pragmano-cache
        Servernginx/1.21.3
        Status404 Not Found
        ExpiresSat, 01 Jan 2000 00:00:00 GMT
        X-Request-Id2d3b4acd-92e4-4ae0-b73b-998df6d7566e
        Cache-Controlno-store
        Referrer-Policystrict-origin-when-cross-origin
        X-Frame-OptionsDENY
        Content-Encodinggzip
        X-XSS-Protection1; mode=block
        X-Download-Optionsnoopen
        X-Content-Type-Optionsnosniff
        X-Permitted-Cross-Domain-Policiesnone
        X-CacheError from cloudfront
        X-Amz-Cf-PopLHR61-P6
        X-Amz-Cf-IdyxmqCjPngWgMsfn1LESnVmE6P06ov6HJP6ezzQb47QpanmmRxZVjjQ==
        ▶Response Body
        {"message":"Record Not Found","errors":[{"resource":"resource","field":"path","code":"invalid"}]}
      4.  
      5.  
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
DennisParker
Shkhara
In response to Jan_Mantau

‎08-31-2023 03:13 AM - edited ‎08-31-2023 03:15 AM

Correcting this reply - I see that your are correct - investigating - thanks for the pointer

 

The client_id and client_secret are passed to the authorize call which returns successfully with the code that you see in the request body. The token call does not take the client_id and client_secret but rather the code that is generated from the authorize call which is returned after the user has successfully entered a userid and password based on the oAuth challenge. 

 

 

 

View solution in original post

0 Kudos
6 REPLIES 6

Go to solution
Jan_Mantau
Denali

‎08-31-2023 03:09 AM

Your client_id and client_secret are missing from the request body.

0 Kudos

Go to solution
DennisParker
Shkhara
In response to Jan_Mantau

‎08-31-2023 03:13 AM - edited ‎08-31-2023 03:15 AM

Correcting this reply - I see that your are correct - investigating - thanks for the pointer

 

The client_id and client_secret are passed to the authorize call which returns successfully with the code that you see in the request body. The token call does not take the client_id and client_secret but rather the code that is generated from the authorize call which is returned after the user has successfully entered a userid and password based on the oAuth challenge. 

 

 

 

0 Kudos

Go to solution
DennisParker
Shkhara
In response to DennisParker

‎08-31-2023 03:22 AM

This solved the problem - please note in postman you need to do additional advanced configuration in hte oAuth config to pass the client_id and client_scret to the token call. You can see a screen shot of that configuration below. This is interesting as this data is already passed to the authorize api call and I am not sure why the token call needs this data again. However once you configure these the oAuth calls will work correctly

DennisParker_0-1693477299486.png

Thanks Jan_Mantau for helping me through this investigation

Go to solution
DennisParker
Shkhara

‎08-31-2023 02:38 AM

Thanks Jan_Mantau - I changed to your suggested URL and here is the result. Error code has changes from a 403 to a 400 - but still not working. I have verfied that the client-id and secret are correct and this works in the playground but not in postman using the oAuth flow

 

DennisParker_0-1693474661012.png

 

0 Kudos

Go to solution
Jan_Mantau
Denali

‎08-31-2023 02:11 AM

The correct URL for getting the tokens is https://www.strava.com/api/v3/oauth/token

0 Kudos

Go to solution
DennisParker
Shkhara

‎08-30-2023 03:19 AM - edited ‎08-30-2023 03:21 AM

URL verified and problem still exists. Any help appreciated

0 Kudos
Ready, Get Set, Go!

Welcome to the Community - here is your guide to help you get started!


Know how to use Community


Understand Community Settings

Copyright © 2024 Khoros, LLC