Can't create an authorization code | Community
Skip to main content
Answered

Can't create an authorization code

  • November 30, 2022
  • 6 replies
  • 293 views
Yuriy
Forum|alt.badge.img+1

Hi there, guys!

I’m trying to set up an API connection with Videoask. I've registered a new dev app to use live tokens. But can’t get a temporary authorization code due to these errors:

 “Error getting the bot detection challenge. Please contact the system administrator”

“{"crossDomain":true,"method":"POST","url":"https://auth.videoask.com/co/authenticate"}” 

So I’m sending https://auth.videoask.com/authorize get request and it returns an html. But when I’m previewing this page these errors above occured. Seems when I click Login that should redirect me with URL contained auth code as a parameter but it doesn’t work :( I’m using the same credentials as for the account where the app was created

Can anybody help with that?

 

 

Best answer by andrew_videoask

Hi @Yuriy, you actually want to make that request directly in your browser.

If you try to make that request through something like the command line, an IDE, or Postman, it will give you an error.

Simply replace the client_id and redirect_uri parameters in this URL:

https://auth.videoask.com/authorize?response_type=code&audience=https://api.videoask.com/&client_id={your_client_id}&scope=openid%20profile%20email&redirect_uri=https://your-example-app.com/callback

Then paste that URL into your browser’s address bar. Once you do so, you should be able to log into/authenticate your VideoAsk account and see the authorization code.

Keep in mind that only you, as the account owner, need to do this when you’re first setting up your app. Your end users will never need to go through this process. 

I hope this helps, and let us know if you have any further questions!

View original
V
1 person likes this
  • V
    Vony Odette

6 replies

andrew_videoask
Typeform
Forum|alt.badge.img+5

Hi @Yuriy, you actually want to make that request directly in your browser.

If you try to make that request through something like the command line, an IDE, or Postman, it will give you an error.

Simply replace the client_id and redirect_uri parameters in this URL:

https://auth.videoask.com/authorize?response_type=code&audience=https://api.videoask.com/&client_id={your_client_id}&scope=openid%20profile%20email&redirect_uri=https://your-example-app.com/callback

Then paste that URL into your browser’s address bar. Once you do so, you should be able to log into/authenticate your VideoAsk account and see the authorization code.

Keep in mind that only you, as the account owner, need to do this when you’re first setting up your app. Your end users will never need to go through this process. 

I hope this helps, and let us know if you have any further questions!

If you can dream it, you can do it!
john.desborough
Grace
Yuriy
3 people like this
  • john.desborough
    john.desborough
  • Grace
    Grace
  • Yuriy
    Yuriy
Yuriy
Forum|alt.badge.img+1
  • Yuriy
  • Author
  • Explorer
  • 10 replies
  • November 30, 2022

@andrew_videoask Ohh really! Thank you so much! 

I was confused by documentation 

 

andrew_videoask
Typeform
Forum|alt.badge.img+5

@Yuriy The previous paragraph mentions that the request should be made through a browser, though I definitely understand your confusion!

Thanks for your feedback. I hope we can update the authentication documentation soon to make it more user-friendly 🙂

If you can dream it, you can do it!
Yuriy
1 person likes this
  • Yuriy
    Yuriy
Yuriy
Forum|alt.badge.img+1
  • Yuriy
  • Author
  • Explorer
  • 10 replies
  • November 30, 2022

@andrew_videoask Yeah, thanks!

andrew_videoask
1 person likes this
  • andrew_videoask
    andrew_videoask
Fork
  • Fork
  • Navigating the Land
  • 1 reply
  • October 10, 2023

@andrew_videoask I think the docs could be worded better, especially around refresh_token: I ended up having to use Auth0 docs directly: https://auth0.com/docs/secure/tokens/refresh-tokens/get-refresh-tokens

For anybody coming across this, here is the flow if you need a refresh token that can mint new access tokens:

  1. You authorise your app in the browser
    https://auth.videoask.com/authorize?response_type=code&audience=https://api.videoask.com/&client_id=${your_client_id}&scope=openid%20profile%20email%20offline_access&redirect_uri=${your_redirect_url}

    You should receive a code parameter in the querystring of the callback
     
  2. You then need to make a POST to the token endpoint once 
    curl --request POST \
  --url 'https://auth.videoask.com/oauth/token' \
  --header 'content-type: application/x-www-form-urlencoded' \
  --data grant_type=authorization_code \
  --data 'client_id={yourClientId}' \
  --data 'client_secret={yourClientSecret}' \
  --data 'code={yourCodeFromPreviousStep}' \
  --data 'redirect_uri={https://yourApp/callback}'
    In this response, you should see the refresh_token which can be used for asynchronous, long-term access

My reading of the docs is that it sounds like you’ll get the refresh_token in the response to the offline_access scoped authorize call – you won’t.

  1.  

Grace
1 person likes this
  • Grace
    Grace
Grace
Community Team
Forum|alt.badge.img+5
  • Grace
  • Community Advocate
  • 2609 replies
  • October 11, 2023

Hey @Fork thank you so much for sharing this, I’m sure people trying to navigate the API docs will appreciate your help and I will be passing this onto the team to review as we continue to update the API and documentation 🙏

If cauliflower can become pizza, you my friend can do anything

Reply


Still need help?

Don't be shy and ask the community.

Ask your question here!
Community T&Cs