Norman Firkins Posted August 1, 2021 Share Posted August 1, 2021 Hi there, I am new to sage APIs, but I have worked with OAuth2.0 before. I keep getting the following error when requesting an access token: "The auth code you transmitted has an unexpected format". Here is my request below: url = 'https://oauth.accounting.sage.com/token' payload = {'client_id': client_id, 'client_secret': client_secret, 'grant_type': 'authorization_code', 'code': accesstoken, 'redirect_uri': redirect_uri, 'code_verifier': code_verifier } files = [] headers = { 'Content-Type': 'application/x-www-form-urlencoded' } response = requests.request("POST", url, headers=headers, data=payload) This is the response I get: {'$dataCode': 'DataParsingError', '$message': 'The auth code you transmitted has an unexpected format.', '$severity': 'error', '$source': 'Proxy'} Link to comment Share on other sites More sharing options...
Administrators Ben Smith Posted August 2, 2021 Administrators Share Posted August 2, 2021 Hi Norman, Welcome to the community 🙂 The Accounting API uses OAUTH 2.0 with an authorization code grant type, which requires 2 stages to obtain a valid access token. The initial step is to make an authorization request to https://www.sageone.com/oauth2/auth/central?filter=apiv3.1 You must include with this request the 'client_id', the 'response_type' of 'code' and your 'redirect_url'. It is this initial stage that prompts the user to authenticate with their Accounting credentials and authorize your app to access their business data. Once complete, they are redirected back to the specified callback URL along with an authorization code you require for the step you specified above. Obtain the authorization code from the URL, and then you can specify it as the value of 'code' in the payload you included above (where you now have an 'accesstoken' variable). This will provide you with a response, returning the access_token, refresh_token etc. We have a full guide on the steps required which can be found here: Authentication | Sage Developer I hope this helps, Ben Link to comment Share on other sites More sharing options...
Norman Firkins Posted August 2, 2021 Author Share Posted August 2, 2021 Hi Ben, Yes I have already gained an authorization code successfully, and I passed it with the request for an access token. I got the code from the url that was returned from the successful sign in to sage. I am still getting an issue with the format of the code. Thank you Link to comment Share on other sites More sharing options...
Administrators Ben Smith Posted August 3, 2021 Administrators Share Posted August 3, 2021 Hi Norman, So in the payload here: payload = {'client_id': client_id, 'client_secret': client_secret, 'grant_type': 'authorization_code', 'code': accesstoken, 'redirect_uri': redirect_uri, 'code_verifier': code_verifier } You're passing the authorization code as the value of your 'accesstoken' variable? If so, what type is the accesstoken variable? Ben Link to comment Share on other sites More sharing options...
Faycal Guemara Posted August 3, 2021 Share Posted August 3, 2021 Hello, I am using Sage Compta et Facturation, the french version of SageOne. Is it the same process to obtain a token ? Thanks in advance for your help ! Link to comment Share on other sites More sharing options...
Steel, Mark Posted August 4, 2021 Share Posted August 4, 2021 Hi Faycal, thank you for your question. Sage Compta et Facturation is the French version of Sage Cloud Accounting and is compliant with API v3.1. The auth process is the same for this version as that mentioned in this thread previously. Please let us know if you require any further support. Thanks Mark Link to comment Share on other sites More sharing options...
Customer Centric Posted November 26, 2021 Share Posted November 26, 2021 Hi Mark, I'm having similar error: I'm getting the authorization code, trading with the token code. Then, doing a get request with the token received before and getting the error below: [{'$severity': 'error', '$dataCode': 'BadRequest', '$message': 'Authorization header has incorrect format', '$source': ''}] def contact(): token_info = session.get('TOKEN_INFO') r = requests.get(url_query_business, headers= {'Authorization': token_info}) data = r.json() return render_template('Contact.html', data=data) Any idea? I'm a little stuck here. Thanks Link to comment Share on other sites More sharing options...
Steel, Mark Posted November 29, 2021 Share Posted November 29, 2021 HI, apologies I missed your question. If you can post the request including the headers you are making I'll take a look. Make sure you don't share any of your developer credentials, client_id, client_secret etc. Thanks Mark Link to comment Share on other sites More sharing options...
Customer Centric Posted December 1, 2021 Share Posted December 1, 2021 Hi Mark, sure! It's python though: def contact(): token_info = session.get('TOKEN_INFO') r = requests.get(url_query_business, headers= {'Authorization': token_info}) data = r.json() return render_template('Contact.html', data=data) url_query_business = 'https://api.accounting.sage.com/v3.1/businesses/lead' ## The header only includes the token. Thanks for any light you can share with me. Thanks, Leo Link to comment Share on other sites More sharing options...
Steel, Mark Posted December 2, 2021 Share Posted December 2, 2021 Hi Leo Thanks for the request. Have you been able to use the access_token returned in POSTMAN to make the same request? It appears that it is the format of the request that is incorrect. You'll need to ensure you're setting the authorization type as Bearer when sending the access_token in the header. Let me know how you get on. Thanks Mark Link to comment Share on other sites More sharing options...
Customer Centric Posted December 10, 2021 Share Posted December 10, 2021 On 12/2/2021 at 9:05 AM, Steel, Mark said: Hi Leo Thanks for the request. Have you been able to use the access_token returned in POSTMAN to make the same request? It appears that it is the format of the request that is incorrect. You'll need to ensure you're setting the authorization type as Bearer when sending the access_token in the header. Let me know how you get on. Thanks Mark Thanks Mark, was sending the token without the 'Bearer' before the Token. Thanks for your support. Link to comment Share on other sites More sharing options...
Daoud Hadi Posted January 10, 2022 Share Posted January 10, 2022 Hi there, I'm not sure whether "Norman Firkins" issue (first message) was resolved, but I'm facing the same issue. I've authorized my app to gain access and obtained the authorization code from the specified callback URL (an example code is shown below). This however results in an error saying "The auth code you transmitted has an unexpected format." Not sure where Im going wrong, can anyone help? code = 'GB%2F20cc2677-d838-47e1-a197-e914679d0222' r = requests.post(URL, headers = headers, data = {'grant_type': 'authorization_code', 'client_id':client_id, 'client_secret':client_secret, 'redirect_uri':redirect_uri, 'code':code}) Link to comment Share on other sites More sharing options...
Steel, Mark Posted January 11, 2022 Share Posted January 11, 2022 Hi Daoud, thank you for your question. I believe Norman was able to exchange the auth_code for an access_token after setting the header parameter Content-Type: application/x-www-form-urlencoded and ensuring the auth_code was proceeded with the grant_type of Bearer. Are you sending Content-Type: application/x-www-form-urlencoded as a header parameter and adding the grant_type "Bearer" to the code value(Bearer GB%2F20cc2677-d838-47e1-a197-e914679d0222)? Thanks Mark Link to comment Share on other sites More sharing options...
Joshua Press Posted January 24, 2022 Share Posted January 24, 2022 (edited) Hi, I have the exact same issue, when exchanging code for access token: https://oauth.accounting.sage.com/token Content-type: application/x-www-form-urlencoded Grant_type: 'authorization_code' Access token from redirect URI: ?code=GB%2F89cf3e2b-4cf8-46e4-80e3-47828e6dd542&country=GB I've already tried with, for the parameter "code": '89cf3e2b-4cf8-46e4-80e3-47828e6dd542' 'GB%2F89cf3e2b-4cf8-46e4-80e3-47828e6dd542' 'Bearer GB%2F89cf3e2b-4cf8-46e4-80e3-47828e6dd542' 'Bearer 89cf3e2b-4cf8-46e4-80e3-47828e6dd542' But all return the following error: "The auth code you transmitted has an unexpected format." I've also tried to URL Encode all parameters, still not working. Any ideas? Edited January 24, 2022 by Joshua Press Link to comment Share on other sites More sharing options...
Steel, Mark Posted January 25, 2022 Share Posted January 25, 2022 Hi Joshua, thank you for your question. Could you confirm the following please? You're making a POST request to https://oauth.accounting.sage.com/token containing: Header param of Content-type: application/x-www-form-urlencoded And Body Params made up of: client_id client_secret code grant_type redirect_uri Have you been able to authenticate in a web client tool such as Postman? Link to comment Share on other sites More sharing options...
Joshua Press Posted January 25, 2022 Share Posted January 25, 2022 1 hour ago, Steel, Mark said: Hi Joshua, thank you for your question. Could you confirm the following please? You're making a POST request to https://oauth.accounting.sage.com/token containing: Header param of Content-type: application/x-www-form-urlencoded And Body Params made up of: client_id client_secret code grant_type redirect_uri Have you been able to authenticate in a web client tool such as Postman? Hi Steel, Mark, thanks for your answer. Yes. It is a POST request to: https://oauth.accounting.sage.com/token Content-type: application/x-www-form-urlencoded Body Params as your refered, yes. Tried both with params URL encoded and normal. I'm using Postman, that's where I'm getting the error. I'm not really sure about what I could try more. Link to comment Share on other sites More sharing options...
Joshua Press Posted January 25, 2022 Share Posted January 25, 2022 Just fixed the problem. The problem was that I was using the code exactly as it came from the URL (encoded): GB%2Fxxxxxxxxxxxxxxx and that does not work. I've decoded the code, becoming something like: GB/xxxxxxxxxxxx and now it works. An easy fix actually, but I've overlooked it. Since this seems to be an often asked question, I hope this may help someone save a few hours. Link to comment Share on other sites More sharing options...
Steel, Mark Posted January 25, 2022 Share Posted January 25, 2022 Thanks Joshua We'll update the docs to highlight this also. Mark 1 Link to comment Share on other sites More sharing options...
dx change Posted July 7, 2022 Share Posted July 7, 2022 Hi , {'$dataCode': 'DataParsingError', '$message': 'The auth code you transmitted has an unexpected format.', '$severity': 'error', '$source': 'Proxy'} if any one getting this error ? Sol:- you need to decode the code before using for token request.below link is useful for decode the code. https://meyerweb.com/eric/tools/dencoder/ Link to comment Share on other sites More sharing options...
Team Paul Posted February 16 Share Posted February 16 Hi, {"$severity":"error","$dataCode":"DataParsingError","$message":"The data you sent could not be processed.","$source":"Proxy"} I am getting this error Link to comment Share on other sites More sharing options...
Steel, Mark Posted February 20 Share Posted February 20 Hi - this message is generally returned during the exchange of the auth_code for the tokens. It is usually because you have not correctly URL encoded the body params you're passing. Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now