Jump to content

Issue with oauth2.0 access token


 Share

Recommended Posts

Hi there,

I am new to sage APIs, but I have worked with OAuth2.0 before. I keep getting the following error when requesting an access token: "The auth code you transmitted has an unexpected format".

Here is my request below:

url = 'https://oauth.accounting.sage.com/token'
    payload = {'client_id': client_id,
               'client_secret': client_secret,
               'grant_type': 'authorization_code',
               'code': accesstoken,
               'redirect_uri': redirect_uri,
               'code_verifier': code_verifier
               }
    files = []

    headers = {
        'Content-Type': 'application/x-www-form-urlencoded'
    }
    response = requests.request("POST", url, headers=headers, data=payload)

This is the response I get:

{'$dataCode': 'DataParsingError',
 '$message': 'The auth code you transmitted has an unexpected format.',
 '$severity': 'error',
 '$source': 'Proxy'}

 

Link to comment
Share on other sites

  • Administrators

Hi Norman,

Welcome to the community 🙂

The Accounting API uses OAUTH 2.0 with an authorization code grant type, which requires 2 stages to obtain a valid access token. 

The initial step is to make an authorization request to https://www.sageone.com/oauth2/auth/central?filter=apiv3.1

You must include with this request the 'client_id', the 'response_type' of 'code' and your 'redirect_url'.

It is this initial stage that prompts the user to authenticate with their Accounting credentials and authorize your app to access their business data. Once complete, they are redirected back to the specified callback URL along with an authorization code you require for the step you specified above.

Obtain the authorization code from the URL, and then you can specify it as the value of 'code' in the payload you included above (where you now have an 'accesstoken' variable).

This will provide you with a response, returning the access_token, refresh_token etc. 

We have a full guide on the steps required which can be found here: Authentication | Sage Developer

 

I hope this helps,

 

Ben

Link to comment
Share on other sites

Hi Ben,

Yes I have already gained an authorization code successfully, and I passed it with the request for an access token. I got the code from the url that was returned from the successful sign in to sage. I am still getting an issue with the format of the code.

Thank you

Link to comment
Share on other sites

  • Administrators

Hi Norman,

So in the payload here:

    payload = {'client_id': client_id,
               'client_secret': client_secret,
               'grant_type': 'authorization_code',
               'code': accesstoken,
               'redirect_uri': redirect_uri,
               'code_verifier': code_verifier
               }

You're passing the authorization code as the value of your 'accesstoken' variable? If so, what type is the accesstoken variable?

Ben

Link to comment
Share on other sites

Hi Faycal, thank you for your question.

Sage Compta et Facturation is the French version of Sage Cloud Accounting and is compliant with API v3.1. The auth process is the same for this version as that mentioned in this thread previously.

Please let us know if you require any further support.

Thanks 

Mark

Link to comment
Share on other sites

  • 3 months later...

Hi Mark,

                    I'm having similar error:

I'm getting the authorization code, trading with the token code. Then, doing a get request with the token received before and getting the error below: 

 

[{'$severity': 'error', '$dataCode': 'BadRequest', '$message': 'Authorization header has incorrect format', '$source': ''}]

 

 

def contact():
                        
              token_info = session.get('TOKEN_INFO')
              r = requests.get(url_query_business, headers= {'Authorization': token_info})
              data = r.json()
                       

                     return render_template('Contact.html', data=data) 
 

Any idea? I'm a little stuck here. Thanks

 

 

 

 

Link to comment
Share on other sites

Hi Mark, sure!

It's python though:

 

def contact():
              token_info = session.get('TOKEN_INFO')
              r = requests.get(url_query_business, headers= {'Authorization': token_info})
              data = r.json()
                    return render_template('Contact.html', data=data) 

url_query_business = 'https://api.accounting.sage.com/v3.1/businesses/lead'

 

## The header only includes the token. 

 

Thanks for any light you can share with me.

Thanks,

Leo

 

 

Link to comment
Share on other sites

Hi Leo

Thanks for the request. Have you been able to use the access_token returned in POSTMAN to make the same request?

It appears that it is the format of the request that is incorrect. You'll need to ensure you're setting the authorization type as Bearer when sending the access_token in the header. 

Let me know how you get on.

Thanks

Mark

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share

×
×
  • Create New...