Sipho Maribo Posted November 21, 2023 Share Posted November 21, 2023 Hi there, Would you know why the return URL after authenticating will be missing a 'state' query string "http://localhost:4200/callback-loader?code=GB%2F8afd163f-884e-47bb-b59d-f0a08794ff41&country=GB" I am definitely sending the state on my callback URL and it looks like this, of course I changed the Client ID: "https://www.sageone.com/oauth2/auth/central?filter=apiv3.1&client_id=myclientId9&response_type=code&redirect_uri=http%3a%2f%2flocalhost%3a4200%2fcallback-loader%3fscope%3dfull_access%26state%3d%7b%22Username%22%3a%22siphomaribo%40myscooter.co.za%22%2c%22AccountingSystemTypeId%22%3a%22550e8400-e29b-41d4-a716-446655440000%22%7d" There surely is something wrong that I am doing? Link to comment Share on other sites More sharing options...
Steel, Mark Posted November 21, 2023 Share Posted November 21, 2023 Hi Sipho, I'm not sure I understand your issue and what it is you are expecting in the response? Are you following the auth guide https://developer.sage.com/accounting/guides/authenticating/authentication/. Could you reference in the guide what you are expecting? The flow is - You send the auth request with the scope and then the redirect takes the user to the sign in. There they will be asked to grant access to the connecting application. If the scope was passed they would see read_only or full_access when they grant the connecting application access. Once they have granted access the auth_code will be returned to your callback URL and then you exchange the auth_code for a set of tokens. On successful exchange tokens will be retuned for the access an refresh tokens. I've included an access token response below which includes the scope. { "access_token": "eyJhbKXQF-nHPIualmhB9QeRhqChs9jMOPtQv3md40eB1KY_SjfwhPCoWkwxZla9DVAgUf2aVKhw_cw3Rr6e1AjT8DrLlz-59IsC_QkibG0QsVkiolKAXljvogCIZacMSpKM4U2H5nDJzkNnHKXZhXQQJEwX5oh8dY4AN-jaucmRIL8XUi5NII1PbFHH-qMPCfQujs0stH3NUfTtSjk7-A4RAI3EwUvOxM2O_G8dz3nSa2yzLumwzDa7gFQeg3sZRbES3wnS_wW122S4DP6OHCkwcUy9MCs6XZlTjZ4sO1dyHHzeFRlxZbLwUE4yPJiIqJEF-Bs7veyL0RoNPYZXMdAVB6kvnfrprEJRL8ogJvPiocApQIM9eO-FDd6LADM", "refresh_token_expires_in": 2678400, "scope": "full_access", "requested_by_id": "2b486e58-632a-a6cd-6ea8-eb5183931ad3" } Thanks Mark Link to comment Share on other sites More sharing options...
Sipho Maribo Posted November 21, 2023 Author Share Posted November 21, 2023 Hi @Steel, Mark thank you for reaching out. Yes, I am following the documentation and on the documentation, there is a query param called "state", according to the documentation, when the callback happens, it should contain THREE query params code, country and the state, but it only contains the code and the country not the state. I use state for validation and if it's null, my code falls over. Link to comment Share on other sites More sharing options...
Sipho Maribo Posted November 21, 2023 Author Share Posted November 21, 2023 Finally figured this out. I was attending the 'state' value in my redirect url instead the Sage url. Link to comment Share on other sites More sharing options...
Steel, Mark Posted November 22, 2023 Share Posted November 22, 2023 Thanks Sipho, I'd been looking into why this wasn't being returned but could not replicate. Thanks Mark Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now