Omniauth Yahoo Error : OAuth::Unauthorized: 401 Forbidden

Question

For our production application, we set up API on yahoo account. We get consumer key and consumer secret.

When user click to access contacts from yahoo, we get 401 Forbidden error. Omniauth works well for other providers and also works well on staging. It does not work on production. Could anyone know what we are missing?

Answer 1

I solved the problem. It is because the way we register was wrong.

We created a html page on staging to verify. We tested on staging site.

e.g http://staging.myweb.com/ABCDEFG--.html

We got a key after we verified. We used that key for production.

We got error like

OAuth::Problem: consumer_key_rejected

To get yahoo api for production, you have to test in production site directly.

e.g http://myweb.com/ABCDEFG--.html

Here are steps you have to do: (How to register yahoo for OAuth)

1. Put html file in the production and verify
2. Select Read/Write radio button in Contacts tabs, etc under Permission.
3. Consumer key and Consumer secret will change whenever you update your permission.
4. Update your consumer key and consumer secret in your application.

Visit http://developer.yahoo.com/forum/OAuth/consumer-key-rejected/1258200961000-7a8c4082-46eb-3312-9632-a46af8734ad7

After that we still got error.

OAuth::Unauthorized: 401 Forbidden

It may be because of permission in our yahoo setting. The setting may miss something. It may not include Profiles which is under Social Directory. So our app cannot access user's profile and 401 forbidden raise.

To understand OAuth errors codes:

Visit: http://wiki.oauth.net/w/page/12238543/ProblemReporting