Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Webhook OAuth - How do I exchange a webhook authorization code for an access token?

Tags:

I'm trying to use the oauth approach of adding webhooks to channels within Discord. The workflow is that a user authenticates with my application using OAuth. Then I redirect them to:

ApiClient::API_URL.'/oauth2/authorize?client_id='.Discord::appKey().'&scope=webhook.incoming&redirect_uri='.urlencode($webhookCallback->callbackUrl()).'&response_type=code');

The redirect URL works because it does allow the OAuth'd user to choose a server/channel.

When you exchange the authorization code for an access token, the token response will contain the webhook object:

I'm using the following request to try to convert the authorization code into an access token with no luck:

    $client = new Client();
    $response = $client->post('https://discordapp.com/api/oauth2/token', [
        'headers' => [
            'Accept' => 'application/json'
        ],
        'form_params' => [
            'grant_type' => 'authorization_code',
            'client_id' => env('DISCORD_APP_KEY'),
            'client_secret' => env('DISCORD_APP_SECRET'),
            'redirect_uri' => url('/discord/webhook-authorized'),
            'code' => $request->get('code')
        ],
    ]);

The response I get from the API is:

Client error: `POST https://discordapp.com/api/oauth2/token` resulted in a `401 UNAUTHORIZED` response:
{"error": "access_denied"}

What grant type do I need to complete this request?

like image 364
Webnet Avatar asked Jun 10 '17 20:06

Webnet

People also ask

What can you do with a webhook token?

Webhook Tokens are unique authentication keys specific to a user. They are used to authenticate incoming webhook calls to any Cliq platform component. Each user can generate a maximum of 5 Webhook Tokens. The webhooks API allows your Cliq platform component to subscribe to events from other third-party applications.

How can I get access token authorization code?

The authorization code grant is used when an application exchanges an authorization code for an access token. After the user returns to the application via the redirect URL, the application will get the authorization code from the URL and use it to request an access token.

How do I get webhook token?

You can obtain the webhook id by looking at its link, the number after https://discord.com/api/webhooks/ is the id , and the part after that is the token .

1 Answers

'grant_type' => 'authorization_code',

needed to be

'grant_type' => 'client_credentials',

like image 60
Webnet Avatar answered Oct 11 '22 17:10

Webnet
Sign in to Comment

Related questions

Grouping and comparing groups using pandas
How to flatten a memoryview?
Yocto fido ->morty update dnsmasq NO GNU_HASH
Why is app name not showing in Toolbar in android?
How to retrieve a Bearer Token from an Authorization Header in JavaScript (Angular 2/4)?
Any idea on how to get this id from the conversation between attendee and bot?
Header can't pass in ajax using cross domain
Angular HTML5Mode - Rewrite rule
Nativescript + iOS webview + local files
Auth0 Lock Component not showing in React with container option
Can the Firefox DevTools Inspector highlight be made sticky?
How to persist data in a Docker .NET Core Web app?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!