Closed ad1txx1 closed 2 weeks ago
seems like you are not using an account id, or not fortnite user auth for that account
seems like you are not using an account id, or not fortnite user auth for that account
i am but i removed it and replace with "accountId" for privacy reasons
also tried to create exchange code (https://account-public-service-prod.ol.epicgames.com/account/api/oauth/exchange) and getting the same error (raw):
{"errorCode":"errors.com.epicgames.common.missing_permission","errorMessage":"Sorry your login does not posses the permissions 'account:oauth:exchangeTokenCode CREATE' needed to perform the requested operation","messageVars":["account:oauth:exchangeTokenCode","CREATE"],"numericErrorCode":1023,"originatingService":"com.epicgames.account.public","intent":"prod"}
seems like you are not using an account id, or not fortnite user auth for that account
i am but i removed it and replace with "accountId" for privacy reasons
also tried to create exchange code (https://account-public-service-prod.ol.epicgames.com/account/api/oauth/exchange) and getting the same error (raw):
{"errorCode":"errors.com.epicgames.common.missing_permission","errorMessage":"Sorry your login does not posses the permissions 'account:oauth:exchangeTokenCode CREATE' needed to perform the requested operation","messageVars":["account:oauth:exchangeTokenCode","CREATE"],"numericErrorCode":1023,"originatingService":"com.epicgames.account.public","intent":"prod"}
i fixed this but still didnt fix this: POST https://fngw-mcp-gc-livefn.ol.epicgames.com/fortnite/api/game/v2/profile/fbec52b969644409a011a18851311dd6/client/common_public
autorization bearer eg1~token (in headers)
payload:
dataP := map[string]interface{}{
"grant_type": "exchange_code",
"exchange_code": respCode.Code,
"token_type": "eg1",
}
error:
{
"errorCode" : "errors.com.epicgames.common.missing_permission",
"errorMessage" : "Sorry your login does not posses the permissions 'fortnite:profile:fbec52b969644409a011a18851311dd6:commands ALL' needed to perform the requested operation",
"messageVars" : [ "fortnite:profile:fbec52b969644409a011a18851311dd6:commands", "ALL" ],
"numericErrorCode" : 1023,
"originatingService" : "fortnite",
"intent" : "prod-live"
}
i also tried using the normal EPIC_BEARER_TOKEN, not eg1 but still doesnt work.
i also tried with an empty payload and still the same error
i also tried using the normal EPIC_BEARER_TOKEN, not eg1 but still doesnt work.
EPIC_BEARER_TOKEN
is used as a cookie, not for normal service authentication.
that perm above shows you are either using the wrong account id (must be your own), are not using fortnite auth.
may share your oauth /token request basic auth.
i also tried using the normal EPIC_BEARER_TOKEN, not eg1 but still doesnt work.
EPIC_BEARER_TOKEN
is used as a cookie, not for normal service authentication.that perm above shows you are either using the wrong account id (must be your own), are not using fortnite auth.
may share your oauth /token request basic auth.
i am using the same account id shown on the epic games personal page (unless we're talking about another account id?), im using the eg1 bearer in headers but still the perm error.
The account is you are using is different from the account you are using to authenticate, that's your issue.
its not, im using the bearer for the same accountId im passing in the API
I mean, the error is very clear, you are doing something wrong.
I mean, the error is very clear, you are doing something wrong.
headersE := map[string]string{
"accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
"accept-encoding": "gzip, deflate, br, zstd",
"accept-language": "en-US,en;q=0.9",
"cache-control": "max-age=0",
"priority": "u=0, i",
"sec-ch-ua": `"Google Chrome";v="129", "Not=A?Brand";v="8", "Chromium";v="129"`,
"sec-ch-ua-mobile": "?0",
"sec-ch-ua-platform": `"Windows"`,
"sec-fetch-dest": "document",
"sec-fetch-mode": "navigate",
"sec-fetch-site": "none",
"sec-fetch-user": "?1",
"upgrade-insecure-requests": "1",
"X-XSRF-Token": xsrfToken,
"user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36",
"Authorization": bearer,
}
reqE, err := http.NewRequest("GET", "https://account-public-service-prod.ol.epicgames.com/account/api/oauth/exchange", nil)
if err != nil {
fmt.Println(err)
}
for k, v := range headersE {
reqE.Header.Set(k, v)
}
if proxyURL != nil {
client.Transport.(*http.Transport).Proxy = http.ProxyURL(proxyURL)
}
respE, err := client.Do(reqE)
if err != nil {
fmt.Println(err)
}
defer func() {
io.Copy(io.Discard, respE.Body)
respE.Body.Close()
}()
contentEncoding2 := respE.Header.Get("Content-Encoding")
bodyStrE, err := decompressBody(respE.Body, contentEncoding2)
if err != nil {
errorss++
}
var respCode Response
err = json.Unmarshal([]byte(bodyStrE), &respCode)
if err != nil {
fmt.Println(err)
}
fmt.Println(respCode.Code)
fmt.Println(bodyStrE)
//fmt.Println(respE.Cookies())
headersP := map[string]string{
"Accept": "application/json, text/plain, */*",
"Accept-Encoding": "gzip, deflate, br, zstd",
"Accept-Language": "en-US",
"Content-Type": "application/json",
"Origin": "https://www.twinmotion.com",
"Priority": "u=1, i",
"Referer": "https://www.twinmotion.com/id/register?redirect_uri=https%3A%2F%2Fwww.twinmotion.com%2Fen-US%2F&client_id=4f5e975e1b4c4b5caca20f70daa90c17&lang=en-US",
"Sec-CH-UA": `"Brave";v="129", "Not=A?Brand";v="8", "Chromium";v="129"`,
"Sec-CH-UA-Mobile": "?0",
"Sec-CH-UA-Platform": `"Windows"`,
"Sec-Fetch-Dest": "empty",
"Sec-Fetch-Mode": "cors",
"Sec-Fetch-Site": "same-origin",
"Sec-GPC": "1",
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36",
"X-Epic-Access-Key": "undefined",
"X-Epic-Client-ID": "4f5e975e1b4c4b5caca20f70daa90c17",
"X-Epic-Display-Mode": "web",
"X-Epic-Duration": "23764",
"X-Epic-Event-Action": "register",
"X-Epic-Event-Category": "register",
"X-Epic-Flow": "register",
"X-Epic-Platform": "WEB",
"X-Epic-Strategy-Flags": "isolatedTestFlagEnabled=false",
"X-Requested-With": "XMLHttpRequest",
"X-XSRF-Token": xsrfToken,
"Authorization": bearer,
}
dataP := map[string]interface{}{
"grant_type": "exchange_code",
"exchange_code": respCode.Code,
"token_type": "eg1",
}
jsonData, err := json.Marshal(dataP)
if err != nil {
fmt.Println(err)
}
reqP, err := http.NewRequest("POST", "https://fngw-mcp-gc-livefn.ol.epicgames.com/fortnite/api/game/v2/privacy/account/fbec52b969644409a011a18851311dd6", bytes.NewBuffer(jsonData))
if err != nil {
fmt.Println(err)
errorss++
}
for k, v := range headersP {
reqP.Header.Add(k, v)
}
if proxyURL != nil {
client.Transport.(*http.Transport).Proxy = http.ProxyURL(proxyURL)
}
is there anything wrong here? the first request for the exchange code works, and it gives me an exchange code, but on the second one theres still the error. im using the bearer for the correct client id:
there is so much 'wrong' here, why the heck are you using browser request headers here?? why is there an xsrf token?
why are you using twinmotion web request headers
doesnt make any sense & you did NOT include the basic auth u are using
there is so much 'wrong' here, why the heck are you using browser request headers here?? why is there an xsrf token?
why are you using twinmotion web request headers
doesnt make any sense & you did NOT include the basic auth u are using
well its the same with or without headers but i finally fixed it. although now im getting this:
{
"errorCode" : "errors.com.epicgames.fortnite.operation_not_found",
"errorMessage" : "Operation campaign not valid",
"messageVars" : [ "campaign" ],
"numericErrorCode" : 16035,
"originatingService" : "fortnite",
"intent" : "prod-live"
}
this is the request:
reqP, err := http.NewRequest("POST", "https://fngw-mcp-gc-livefn.ol.epicgames.com/fortnite/api/game/v2/profile/8e2e55d4e5884cab869bd802d0a17508/client/campaign", bytes.NewBuffer(jsonData))
if err != nil {
fmt.Println(err)
errorss++
}
thats because your request url is wrong, please read the docs
no, follow the linked docs.
no, follow the linked docs.
{ "errorCode" : "errors.com.epicgames.modules.profiles.invalid_payload", "errorMessage" : "Unable to parse command com.epicgames.fortnite.core.game.commands.QueryProfile. Could not deserialize payload for com.epicgames.fortnite.core.game.commands.QueryProfile", "messageVars" : [ "com.epicgames.fortnite.core.game.commands.QueryProfile", "Could not deserialize payload for com.epicgames.fortnite.core.game.commands.QueryProfile" ], "numericErrorCode" : 12806, "originatingService" : "fortnite", "intent" : "prod-live" }
you do not follow the docs.
ok i thought it meant empty as in no payload. thanks for all the patience and help <3
Issue Checklist
What is the Request Method?
POST
What is the Request URL?
https://fngw-mcp-gc-livefn.ol.epicgames.com/fortnite/api/game/v2/profile/fbec52b969644409a011a18851311dd6/client/common_public
What are your Request Headers (if applicable)?
authorization bearer
What are your Request Payload/Body (if applicable)?
nil
What is the Response Status Code?
403
What are the Response Headers (if applicable)?
No response
What is the Response Content? (if applicable)
{ "errorCode" : "errors.com.epicgames.common.missing_permission", "errorMessage" : "Sorry your login does not posses the permissions 'fortnite:profile:accountId:commands ALL' needed to perform the requested operation", "messageVars" : [ "fortnite:profile:accountId:commands", "ALL" ], "numericErrorCode" : 1023, "originatingService" : "fortnite", "intent" : "prod-live" }
Additional Context (if applicable)
No response