search

eBay / ebay-oauth-csharp-client

eBay OAuth C# Client Library
Apache License 2.0
54 stars 40 forks source link

The requested scope is invalid #12

Open RahmanM opened 4 years ago

RahmanM commented 4 years ago

Hi there, I get this error when I cloned and changed the info with my ClientId/Secret Key etc.

The error is: ""{\"error\":\"invalid_scope\",\"error_description\":\"The requested scope is invalid, unknown, malformed, or exceeds the scope granted to the client\"}"

The scopes I supply are only and I definitely have access to these scopes: https://api.ebay.com/oauth/api_scope, https://api.ebay.com/oauth/api_scope/sell.fulfillment

If I try only https://api.ebay.com/oauth/api_scope then it works and returns an access token. Which means my configurations are correct.

What is this error and why this should happen?

I have access to all these scopes. See below:

image

TIA

RahmanM commented 4 years ago

Is this an really ebay? Does anyone even care to look at a potential bug?

arpetris commented 4 years ago

I had this error because of a difference between the scopes allowed for a sandbox account and a production account. Once I logged in with the correct account type to match my scopes in the eBay dev account everything worked.

RahmanM commented 4 years ago

Hi, Thanks for the reply.

What you exactly did to solve the issue?

I just realised my Client Credential Grant Type is only for the https://api.ebay.com/oauth/api_scope API only.

How did you manage to Grant access to your Client Credential?

image

arpetris commented 4 years ago

I am assuming you are asking about the code. I based my code on the test cases in the library. I created a UserCredential object with the username and password matching my eBay production credentials. Then to GenerateUserAuthorizationUrl I passed OAuthEnvironment.PRODUCTION and an list of user scopes defined as:

private readonly IList userScopes = new List() { "https://api.ebay.com/oauth/api_scope/sell.fulfillment", "https://api.ebay.com/oauth/api_scope/sell.inventory" };

This is defined in OAuth2ApiTest class. The scopes https://api.ebay.com/oauth/api_scope/commerce.catalog.readonly and https://api.ebay.com/oauth/api_scope/buy.shopping.cart weren't valid for my production account. I believe there are limitations for some apis in production accounts that require special requests to eBay to add them to your account.

I hope that helps.

princewebkul commented 3 years ago

I am facing also this error when trying to get application access token with accessible scope parameter . The error is : The requested scope is invalid, unknown, malformed, or exceeds the scope granted to the client. even not working for primary scope (https://api.ebay.com/oauth/api_scope) for me.

kdekarin commented 2 years ago

You have to HTML encode your scope first, see example below:

Following C# code worked for me....

                    CredentialUtil.Load(streamReader);//your ebay-config-sample.yaml file
                    List<String> scopes = new List<String>();
                    scopes.Add(HttpUtility.UrlEncode("https://api.ebay.com/oauth/api_scope"));
                    OAuth2Api oAuth2Api = new OAuth2Api();
                    OAuthResponse asd = oAuth2Api.GetApplicationToken(OAuthEnvironment.SANDBOX, scopes);

Your app is beeing granted only for following scopes: image

ppprakhar commented 1 year ago

"https://api.ebay.com/oauth/api_scope/buy.item.feed https://api.ebay.com/oauth/api_scope/buy.product.feed" these 2 api scope, result get "invalic_scope" and when I check user access token list these 2s are not available there

How could I resolve this ?

AhmedX6 commented 1 year ago

Hi,

Also have : {"error":"invalid_scope","error_description":"The requested scope is invalid, unknown, malformed, or exceeds the scope granted to the client"}

when I add https://api.ebay.com/oauth/api_scope/sell.inventory

If I have only https://api.ebay.com/oauth/api_scope I got an access token. Any solution ?

estebananot commented 1 year ago

Maestros lo he logrado aquí les comparto mi código, me base en la respuesta de @arpetris poniendo los alcances en una lista

const base64Encode = (encodeData) => { const buff = new Buffer.from(encodeData); // eslint-disable-line return buff.toString('base64'); }; const scopes = ['https://api.ebay.com/oauth/api_scope']; //scopes const getTokenNoLib = () => { const encodedAuth = base64Encode(${clientId}:${clientSecret}`);

const data = new URLSearchParams();
data.append('grant_type', 'client_credentials');
data.append('scope', scopes.join('%20'));

const options = {
    headers: {
        'Content-Type': 'application/x-www-form-urlencoded',
        'Authorization': `Basic ${encodedAuth}`
    },
    hostname: 'api.ebay.com',
    path: '/identity/v1/oauth2/token',
    method: 'POST'
};

return new Promise((resolve, reject) => {
    const req = https.request(options, res => {
        let data = '';
        res.on('data', chunk => {
            data += chunk;
        });
        res.on('end', () => {
            console.log('Sex');
            const token = JSON.parse(data).access_token;
            resolve(token)
        });
    });
    req.on('error', error => {
        reject(error);
    });

    req.write(data.toString());
    req.end();
});

};` No he probado mas alcances de mi clave por que no los requiero en lo que estoy haciendo , pero espero les pueda servir

nazirahmad7340 commented 1 year ago

Hi, First of all, you need to get the token here is an example.

curl -X POST 'https://api.ebay.com/identity/v1/oauth2/token' \ -H 'Content-Type: application/x-www-form-urlencoded' \ -H 'Authorization: Basic V2FoYWJFc2.........' \

-d 'grant_type=authorization_code &code=v^1.1#i^1#I^3 ....& redirect_uri=RuName get from eBay developer dashboard'

Details: 

  Authorization: Basic <client_id>:<client_secret> // you have to encode with base64 encode 
  code= eBay user consent - will give you a temporary code from all required Gran Types (run in browser required password) copy the code from URL parm(code=....) need to be url_decode 

  eBay will give you a response like 
  access_token,
  expires_in,
  refresh_token,
  refresh_token_expires_in,
  token_type": "User Access Token"

  Then you can use this token to receive data from Restfullapi 

  link:

Getting user consent Using OAuth to access eBay APIs Exchanging the authorization code for a User access token base64encode

alijani1 commented 9 months ago

Hi, Thanks for the reply.

What you exactly did to solve the issue?

I just realised my Client Credential Grant Type is only for the https://api.ebay.com/oauth/api_scope API only.

How did you manage to Grant access to your Client Credential?

image

Did you ever figure this out?

I have the same issue and from what i gather eBay does not provide the broader set of scoped under the client credential grant work flow and it seems the only option is to use the user consent workflow which required redirect uri... so I am not sue what desktop apps that dont have anyway to provide redirect URIs without setting up webservers and opening ports,, are to do... If you or anyone has figured out how to add additional scoped to "client credential grant type" for your application keysets, please let us know.

shafaqat-ali-cms365 commented 5 months ago

Looks like client credentials can read public data only. Unfortunate.