I’m trying to implement OAuth on my web app.
but It works only creator’s account.
is there any steps to activate for others account?
// error message from patreon
“errors”: [
{
“code”: null,
“code_name”: “OAuthClientViewForbidden”,
“detail”: “You do not have permission to view OAuth Client with id [my-client-id].”,
“id”: “[my-id]”,
“status”: “403”,
“title”: “You do not have permission to view this OAuth Client.”
}
]
Hi there! What scopes did you ask for when requesting the token and what endpoint are you trying to access?
Nice to meet you phildini.
It’s identity scope.
Hi Jaykee. The identity scope should be correct, how are you requesting the token and what endpoint are you trying to access?
I tried the steps in your API docs. (https://docs.patreon.com/#step-3-handling-oauth-redirect)
“As I said”, it works well with a Creator’s account(which registered my web app).
it was perfectly same process and same parameter (except login account in patreon).
I just want to know is there any steps to activate my OAuth ticket and if so, how can I activate them.
here is the process I tried.
POST www.patreon.com/api/oauth2/token
code=<single use code, as passed in to GET route [2]>
&grant_type=authorization_code
&client_id=<your client id>
&client_secret=<your client secret>
&redirect_uri=<redirect_uri>
and returned
{
"access_token": "<access token from patreon api>",
"expires_in": 2678400,
"token_type": "Bearer",
"scope": "identity",
"refresh_token": "<refresh token from patreon api>",
"version": "0.0.1"
}
so I tried
POST www.patreon.com/api/oauth2/token
?grant_type=refresh_token
&refresh_token=<the user‘s refresh_token>
&client_id=<your client id>
&client_secret=<your client secret>
and returned
{
"errors":[
{
"code": null,
"code_name": "OAuthClientViewForbidden",
"detail": "You do not have permission to view OAuth Client with id <my patreon oauth client id>.",
"id": "<my patreon uuid>",
"status": "403",
"title": "You do not have permission to view this OAuth Client."
}
]
}
Oh! You’re having trouble refreshing the token! That wasn’t clear to me before. Are you using the refresh token returned from the initial request to /token? And if you could keep the uuid id in your posts here, that’s the request UUID and it will help us debug your requests. It is not “secret” information.
Thanks!
in your docs, step 5.
“You may use the received access_token to make API calls. For example, a typical first usage of the new access_token would be to fetch the user’s profile info, and either merge that into their existing account on your site, or make a new account for them. You could then use their pledge level to show or hide certain parts of your site.”
Does this not mean using access_token to get user’s profile?
I used access_token to get user’s profile both creator’s account and others account.
Don’t you have the process to activate any applications?
Will my app be able to authorize other users by just registering my application?
You can definitely get the user’s profile using your access token by making a request to /api/oauth2/v2/identity
I don’t quite understand the question here… you should be able to authenticate any user using your app, and store their access token to make requests to the API on their behalf.
I really want to thank you for your help.
it works well using request to “/api/oauth2/v2/identity”
Actually, the url what I requested was “https://www.patreon.com/api/oauth2/api/current_user” in your docs, https://docs.patreon.com/#api-endpoints
Is there any different from “/api/oauth2/v2/identity”?
and, the “activate” what I said,
in facebook, for example, they have a button which can choose status developing or live
Hey Jaykee! We recommend the APIv2 identity endpoint: https://docs.patreon.com/#get-api-oauth2-v2-identity
APIv2 is currently in beta, but it will have the longer-term support.