Killmail Request


(Salvitorius Grave) #1

So i’ve been working on a script using ESI SSO to pull killmails for a corpID. After a bit of frustrating trial and error I finally got the request to process. However now it is giving me a new problem. SSO Error 400. HTTP 403.

I did a little playing around with this in multiple ways. First made sure the corpID is being properly transmitted. Verified that I have and am sending the correct refresh token. And then plugged the data in manually on the EVE Swagger interface site to test if the problem was in the coding.

I am still getting the same error codes plugging into the EVE Swagger Interface manually. So for now i’m hesitant to say the problem is with my code.

Response Body
{
  "error": "Invalid token: SO1AfjISUuhL6CnO...",
  "sso_status": 400
}
Response Code
403
Response Headers
{
  "strict-transport-security": "max-age=31536000",
  "via": "1.1 google",
  "status": "403",
  "alt-svc": "clear",
  "content-length": "66",
  "x-esi-error-limit-remain": "100",
  "last-modified": "Thu, 14 Sep 2017 04:00:48 UTC",
  "date": "Thu, 14 Sep 2017 04:00:48 GMT",
  "x-esi-error-limit-reset": "12",
  "access-control-max-age": "600",
  "access-control-allow-methods": "GET,OPTIONS",
  "content-type": "application/json",
  "access-control-allow-origin": "*",
  "access-control-expose-headers": "Content-Type,Warning",
  "cache-control": "private",
  "access-control-allow-credentials": "true",
  "access-control-allow-headers": "Content-Type,Authorization,X-User-Agent",
  "expires": "Thu, 14 Sep 2017 04:01:18 UTC"
}

After seeing this I did consider that the scopes requested might be the issue. So I went back and verified both corp killmail and character killmail for ESI were selected (not the crest).

Any ideas or have I pretty much touched everything?


(Golden Gnu) #2

I’m not sure if you just used the wrong name or if you’re literately using the refresh token to auth.
You need to use a access token to access auth endpoints. you use the refresh token to get a access token: https://eveonline-third-party-documentation.readthedocs.io/en/latest/sso/refreshtokens.html

Reading the entire chapter about SSO may help you understand everything better: https://eveonline-third-party-documentation.readthedocs.io/en/latest/sso/index.html

EDIT: access tokens expire after 20 min or so (the exact time will be included in the result when you use the refresh token to get an access token)


(Blacksmoke16) #3

Yea, you’re prob sending the refresh_token. You need to send the auth_token. Refresh tokens are just used to get another auth_token, not to auth endpoints.

There would be a different error if it was expired, so i’m with @Golden_Gnu, that you’re sending the wrong token.


(Salvitorius Grave) #4

Yeah i was trying to pass the refresh token instead of the access token. I did figure it out though. But i’ve found a limitation in what i was trying to accomplish. Is there a way to retrieve corp killmails like on the old xml api. It had the ability to create a corp key. Not sure if this is implemented in the new ESI or if they have abandoned it.


(Blacksmoke16) #5

There is yes.

https://esi.tech.ccp.is/latest/#!/Killmails/get_corporations_corporation_id_killmails_recent


(Salvitorius Grave) #6

any special roles required or is it open to any character within corp?


(Blacksmoke16) #7

Will ofc need the SSO scope, but other than that it shouldn’t require any in game roles, as long as you are a member of that corp.


(Salvitorius Grave) #8

I’ll give that a shot. Let ya know how it turns out :slight_smile:


(system) #9

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.