Question about keyid and verification code

(Yumoen Crisam) #1

I’m trying to authenticate a user’s keyid and verification code, but I keep getting:

{"error":"invalid_request","error_description":"Invalid authorization code, decrypt failed"}


The naming in the docs is throwing me off. Is the code field the same thing as the “Verification Code” on the mange API access page? I’m trying to avoid logging in and get an auth token manually. Where does the “Key ID” come in to play?

Also, just to be sure. The Authorization is Basic base64(client id:secret key) right? Again, naming and docs do not match.

(Scipio Artelius) #2

You don’t oauth against the API key.

If you specifically want to use an api key (keyID and verification code), then see this page:

If you want to use oauth, then you need to use the SSO and apply different scopes to your application so that the user authorizes access to that information (you don’t use the keyID and vcode supplied by a user).

Documentation on the SSO flow (explicit and implicit) is here:

Note, the XML API is deprecated and will close by 8 May next year (possibly earlier).

(Yumoen Crisam) #3

Yep, that worked out well. I don’t know what I was thinking. Thanks for setting me straight.

(system) #4

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.