Can anyone explain how to go about doing a manual OAUTH login flow for Facebook? I need to do this so I can get the access token that comes back.
Hard Mode ā¦ (this assumes you know what you are doing)ā¦
Set up your app on facebook developer portal. Add in the callback URL on your app.
In bubble ā¦ Have button that launches an external website ā¦
https://www.facebook.com/v3.3/dialog/oauth? client_id=xxxxx&redirect_uri=https://yourapp.bubbleapps.io/version-test/callback
Once that is working you will see that you get a code back on the redirect ā¦ something like ā¦
https://yourapp.bubbleapps.io/version-test/callback?code=AQD7c7A2av7NkgSmsRqeRp1kx7GZsmliCOIrd4tzkNw10vLNhdJ3sJImBUbJ8HOv3yNj0gBTG_3Cz2zs7XQQgXgYKHlFXZuOEry_-fWHcf3FkKfSdCrcnVBlR4sX6CscMmN2HgeTP4eoZuTzZHAlykZoZ7HOdPnCB6xCWOUN084IMG7fEr63J0xuTRnvrq2rddllT61fnKHG4QkmZFvjBUaHg5UWeDuQtwcDdVK4Fa_lV4Y4oXHi44bOk-D1R2cJIbbUHV3QpElu-1vNsW0yzY1ner4B4nToxHLXFT1srQKMZ2xVBwITAfZuPHmH0JQKdIU#_=_
(note I havenāt used āstateā here ā¦ you probably should but it is ok for now).
Set up a call in the API Connector (donāt connect it to the page yet !)ā¦
GET https://graph.facebook.com/v3.3/oauth/access_token
client_id = xxxx
redirect_uri = the same as the one above
client_secret = yyyy
code = grab the code from the URL above
Donāt do anything else at this point, as it takes a lot of manual stuff to get the bits working, do it all manually in the editor, donāt do it automatically (e.g. the code is one time, so if you have a page action on load early on, it will use up the token straight away, so leave it be until you have initialised all the API calls).
Now, you have have your access token, you will have basic profile scope only (name and id). If you need more you can request in the first step (addā¦ ,scope=user_gender or whatever you need but bear in mind you may need an app review).
Simplest thing to test ā¦ get the profile using another API connectorā¦
GET https://graph.facebook.com/v3.3/me
access_token = from the call above.
Now on page load on callback call an API Connector and grab the code parameter from the URL and pass it.
Once all these are up and running, you can call the API connector on page load. Get the token, and then display the name on the page.
This is current as of now. It will most probably change
Thanks so much, this worked great!
I might need your help regarding the above.
As @lottemint.md advised in this post, we decided to build a manual OAuth flow.
- Weāre successfully grabbing the āauthorization_codeā from the URL using the API Connector User-Agent Flow, with the following config:
- Then, as instructions above (thanks @NigelG!), weāre using the GET /access-tokens to retrieve the generated token using the authorization_code:
Weāre getting this error when trying to initialize it:
Any idea why? Any advice would be helpful
The clue is in the error
Use the POST method not the GET
Ah thanks @NigelG, I thought we needed to use a GET here as for the FB example above.
Iāll try that asap and let you know how it goes!
Annoyingly it can be different for each OAUTH.
I tried that and now getting a different error but I feel weāre almost there thanks to your help.
Config:
And the error:
According to some Hubspot forum posts, the config seems correct (and weāre obviously grabbing a new code for each initialization request we make).
Iām thinking it might be due to the fact that the token is already generated through the OAuth User-Agent flow (therefore the code weāre getting is already linked to one) and that weāre trying to generate a new one through the POST request.
To be honest Iām fairly new to all this - Iām not sure Iām right about this. Please do tell me if Iām completely off track here
Bear in mind that the code you get back from the first call ā¦ that is a one shot thing.
It is a pain to test. So you need to do the first call and stop any work flows.
The copy the code from the redirect back to your page and copy it into the API connector.
Try unticking query string ?
Try putting it all into the URL ?
/oauth/v1/token?grant_type=authorization_code&client_id=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx&client_secret=yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy&redirect_uri=https://www.example.com/&code=zzzzzzzz-zzzz-zzzz-zzzz-zzzzzzzzzzzz
@NigelG when I untick query string (for any of the parameters), it returns this error:
Putting it all into the URL returns the same error as before:
You may need to URL encode the URL first ?
%2Foauth%2Fv1%2Ftoken%3Fgrant_type%3Dauthorization_code%26client_id%3Dxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx%26client_secret%3Dyyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy%26redirect_uri%3Dhttps%3A%2F%2Fwww.example.com%2F%26code%3Dzzzzzzzz-zzzz-zzzz-zzzz-zzzzzzzzzzzz
I think the issue is that it wants it in Form Encoded ?
Thanks @NigelG for taking the time to help ! Still no luck unfortunately
I get the following error when encoding the whole URL:
Sorry, I encoded too much.
So just encode the redirect URI.
That is why it was failing to find the codeā¦ it got lost !
You could probably stuff it in the JSON Body ā¦ but this works !
That is a 6 hour token, so if you are storing it for later use you will need to use the refresh token to grab another one. So calculate the expiry time (now + expiry) and when you want to do the call check if it has passed and grab a new token.
@NigelG thanks! Iām going nuts. I did exactly as you did and still getting this Bad Auth Code error:
Did you set it the same way?
Iām thinking it could be linked to wrong Bubble settings too - as I mainly worked on the design for this one (and not so much on workflows), the āCurrent Userā data when navigating from Page ā Grant Access ā Redirect to Page isnāt passed along correctly. Therefore the auth_code is assigned to the wrong user.
But still, as weāre initializing the call manually it should return the same values as yours above right? Or do you think that could be the reason it returns this error?
Can you post your URL ?
Hi @NigelG! Sorry for the delayed reply and thanks again for your help!
Thankfully @lottemint.md very kindly offered his help as well and walked me through all the steps on a test app. Works like a charm now!
In a few words: instead of going through the āUser-Agent flowā which I was desperately trying to use, we had to go through a āNone or self-handledā method.
Iāll very soon post a showcase with a step-by-step guide for everyone to see. Iāll post the link to the showcase on this topic as well.
Thanks again guys for your help and understanding! Much appreciated
As promised, here is the link to the showcase: [Showcase] Manual OAuth2 Token from 0 to 1 - Integrations
Been trying this for two daysā¦I have followed your process (even tried as backend flow to get the toekn) I so confused in that when I initialize the API using the code returned it runs fine and I get a token back ā¦ I can then take that token and initialize the info API and works fine but when I try to make the call on page load of the callback url and pass the url param I keep getting a blank returned for the token ā¦ any ideas? Thanks!