Out of band OAuth 2 (for a console app)

Authentication
1

Hi Nick,

You can do exactly the same for FreeAgent. Twitter and FaceBook are
displaying the Authentication token from the OAuth flow for you to copy
down and use on a different system - we’re just currently not providing
such a nice way to see the Authentication token.

Instead you can use the Google OAuth Playground for this:

  1. Follow the instructions here:
    FreeAgent Developer Dashboard
  2. After you have clicked “Authorize APIs” don’t click “Exchange
    Authorization Code for Tokens” but instead copy down the Authorization code.
  3. On your server, give your script the Authorization code and have it
    perform the next step of the OAuth flow to retrieve the Access and Refresh
    tokens.
  4. Every seven days your script should automatically use the Refresh
    token to get a new Access token as the Access token expires

What language are you using for this? If you’re using Ruby, the OAuth2 gem
makes authenticating with OAuth services pretty easy.

Kind regards,

GraemeOn 21 June 2012 00:25, Nick Malyon nick.malyon@gmail.com wrote:

Hey,

Just implementing an internal console app for FreeAgent which will
generate invoices based on number of transactions our clients make on our
system per month. It’s really simple, just needs to run as a cron job and
create the invoice.

I’m trying my hardest to use the new OAuth2 API - it would be good if it
supported Out of Band authorisation. Some services, like twitter, will if
you set the redirect_url to ‘oob’ display the auth token to the user for
them to enter into the software themselves.

In this situation, that’s far preferable to having to implement and open
up the firewall to a webserver running on the requesting machine. Indeed,
it might not even be possible to make the user request from the machine in
the first place.

The ideal flow would be:

Go to this URL on your desktop: https://api.freeagent.com/v2/
What code did it give you? _
Cool.

Another way to do this, which Facebook use, is for FreeAgent to host a
redirect endpoint which spits out the code and to tell developers they can
use that if they don’t have their own callback.

Though, their absolute latest is to move to an entirely different
pin-driven device mode.

Any plans for this? Otherwise I’ll have to write and deploy a totally
separate page, just to use the new API on the console.

Cheers,

  • Nick


You received this message because you are subscribed to the Google Groups
“FreeAgent API” group.
To view this discussion on the web visit
https://groups.google.com/d/msg/freeagent_api/-/F7TxFWaPs6sJ.
To post to this group, send email to freeagent_api@googlegroups.com.
To unsubscribe from this group, send email to
freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/freeagent_api?hl=en.

Graeme Boyd
Senior Software Engineer

Web. freeagent.com http://www.freeagent.com/ Blog. The FreeAgent Blog - FreeAgent
Twitter. @freeagent https://twitter.com/#!/freeagent Facebook.
FreeAgent | Edinburgh

SOFTWARE SATISFACTION AWARDS 2012* * - *Vote for
ushttp://www.clicktools.com/survey?iv=1c8dgs13zfxs7r&q1=FreeAgent%20Central%20Ltd&q2=FreeAgent&q3=Accounting%20and%20Finance
** * (We’d be super stoked!)

40 Torphichen Street, Edinburgh, EH3 8JB
FreeAgent Central Ltd. Registered in sunny Scotland SC316774

2

I’ve been testing by sending the user to a FA url which redirects back
(at the end of the oauth process) to a static page on my website. It
does nothing, but I can grab the URL
(http://mysite.com/foo.html?code=xxxx) which has code=xxxxxx in it,
and I can take that whole url, and parse the code out, and use that to
get the rest of the tokens.

No ideal, but it’s a once-off thing. You could send the user to a page
which parses the code out and just shows it… but I found it easier
to parse it in my app, as I needed the full parsing when I use it from
an iOS appOn Thu, Jun 21, 2012 at 9:31 AM, Graeme Boyd graeme.boyd@freeagent.com wrote:

Hi Nick,

You can do exactly the same for FreeAgent. Twitter and FaceBook are
displaying the Authentication token from the OAuth flow for you to copy down
and use on a different system - we’re just currently not providing such a
nice way to see the Authentication token.

Instead you can use the Google OAuth Playground for this:

Follow the instructions here: FreeAgent Developer Dashboard
After you have clicked “Authorize APIs” don’t click “Exchange Authorization
Code for Tokens” but instead copy down the Authorization code.
On your server, give your script the Authorization code and have it perform
the next step of the OAuth flow to retrieve the Access and Refresh tokens.
Every seven days your script should automatically use the Refresh token to
get a new Access token as the Access token expires

What language are you using for this? If you’re using Ruby, the OAuth2 gem
makes authenticating with OAuth services pretty easy.

Kind regards,

Graeme

On 21 June 2012 00:25, Nick Malyon nick.malyon@gmail.com wrote:

Hey,

Just implementing an internal console app for FreeAgent which will
generate invoices based on number of transactions our clients make on our
system per month. It’s really simple, just needs to run as a cron job and
create the invoice.

I’m trying my hardest to use the new OAuth2 API - it would be good if it
supported Out of Band authorisation. Some services, like twitter, will if
you set the redirect_url to ‘oob’ display the auth token to the user for
them to enter into the software themselves.

In this situation, that’s far preferable to having to implement and open
up the firewall to a webserver running on the requesting machine. Indeed,
it might not even be possible to make the user request from the machine in
the first place.

The ideal flow would be:

Go to this URL on your desktop: https://api.freeagent.com/v2/
What code did it give you? _
Cool.

Another way to do this, which Facebook use, is for FreeAgent to host a
redirect endpoint which spits out the code and to tell developers they can
use that if they don’t have their own callback.

Though, their absolute latest is to move to an entirely different
pin-driven device mode.

Any plans for this? Otherwise I’ll have to write and deploy a totally
separate page, just to use the new API on the console.

Cheers,

  • Nick


You received this message because you are subscribed to the Google Groups
“FreeAgent API” group.
To view this discussion on the web visit
https://groups.google.com/d/msg/freeagent_api/-/F7TxFWaPs6sJ.
To post to this group, send email to freeagent_api@googlegroups.com.
To unsubscribe from this group, send email to
freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/freeagent_api?hl=en.


Graeme Boyd
Senior Software Engineer

Web. freeagent.com Blog. The FreeAgent Blog - FreeAgent
Twitter. @freeagent Facebook. FreeAgent | Edinburgh

SOFTWARE SATISFACTION AWARDS 2012 - Vote for us (We’d be super stoked!)

40 Torphichen Street, Edinburgh, EH3 8JB
FreeAgent Central Ltd. Registered in sunny Scotland SC316774


You received this message because you are subscribed to the Google Groups
“FreeAgent API” group.
To post to this group, send email to freeagent_api@googlegroups.com.
To unsubscribe from this group, send email to
freeagent_api+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/freeagent_api?hl=en.

Nic Wise
t. +44 7788 592 806 | @fastchicken | Nic Wise - Tend Health Ltd | LinkedIn
b. http://www.fastchicken.co.nz/

Earnest: Self-employed? Track your business expenses and income.
http://earnestapp.com
Nearest Bus: find when the next bus is coming to your stop. http://goo.gl/Vcz1p
mobileAgent (for FreeAgent): get your accounts in your pocket.
http://goo.gl/IuBU
Trip Wallet: Keep track of your budget on the go: http://goo.gl/ePhKa
London Bike App: Find the nearest Boris Bike, and get riding! http://goo.gl/Icp2

3

Hi,

below process i followed but some how not able to get solution(error in get
access token)

request :

POST /v2/token_endpoint HTTP/1.1

Host: api.sandbox.freeagent.com

grant_type: authorization_code

code: 4/z7IBgRS-Pjx6y5-djE-uaRAjqeYleIdVCyjwiFgnfdg

redirect_uri: https://google.com

Content-Type: application/x-www-form-urlencoded;charset=UTF-8

client_id: 3go0PEltpEHFFzEOdliIzQ

client_secret: OLefVbuT3LhEqpMh-2iq3w

Cache-Control: no-cache

Postman-Token: d47f46b7-9e1d-2969-8a40-53ee2120d5c2

responce

{

“error”: “invalid_request”

}

Thanks.On Thursday, June 21, 2012 at 2:01:50 PM UTC+5:30, Graeme Boyd wrote:

Hi Nick,

You can do exactly the same for FreeAgent. Twitter and FaceBook are
displaying the Authentication token from the OAuth flow for you to copy
down and use on a different system - we’re just currently not providing
such a nice way to see the Authentication token.

Instead you can use the Google OAuth Playground for this:

  1. Follow the instructions here:
    FreeAgent Developer Dashboard
  2. After you have clicked “Authorize APIs” don’t click “Exchange
    Authorization Code for Tokens” but instead copy down the Authorization code.
  3. On your server, give your script the Authorization code and have it
    perform the next step of the OAuth flow to retrieve the Access and Refresh
    tokens.
  4. Every seven days your script should automatically use the Refresh
    token to get a new Access token as the Access token expires

What language are you using for this? If you’re using Ruby, the OAuth2
gem makes authenticating with OAuth services pretty easy.

Kind regards,

Graeme

On 21 June 2012 00:25, Nick Malyon <nick....@gmail.com <javascript:>> wrote:

Hey,

Just implementing an internal console app for FreeAgent which will
generate invoices based on number of transactions our clients make on our
system per month. It’s really simple, just needs to run as a cron job and
create the invoice.

I’m trying my hardest to use the new OAuth2 API - it would be good if it
supported Out of Band authorisation. Some services, like twitter, will if
you set the redirect_url to ‘oob’ display the auth token to the user for
them to enter into the software themselves.

In this situation, that’s far preferable to having to implement and open
up the firewall to a webserver running on the requesting machine. Indeed,
it might not even be possible to make the user request from the machine in
the first place.

The ideal flow would be:

Go to this URL on your desktop: https://api.freeagent.com/v2/
What code did it give you? _
Cool.

Another way to do this, which Facebook use, is for FreeAgent to host a
redirect endpoint which spits out the code and to tell developers they can
use that if they don’t have their own callback.

Though, their absolute latest is to move to an entirely different
pin-driven device mode.

Any plans for this? Otherwise I’ll have to write and deploy a totally
separate page, just to use the new API on the console.

Cheers,

  • Nick


You received this message because you are subscribed to the Google Groups
“FreeAgent API” group.
To view this discussion on the web visit
https://groups.google.com/d/msg/freeagent_api/-/F7TxFWaPs6sJ.
To post to this group, send email to freeag...@googlegroups.com
<javascript:>.
To unsubscribe from this group, send email to
freeagent_ap...@googlegroups.com <javascript:>.
For more options, visit this group at
http://groups.google.com/group/freeagent_api?hl=en.


Graeme Boyd
Senior Software Engineer

Web. freeagent.com http://www.freeagent.com/ Blog. The FreeAgent Blog - FreeAgent
Twitter. @freeagent https://twitter.com/#!/freeagent Facebook.
FreeAgent | Edinburgh

SOFTWARE SATISFACTION AWARDS 2012 - Vote for us
http://www.clicktools.com/survey?iv=1c8dgs13zfxs7r&q1=FreeAgent%20Central%20Ltd&q2=FreeAgent&q3=Accounting%20and%20Finance
(We’d be super stoked!)

40 Torphichen Street, Edinburgh, EH3 8JB
FreeAgent Central Ltd. Registered in sunny Scotland SC316774

4

Hi Nick,

What did you go with in the end?

ThanksOn Thursday, 21 June 2012 00:25:20 UTC+1, Nick Malyon wrote:

Hey,

Just implementing an internal console app for FreeAgent which will
generate invoices based on number of transactions our clients make on our
system per month. It’s really simple, just needs to run as a cron job and
create the invoice.

I’m trying my hardest to use the new OAuth2 API - it would be good if it
supported Out of Band authorisation. Some services, like twitter, will if
you set the redirect_url to ‘oob’ display the auth token to the user for
them to enter into the software themselves.

In this situation, that’s far preferable to having to implement and open
up the firewall to a webserver running on the requesting machine. Indeed,
it might not even be possible to make the user request from the machine in
the first place.

The ideal flow would be:

Go to this URL on your desktop: https://api.freeagent.com/v2/
What code did it give you? _
Cool.

Another way to do this, which Facebook use, is for FreeAgent to host a
redirect endpoint which spits out the code and to tell developers they can
use that if they don’t have their own callback.

Though, their absolute latest is to move to an entirely different
pin-driven device mode.

Any plans for this? Otherwise I’ll have to write and deploy a totally
separate page, just to use the new API on the console.

Cheers,

  • Nick