Home › Forums › The XBRL API › oauth2 Not Giving Access Token
- This topic has 4 replies, 3 voices, and was last updated 2 years, 8 months ago by Elisa Roselli.
-
AuthorPosts
-
-
Tuesday, December 8, 2020 at 11:58 AM #187932Elisa RoselliParticipant
I have received a client_id and client_secret from xBRL, but am unable to get an access_token from the Swagger page at https://xbrlus.github.io/xbrl-api/, because it repeatedly claims that client_credentials is an unsupported grant type.
Code Details
400 Error: Bad Request
Response body
Download
{
“error”: “unsupported_grant_type”,
“error_description”: “Unsupported Grant Type”
}What can I do about this?
Many thanks to anyone who can help.
Elisa Roselli
-
Tuesday, December 8, 2020 at 12:22 PM #187933David TaurielloKeymaster
Hi Elisa – welcome and thanks for posting. Sorry for the issues you’re having – appreciate the screen capture you sent along, as well.
We don’t allow users to submit via ‘client_credentials’ until they’re authorized using ‘password’ (client_credentials is for renewing a token).
On the initial authorization, you’ll need to pass:
- Username
- Password
- Client ID
- Client Secret
- Grant Type
- Platform
Tip: you can also use one of the open lock icons on the right side of the Swagger page to dive into the data – it may be a bit quicker.
Also, we’ve produced a couple of Jupyter Notebooks for Python and R that handle authorization – see https://mybinder.org/v2/gh/xbrlus/xbrl-api-ipynb/python?filepath=xbrl_us_api.ipynb or https://mybinder.org/v2/gh/xbrlus/xbrl-api-ipynb/master?filepath=xbrl_us_api_r.ipynb linked in the XBRL Data Community
Let me know how you make out.
-
Tuesday, December 8, 2020 at 12:41 PM #187934Elisa RoselliParticipant
David,
Thanks for your help, but even when I fill in all the parameters as you suggest, I still don’t get access.
The method using the lock icon at the right returns:
Auth ErrorError: Bad Request, error: invalid_request, description: Bad or expired tokenwhereas, if I fill in every parameter in the oauth endpoint and set the grant_type to password, it returns 400:
{
“error”: “invalid_request”,
“error_description”: “Bad Username or Password”
}I also tried getting another client_id and client_secret, on the idea that the first one may have expired, but the new ones have exactly the same behavior.
I have also tried logging out and in again, just to make sure that the login details are the same as the ones entered for user and password (i.e. my email address and the password I configured on the xBRL site), but the results are the same.
I can’t find what I’m doing wrong. Thanks for your patience.
Elisa Roselli
-
Tuesday, December 8, 2020 at 3:19 PM #187937David TaurComcastParticipant
Elisa – thanks for your time offline from this thread today. I’m glad we could get together to discuss and resolve the issue.
-
Tuesday, January 19, 2021 at 9:00 AM #188577Elisa RoselliParticipant
Hi,
I would just like to add some extra feedback on this.Returning to the API Swagger page after logging in, I discovered that I was once again getting error messages about incorrect username or password.
What had happened since I last was able to log on with the help of David Tauriello in December, was that I had reset my password to the same password I use to log in to the xBRL site.
When I had worked with David, we had used a provisional password, which I noticed, was an alphanumeric string with NO SPECIAL CHARACTERS. My password, on the other hand, had some punctuation and non-alpha characters in it. There were no complaints from the xBRL site when I configured it, but apparently the API Swagger doesn’t like it, and refused to give me a JWT.
So I set the password again, this time using a purely alphanumeric string, and it is working.
So, advice to anyone who might be encountering similar problem: avoid passwords with non-alphanumeric characters for this web site.
-
-
AuthorPosts
- The topic ‘oauth2 Not Giving Access Token’ is closed to new replies.
Search Forums
Recent Topics
- Ticker lookup for reports by David Tauriello
- Understanding ultimus, unique and accuracy-index in fact searches by David Tauriello
- Extending search: adding terms and using Additional Parameters by David Tauriello
- How to run a XINCE example? by José Zavala González
- How to gracefully handle duplicate values by Jeff Krimmel
Recent Replies
-
Extending search: adding terms and using Additional Parameters 2 months ago
-
Getting started with the XBRL Filed Data Add-in for Excel 2 months, 3 weeks ago
-
Getting started with the XBRL Filed Data Add-in for Excel 2 months, 3 weeks ago
-
Getting started with the XBRL Filed Data Add-in for Excel 3 months, 1 week ago
-
Getting started with the XBRL Filed Data Add-in for Excel 3 months, 1 week ago
Documentation & Discussion
- Get started with Google Sheets OR
- Get started with Microsoft Excel OR
- Get access to as-filed data from us for other tools or your own app
- XBRL API Interactive Documentation
- The XBRL API
- XBRL Data Community
- 2022 US GAAP Taxonomy Viewer
- Live support - Monday, 3:30 - 4:30 PM ET
Who's using this free data?
API Use 2023 || API Use 2022 || API Use 2021 || API Use 2020 || API Use 2019 || API Use 2018
Join XBRL US
- Individual Options - Basic, Power User & Sole Practitioner
- For Your Team - Startup, Non-Profit, Academic & Corporate options
- Member Benefits Comparison Table
Using the XBRL API with the Public Filings Database
Unless otherwise agreed to in writing, any and all use of the XBRL API to authenticate and retrieve data from the XBRL US Database of Public Filings implies user consent and agreement with the XBRL US API Agreement. If you are unable to agree to these terms, do not use the XBRL API.
To use the XBRL API outside of Google Sheets, your account needs to be provisioned for OAuth2 access.