Unable to get access token

  • 1
  • Question
  • Updated 3 weeks ago
  • (Edited)


I am trying to get access token, it's throwing above error. Can you suggest me what could be the reason?

Actually, I am trying to upload multiple file from "SAP PI/PO" (middleware) to sharefile folder by REST API call.

Please suggest me the steps like after getting token how I can able to upload the multiple files in specific folder?  


And I want to make token alive for long time. What's the way?


Appreciate your time..

Regards
Binod






Photo of Binod Thakur

Binod Thakur

  • 11 Posts
  • 0 Reply Likes

Posted 3 weeks ago

  • 1
Photo of Andrew Batz

Andrew Batz

  • 2 Posts
  • 0 Reply Likes
The Oauth documentation sucks (which is representative of the rest of the API docs). 
I was able to get it working using 
https://secure.sharefile.com/oauth/authorize
as the Authorize URL, and for the Access Token URL 
https://YOUR-SUBDOMAIN.YOUR-DOMAIN.com/oauth/token
for example, our domain isn't sharefile it's citrixdata, and our subdomain is our company name. Look at the url of someone signed in to sharefile to see both in one convenient place.  
and you might want to try openid as the scope
(Edited)
Photo of Binod Thakur

Binod Thakur

  • 11 Posts
  • 0 Reply Likes
Hi Andrew,

First of all thanks for your quick response.

I am new in api. As I understood from your suggestion, 1st I need to get authorization_code by providing basic credential and then by authorization_code I can get access token. Still, I am not able to get it.


 



Thanks,
Binod







Photo of Andrew Batz

Andrew Batz

  • 2 Posts
  • 0 Reply Likes
Step 1, if you haven't yet, read up/ watch the videos that explain the basics of oauth2, really understanding it is a prerequisite that's hard to work around.
Step 2, When getting your token for the first time, there is no authorization header and it might treat a malformed request as a automatic rejection. 
Step 3, your sharefile client ID and client secret must have a callback URL registered to it that it's calling back with. The one you selected when setting up the client keys is the only one it will legitimately call back to. 
Step 4, Understand what you're trying to use the API for. SFTP and WEBdav interfaces exist for sharefile that may be easier to use depending on what your use-case is. 
Step 5, understand that sharefile's api isn't here to be your friend, it's finicky and sometimes doesn't make sense. IMO it's a checkbox they're filling for some sales documentation rather than a fully thought out core to their product. 
Step 6, the domains you hit in the screenshots aren't looking right. 

call to secure.sharefile.com to get an authorization token, Then call to YOURDOMAIN.SUBDOMAIN.TLD/oauth/token (with the authorization token) to get your access token (which expires regularly and fairly quickly, when that happens have in-code or through whatever process manager you're using get a fresh access token using your authorization token). Pass the Access token with your requests to interact with the API. 
I haven't seen anybody use secure.sharefile.com as their custom domain, but IDK, it's possible. 
(Edited)