When I try REST API's with my oauth 2.0's token I keep getting back empty results [] under the body with OK-200 status codes in the headers.
I created a bot and tested the rest API's with curl + basic authentication and also with swagger and they work fine. I tested my curl command using oauth 2.0 with the swagger token and this works fine as well.
I tried different settings to test, but to stick with a basis:
I created a Bot under custom apps, Scopes are 'All' selected and TTL is 'Forever'.
I requested and received my token successfully via REST with the following scopes:'READ_USER_PROFILE,WRITE_USER_PROFILE,READ_CONVERSATIONS,WRITE_CONVERSATIONS,READ_USER'.
I noticed that 'ALL' scope doesn't work, it returns "invalid_client, The Application null is not enabled for scope ::=[ALL]", but the same client works without any of the scopes above mentioned together or on their own except 'ALL'.
I made sure I had the necessary scopes for the REST APIs I was testing, e.g. 'READ_CONVERSATIONS' for "/conversations"
I don't receive any 401 or other error codes at all, just 200's.
I tested the same commands with the token generated by swagger and that one returns the body string with results (in other words, this token works)
I have replicated this same problems with Postman and PowerShell's Invoke-WebRequest/Invoke-RestMethod.
Not sure if it's related, but I noticed the "OAuth Apps" options no longer exist in the web app: webclient under "Administration" > "OAuth Apps". "OAuth Apps" tab, enable "OAuth Apps" in "Settings" > "Circuit Labs".
\\Requesting token:
curl -X POST https://circuitsandbox.net/oauth/token -d "client_id=myclientidhere&client_secret=myclientsecrethere&grant_type=client_credentials&scope=READ_USER_PROFILE,WRITE_USER_PROFILE,READ_CONVERSATIONS,WRITE_CONVERSATIONS,READ_USER" -i
{"access_token":"myaccesstokenhere","token_type":"Bearer","scope":["READ_USER_PROFILE","WRITE_USER_PROFILE","READ_CONVERSATIONS","WRITE_CONVERSATIONS","READ_USER"]}
\\Making request:
curl -i "https://circuitsandbox.net/rest/v2/conversations" -H "Authorization: Bearer myaccesstokenhere" -i
[]
\\\Full sample (-i parameter):
\\Requesting token:
curl -X POST https://circuitsandbox.net/oauth/token -d "client_id=myclientidhere&client_secret=myclientsecrethere&grant_type=client_credentials&scope=READ_USER_PROFILE,WRITE_USER_PROFILE,READ_CONVERSATIONS,WRITE_CONVERSATIONS,READ_USER" -i
HTTP/1.1 200 OK
Date: Sat, 22 Jun 2019 01:21:43 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 179
Connection: keep-alive
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS
access-control-allow-headers: Accept, Accept-Language, User-Agent, Origin, Connection, Host, Accept-Encoding, Authorization, Content-Type, api_key, apiKey
ETag: W/"b3-K441G+yOERm+Qhj2E8VpkzO8ISg"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=157680000; includeSubdomains; preload
{"access_token":"myaccesstokenhere","token_type":"Bearer","scope":["READ_USER_PROFILE","WRITE_USER_PROFILE","READ_CONVERSATIONS","WRITE_CONVERSATIONS","READ_USER"]}
\\Making request:
curl -i "https://circuitsandbox.net/rest/v2/conversations" -H "Authorization: Bearer myaccesstokenhere"
HTTP/1.1 200 OK
Date: Sat, 22 Jun 2019 01:25:37 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS
access-control-allow-headers: Accept, Accept-Language, User-Agent, Origin, Connection, Host, Accept-Encoding, Authorization, Content-Type, api_key, apiKey
ETag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=157680000; includeSubdomains; preload
[]
I expect the output to include the body output for the request, e.g.
{"type":"COMMUNITY","convId":"5fad5fa4-1097-d66f-083a-3f129214e99f","participants":["5fad5fa4-1097-d66f-083a-3f129214e99f","5fad5fa4-1097-d66f-083a-3f129214e99f","5fad5fa4-1097-d66f-083a-3f129214e99f","5fad5fa4-1097-d66f-083a-3f129214e99f"],"topic":"YourCompany","creationTime":1560992185888,"modificationTime":1561143383261,"creatorId":"5fad5fa4-1097-d66f-083a-3f129214e99f","creatorTenantId":"5fad5fa4-1097-d66f-083a-3f129214e99f","description":"Default open conversation for YourCompanyHere"}
But the actual output is: [ ]
Just tested that and I get the conversations (and communities) returned.This will not return your conversations, but the conversations the bot is a member of. Make sure the bot is a member of a conversation.