I have the following parameters that can authenticate me on the api via python
library(reticulate)
import requests
url = 'https://api.checkbox.com/v1/my_account/oauth2/token'
payload = 'username=my_username&password=my_password&grant_type=password'
headers = {'Content-Type': 'application/x-www-form-urlencoded'}
response = requests.request('POST', url, headers = headers, data = payload, allow_redirects=False)
print(response.text)
{"access_token":"my_access_token","token_type":"bearer","expires_in":43199,"user_name":"my_username","roles":"System Administrator,Contact Administrator,Survey Administrator","account_name":"my_account","hosts":"my_account.checkboxonline.com"}
I tried doing the same using httr but getting a 400 error.
username <- "my_username"
password <- "my_psw"
base_url = "https://api.checkbox.com/v1/my_account/oauth2/token"
response <- POST(url=base_url,
authenticate(username,password),
add_headers("Content-Type"="application/x-www-form-urlencoded"),verbose())
Here is the generated request params:
-> POST /v1/my_account/oauth2/token HTTP/1.1
-> Host: api.checkbox.com
-> Authorization: Basic jumble_hog_wash_of_my_creds
-> User-Agent: libcurl/7.64.1 r-curl/4.1 httr/1.4.1
-> Accept-Encoding: deflate, gzip
-> Accept: application/json, text/xml, application/xml, */*
-> Content-Type: application/x-www-form-urlencoded
-> Content-Length: 0
->
<- HTTP/1.1 400 Bad Request
<- Cache-Control: no-cache
<- Pragma: no-cache
<- Content-Type: application/json;charset=UTF-8
<- Expires: -1
<- Server: Microsoft-IIS/10.0
<- X-Powered-By: ASP.NET
<- Date: Fri, 08 Nov 2019 16:08:10 GMT
<- Content-Length: 34
<-
Response [https://api.checkbox.com/v1/my_account/oauth2/token]
Date: 2019-11-08 16:08
Status: 400
Content-Type: application/json;charset=UTF-8
Size: 34 B
I am not sure how to pass the &'grant_type=password' with the request. Any ideas?
From the API DOC your API is supporting Oauth2 authentication using Resource Owner Password Credentials Grant that uses grant_type = "password".
For Oauth2 API you would usually use httr::oauth2.0_token but currently, httr Oauht2 flow does not support this type of grant.
You would need to do it yourself.
From the doc (I did not try as I don't access to this API), you would need to use a POST with a body containing your parameter.
This should work:
username <- "my_username"
password <- "my_psw"
base_url = "https://api.checkbox.com/v1/my_account/oauth2/token"
response <- POST(url=base_url,
# pass data to the POST request
body = list(
username = username,
password = password,
grant_type = "password"
),
# application/x-www-form-urlencoded
encode = "form",
verbose())
See that using httpbin.org as example, you get the same header that in your example, with your data pass as form in the POST
username <- "my_username"
password <- "my_psw"
response <- httr::POST(
# for demo
url= "https://httpbin.org/post",
# pass data to the POST request
body = list(
username = username,
password = password,
grant_type = "password"
),
# application/x-www-form-urlencoded
encode = "form")
jsonlite::prettify(httr::content(response, "text"))
#> No encoding supplied: defaulting to UTF-8.
#> {
#> "args": {
#>
#> },
#> "data": "",
#> "files": {
#>
#> },
#> "form": {
#> "grant_type": "password",
#> "password": "my_psw",
#> "username": "my_username"
#> },
#> "headers": {
#> "Accept": "application/json, text/xml, application/xml, */*",
#> "Accept-Encoding": "deflate, gzip",
#> "Content-Length": "56",
#> "Content-Type": "application/x-www-form-urlencoded",
#> "Host": "httpbin.org",
#> "User-Agent": "libcurl/7.64.1 r-curl/4.2.9000 httr/1.4.1"
#> },
#> "json": null,
#> "origin": "176.158.63.46, 176.158.63.46",
#> "url": "https://httpbin.org/post"
#> }
#>
Created on 2019-11-08 by the reprex package (v0.3.0)
Hope it helps