Yes, OTT acts just like normal token. If it said invalid, maybe your token was not generated correctly?I'm struggling on how to make use of the one time token? Passing it as oauth_token in body/params/etc just results in invalid_token error. I'm still using Xf1 and bdapi v1.6.1.
Is it for example, possible to make a post using the one time token?
Hmm, token is definitely being generated properly, including the commas within the string i.e.Yes, OTT acts just like normal token. If it said invalid, maybe your token was not generated correctly?
$userId = 111;
$accessToken = "0150e4c39c88886db99cb3afeb481051b146feeb";
$clientId = "a5e3ba582f804687abceca11207b15e1";
$clientSecret = "clientsecretstring";
$ttl = 4000;
$timestamp = time() + $ttl;
$once = md5($userId . $timestamp . $accessToken . $clientSecret);
$ott = sprintf('%d,%d,%s,%s', $userId, $timestamp, $once, $clientId);
/api/forums
with parameters oauth_token=111,1561295269,E1B2DB415FF8CD977D23FB43E5872B0A,a5e3ba582f804687abceca11207b15e1&forum_id=3
.Your md5 is in upper case? That's weird, try converting to lower. Also, are you sure the client id is correct? The ID generated by this add-on (XF1 version) is way shorter than that.Hmm, token is definitely being generated properly, including the commas within the string i.e.
PHP:$userId = 111; $accessToken = "0150e4c39c88886db99cb3afeb481051b146feeb"; $clientId = "a5e3ba582f804687abceca11207b15e1"; $clientSecret = "clientsecretstring"; $ttl = 4000; $timestamp = time() + $ttl; $once = md5($userId . $timestamp . $accessToken . $clientSecret); $ott = sprintf('%d,%d,%s,%s', $userId, $timestamp, $once, $clientId);
Then sending a GET request to/api/forums
with parametersoauth_token=111,1561295269,E1B2DB415FF8CD977D23FB43E5872B0A,a5e3ba582f804687abceca11207b15e1&forum_id=3
.
But receiving invalid token. Using the raw $accessToken works fine. Any other suggestions I can look into?
Ah apologies, I'm performing the equivalent steps in C# hence the capitalisation. I generated the client IDs and secrets myself.Your md5 is in upper case? That's weird, try converting to lower. Also, are you sure the client id is correct? The ID generated by this add-on (XF1 version) is way shorter than that.
Could the Id length be causing an issue?
Ok I think I just figured it out. Think the break did me good. Believe I was passing the wrong user Id (pulling the id from the local DB instead of the forum ID). Just about to test it, will report back shortlyAs long as it is the correct id in the database, any length should be okie.
Totally different question: In the docs it mentions being able to use AES128 encryption to encrypt the client_secret when it is being sent instead of sending the client_secret raw. Is this correct?
It's similar to the XF1 version. You can create new client by going to http://domain.com/xenforo/index.php?account/apiHi folks,
Can anyone point me to documentation for [bd]API 2.1, which I can't seem to find? I can install the add on (and the WP consumer plugin too), see the add-on and can set the options, but where do I create the clients and keys/secrets so I can connect to WP?
Thank you!
in this api https://xenforo.com/community/threads/xenapi-xenforo-php-rest-api.34270
have: authenticate, getUser, getuserupgrade e edituser_custom_fields
with these bd-api, what are they equivalent to?
Thanks, getuserupgrade is very important for forums that have paid registration systems. do you think to introduce it?This add-on supports OAuth2 for authorization. There are a few different working modes, the simplest one let you use username/password combination. For other methods:
- getUser = GET /users/:userId
- getuserupgrade = N/A
- edituser_custom_fields = PUT /users/:userId
The user group system in XF is pretty unique so it doesn't make sense to expose to external system. In our experience, if you want to sync paid user status, it's simpler to sync user groups (normally user group adds user into special group). This add-on also include websub support so it's pretty efficient.Thanks, getuserupgrade is very important for forums that have paid registration systems. do you think to introduce it?
Just wondering, can you confirm whether BD API is fully compatible with XF2 yet? It's not possible for me to update to XF2 until I know this works properly, as I use this amazing add-on to tie a couple of websites together.
Got a URL to a list/description of specifics?The new version works well with XF2 but it doesn't have 100% features of the XF1 version yet. However the missing features are mostly minor / rarely used ones
Got a URL to a list/description of specifics?
We use essential cookies to make this site work, and optional cookies to enhance your experience.