Authentication not provided error using access token (oauth)

After fetching auth token from using the below-mentioned process, we get the auth token, but when we try to POST using that token, it errors with ‘Authentication credentials were not provided’ message.

#!/bin/bash
KOBO_TOOLBOX_CLIENT_ID=XXXXXXXXXXXXXXXXXX
KOBO_TOOLBOX_CLIENT_SECRET=XXXXXXXXXXXXXX
KOBO_TOOLBOX_REDIRECT_URI=http://localhost:3000

ACCESS_CODE=XXXX_RETRIVED FROM REDIRECT
# SUCCESS RESPONSE WITH {'access_token': 'XXXXX', 'token_type': 'Bearer', 'expires_in': 36000, 'refresh_token': 'XXXXXXX', 'scope': 'read write'}
ACCESS_TOKEN=`
curl -X POST https://kf.kobotoolbox.org/o/token/ \
    -H "Accept: application/json" \
    -d "grant_type=authorization_code&client_id=${KOBO_TOOLBOX_CLIENT_ID}&redirect_uri=${KOBO_TOOLBOX_REDIRECT_URI}&code=${ACCESS_CODE}" \
    -u "${KOBO_TOOLBOX_CLIENT_ID}:${KOBO_TOOLBOX_CLIENT_SECRET}" | jq -r '.access_token'
`

echo "ACCESS_TOKEN=$ACCESS_TOKEN"

# NOT WORKING: {"detail":"Authentication credentials were not provided."}
curl -X POST https://kf.kobotoolbox.org/api/v2/assets/ \
    -d 'asset_type=survey&name=Test' \
    -H "Accept: application/json" \
    -H "Authorization: Bearer ${ACCESS_TOKEN}"

Hi,
Could you share more details on the platform you are using to access or post with JSON. Give some more details on your conifguration to enable us best understand what exactly is causing the issue. Have you ever done this successfully before even on another project?

Regards,
Stephane

Hi, thanks for the quick response.

Right now we are just using curl to test out the request and response as shared on the snippet above.
We’ll however, perform these requests from python later on after we successfully know the requests are working.

This is the first time we are trying to integrate our system with Kobo. We’ve successfully integrated oauth with OSM and HID before.

Hi,
Glad to know The system should work just as fine for your integration needs. We documented steps in the various support articles

Stephane

@stephanealoo We are trying to use oauth2 so that we can request to kobotoolbox on behalf of the user.

Until now, we have no trouble retrieving the access_token from kobotoolbox. What we are struggling with is with its use. When we request to kobotoolbox, the response is giving error as mentioned by OP.

Could you help us understand why it’s not working or what changes we should make?
This is where we are using the access_token.

curl -X POST https://kf.kobotoolbox.org/api/v2/assets/ \
    -d 'asset_type=survey&name=Test' \
    -H "Accept: application/json" \
    -H "Authorization: Bearer ${ACCESS_TOKEN}"

Hi @theayer56
Our developers noted that you made an error in your last code that you used

Authorization: Bearer ... but you should use Authorization: Token ... as shown in the article I had shared earlier

Stephane.

2 Likes

Hi, @stephanealoo. Thanks for the reply.

In the article you mentioned, the token is accessible from https://[kpi-url]/token/?format=json.

But our requirement is different from that process. We want to get access to the token using OAuth, so that the user only provides the credentials to your service ([kpi-url] as mentioned in the article) instead of our service.

As you mentioned to use the Token, we get {"detail":"Invalid token."} error when we use the token from oauth.

Could you provide documentation on how to use OAuth on kobo? We are using this tutorial so far, which doesn’t seem to be valid.

Do you have away for php curl? i am getting {“detail”:“Not found.”} as reponse when i do
$apiToken = ‘xxx’;
$formId = ‘xxx’;

$username = ‘xxxx’;
$password = ‘xxx’;
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, ‘https://kc.kobotoolbox.org/api/v1/data/’.$formId);
curl_setopt($curl, CURLOPT_USERPWD,“{$username}:{$password}”);
curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);

echo $response = curl_exec($curl);

// Check for errors
if ($response === false) {
die('Error: ’ . curl_error($curl));
}