Forum Discussion

ltctech's avatar
ltctech
New Member
5 years ago

GoToWebinar API Support

Hi,   It seems that the Access Token that's returned by the GoToWebinar API has increased from 28 chars to  909 chars sometime around 1AM PDT. It caused our systems to error out as it overflowed th...
Question
Slimpaul's avatar
Slimpaul
New Contributor

Hi,

I just started to work with the gotoWebinar API and just ran into some issues/problems.

Beside the various errors I got trying to authenticate via an access token (already made a support request) I asked myself if I just missunderstand the functionality of the API or I just need some advice.

 

What I plan is that I simply subscribe users to a webinar via a PHP script on my website.

So I started by creating the developer account, created an client and then starten using this guide and postman to get an access token.

The  "Obtaining an authorization code" works fine but i got stuck on the "Obtain an access token" part and after fiddeling around for some hours I just asked myself "Is this even possible what I try"? 

Because to make an API call I need a Access token .. to get an access token I need a authorization code. But the authorization code can only be obtained by call the URL with the clientId and the recirectUri and then log in and accept the required stuff.

But I want to make this calls via PHP,... first I thought "ok I just create the authorization code once and then use it in my php code" but in the documentation is written

 

You can now send the authorization code in exchange for an access token. Each authoization code can only be exchanged once. Any subsequent attempts will result in an error.

 

So I can't use it over and over again to get a new access token to make API calls. So how did this work?

my current state is that I make some calls via postman which leads to errors like

 

 
{
    "error": "invalid_request",
    "error_description": "Required parameter(s) missing or wrong."
}
 
Which are not really clear what is wrong or what is missing.
I mean I added everthing the documentation requested. 
grant_type : authorization_code
code: the auth code which is generated by the first link
Basic Auth with username (client_id) and password (client_secret)
 
Maybe someone can bring some light into my dark 🙂
 
AshC's avatar
AshC
Retired GoTo Contributor
4 years ago

Hi Slimpaul

For API related inquiries you'll want to use the support template / process available for developers on the following site:  https://developer.goto.com/support

  • Slimpaul's avatar
    Slimpaul
    New Contributor
    4 years ago

    I would like to post an answer I recieved a response from the response

     

    So basic flow here would be:

    • Obtain Authorization Code using browser
    • Feed/redirect the access code to your application somehow
    • Exchange code for an Access Token and Refresh Token
    • Store Refresh Token
    • Use refresh token once a day to get a new Access Token payload
    • Always replace the stored Refresh token in the payload, even though they will be the same most of the time

    If this flow is done properly, you should not need to login using the browser again, but it is good to always have the ability to feed your app a new code just in case

     

    ---

     

    Maybe this help someone.

    Also the reason for the

    {
    "error": "invalid_request",
    "error_description": "Required parameter(s) missing or wrong."
}

    Error was that the redirect_url was not the same I had in the access token request. Mybe that helps someone

    https://api.getgo.com/oauth/v2/authorize?client_id=CLIENT_ID_HERE&redirect_uri=https://mywebsite.io

// use the same redirect_uri here
curl --location --request POST 'https://api.getgo.com/oauth/v2/token' \
--header 'Authorization: Basic <BASE64 client_id : client_secret>' \
--header 'Accept: application/json' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=authorization_code' \
--data-urlencode 'code={CODE}' \
--data-urlencode 'redirect_uri=https://mywebsite.io'