Recent searches

No recent searches

Marcin Stelmaszyk's Avatar

Marcin Stelmaszyk

Joined Nov 22, 2024

·

Last activity Nov 22, 2024

Following

0

Followers

0

Total activity

1

Votes

0

Subscriptions

0

ACTIVITY OVERVIEW

Latest activity by Marcin Stelmaszyk

Marcin Stelmaszyk created a post,

Post Developer - Zendesk APIs
No access_token received after switching to authorization code flow

Hi everyone.

 

Zendesk ist depracating the implicit authorization flow, so I wanted to update our flow to PKCE authorization code flow. 

 

I followed the steps in https://support.zendesk.com/hc/en-us/articles/4408845965210-Using-OAuth-authentication-with-your-application

 

However I don't receive any access token in step 3.

 

Step 1 Open Zendesk Login Window Route: https://identity.plattform.mediio.de/oauth/authorizations/new Query Params look like this:

const endpointParams: URLSearchParams = new URLSearchParams({
      response_type: 'code',
      redirect_uri: 'https://www.demo.mediio.shop/assets/zendesk/zendesk.html',
      client_id: 'plattform',
      scope: 'hc:read',
      code_challenge_method: 'S256',
      code_challenge: codeChallenge,
    });

The codeChallenge is generated as described here: https://developer.zendesk.com/documentation/ticketing/working-with-oauth/oauth-pkce/

 

Step 2 

Capture the code from the redirect URL.

 

Step 3 

Send a POST Request to https://identity.plattform.mediio.de/oauth/tokens 

The request body looks like this:

const requestBody = {
              grant_type: 'authorization_code',
              code: code, // from previous step
              client_id: 'plattform',
              redirect_uri: 'https://www.demo.mediio.shop/assets/zendesk/zendesk.html',
              scope: 'hc:read',
              code_verifier: this.codeVerifier,
            };

The codeVerifier is the string used to create the SHA256 hash.

Send this POST request using the JS-fetch API:

const request: Promise = fetch(endpoint, {
              body: JSON.stringify(requestBody),
              method: 'POST',
              headers: {
                'Content-Type': 'application/json',
              },
            })
              .then((res) => {
                if (!res.ok) {
                  console.error(`HTTP error! status: ${res.status}`);
                }
                return res.json();
              })
              .then((json) => {
                if (!json.access_token) {
                  console.error('No access token in response');
                }
                return json.access_token;
              });

We receive a response from the backend with a 200 OK status code, but it contains no data. Do you maybe know what the issue is?

Posted Nov 22, 2024 · Marcin Stelmaszyk

0

Followers

1

Vote

1

Comment