1
votes

I am developing a C# application which needs to use the onelogin API to retrieve a session token. I am able to authenticate and and create a token with the following code:

WebRequest Authrequest = WebRequest.Create("https://api.us.onelogin.com/auth/oauth2/token");

Authrequest.Method = "POST";
Authrequest.ContentType = "application/json";
Authrequest.Headers.Add("cache-control", "no-cache");
Authrequest.Headers.Add("Authorization: client_id:XXXXXXX7bbf2c50200d8175206f664dc28ffd3ec66eef0bfedb68c3366420dc, client_secret:XXXXXXXXXX6ba2802187feb23f6450c6812b8e6639361d24aa83f12010f ");


using (var streamWriter = new StreamWriter(Authrequest.GetRequestStream()))
{
    string Authjson = new JavaScriptSerializer().Serialize(new
    {

        grant_type = "client_credentials"

    });

    streamWriter.Write(Authjson);
}
WebResponse AuthReponse;
AuthReponse = Authrequest.GetResponse();

Stream receiveStream = AuthReponse.GetResponseStream ();

// Pipes the stream to a higher level stream reader with the required encoding format. 
StreamReader readStream = new StreamReader (receiveStream);


JObject incdata = JObject.Parse(readStream.ReadToEnd());
string sToken = incdata["data"][0]["access_token"].Value<string>();

AuthReponse.Close();  

However, when running the Create Session Login Token with the following code, it only returns a 400 error, and the message has no detail. Just Bad Request:

//Get the session token for the specified user, using the token recieved from previous web request

WebRequest request =     WebRequest.Create("https://api.us.onelogin.com/api/1/login/auth");
request.Method = "POST";
request.ContentType = "application/json";
request.Headers.Add("authorization", "bearer:" + sToken);


using (var streamWriter2 = new StreamWriter(request.GetRequestStream()))
{

    string json = JsonConvert.SerializeObject(new
    {

        username_or_email = sUsername,
        password = sPassword,
        subdomain = "comp-alt-dev"


    });

    streamWriter2.Write(json);
}


WebResponse response;            
response = request.GetResponse();


string streamText = "";
var responseStream = response.GetResponseStream();
using (responseStream)
{
    var streamReader = new StreamReader(responseStream);
    using (streamReader)
    {
        streamText = streamReader.ReadToEnd();

        streamReader.Close();
        //
    }
    responseStream.Close();
}

Any ideas?

-Thank you

4
How is your service defined at the endpoint: https://api.us.onelogin.com/api/1/login/auth? Can you run this code locally and attach your debugger to it? Or is this a service outside of your control? - gmiley
It is out of my control. - shaun.sethi

4 Answers

1
votes

Also for anyone who may be getting this error. in C# the email is case sensitive. I tried User.email.com. In onelogin it was saved as [email protected]. changing the c# to lower case fixed it.

0
votes

Can you let us know what payload you're sending across the wire to the .../1/login/auth endpoint as well as the response (either as others have suggested as packet snoop, or just as a debug output from the code)

400 means either bad json or the endpoint requires MFA, so this will narrow it down.

~thanks!

0
votes

Just joining the troubleshooting effort =) -- I can replicate a 400 Bad Request status code with a "bad request" message when the request body contains a username_or_email and/or subdomain value that does not exist, or if the request body is empty.

0
votes

Can you post what goes over the wire to the OneLogin endpoint...

OK Thanks. So it appears your subdomain does not exist. If you give me an email in the account I can find the correct subdomain value for you.