ForumsDevelopersAlways get '{"errorCode":1,"errorDesc":"No access_token given"}'


Always get '{"errorCode":1,"errorDesc":"No access_token given"}'
Author Message
K.Reger

Posted: May 13, 2016
Score: 0 Reference
Hello,

when I try to edit a task, I always get the result:

{"errorCode":1,"errorDesc":"No access_token given"}

These are the request headers:
POST /3/tasks/edit.php HTTP/1.1
HOST: api.toodledo.com
tasks: [{%22id%22:%22449152731%22,%22reschedule%22:1,%22completed%22:1463153684,%22modified%22:1463153684}]
access_token: 41b72b315c2e3b28c32974ab44293e183c20xxxx

I tried different formats, for the tasks encoding, and access-tokens from my debugged app as wellas from the api playground.

After many days of trying I am stuck here, and hope, anyone can help me.

Regards, Klaus
Jake

Toodledo Admin
Posted: May 16, 2016
Score: 0 Reference
Are you able to use the access token for other requests? For example: /3/account/get.php?access_token=a1b2c3d4e5f6a1b2c3d4e5f6
K.Reger

Posted: May 16, 2016
Score: 0 Reference
Yes, getting Access-Token, Refresh-Token, and Tasks, everything works fine.
Jake

Toodledo Admin
Posted: May 16, 2016
Score: 0 Reference
I think it must be a problem in the way you are sending the POST. Maybe it isn't encoded properly. Im not sure what language you are programming in, but please check out this PHP example and look at the last function. It might give you a hint about what to do in your code.

https://github.com/Toodledo/oauth2-php-reference/blob/master/toodledo_oauth2.php
K.Reger

Posted: May 16, 2016
Score: 0 Reference
I am using Java, for an Android app. For the post request, I've used the Google-Volley-Library.

String toodledoFinishTaskURL = "http://api.toodledo.com/3/tasks/edit.php";
Map<String, String> params = new HashMap<>();
params.put("access_token", accessToken);
params.put("tasks", encodedTask);

RequestQueue queue = Volley.newRequestQueue(context);
StringRequest postRequest = new StringRequest(Request.Method.POST, urlAsString, responseListener,
new Response.ErrorListener() {
@Override
public void onErrorResponse(VolleyError error) {
Log.d("Error.Response", error.toString());
}
}
) {
@Override
protected Map<String, String> getParams() {
return params;
}
};
queue.add(postRequest);

The tasks-request looke like:
[{"id":"453445983","modified":1463139789,"completed":1463139789,"reschedule":1}]
or encoded:
%5B%7B%22id%22%3A%22453445985%22%2C%22modified%22%3A1463140289%2C%22completed%22%3A1463140289%2C%22r eschedule%22%3A1%7D%5D
Jake

Toodledo Admin
Posted: May 16, 2016
Score: 0 Reference
I am not familiar with Google-Volley, but it may be the difference between application/x-www-form-urlencoded and multipart/form-data post. Try changing the URL to "http://api.toodledo.com/3/tasks/edit.php?access_token="+accessToken and then take it out of the params.
K.Reger

Posted: May 17, 2016
Score: 0 Reference
Sorry for being go annoying ...

I've been trying this also in many variations. But then I then get the result:

{
"errorCode": 2
"errorDesc": "Forbidden"
"errors": [1]
0: {
"status": "2"
"message": "Forbidden"
}-
-
}

By the way I also tried this in the 'Advanced REST-Client'-Plugin for chrome-Browser. Same results.
Jake

Toodledo Admin
Posted: May 17, 2016
Score: 0 Reference
The errorCode #2 is a different error: http://api.toodledo.com/3/error_codes.php

It means that you sent an access_token, but it was not a valid token. Maybe it expired, or maybe that token was not created with the "tasks" or "write" scope. You can learn about scope here: http://api.toodledo.com/3/account/index.php
K.Reger Post deleted
K.Reger

Posted: May 19, 2016
Score: 0 Reference
Thanky you very much.

The problem was the missing scope 'edit'. But the errormessage was a bit misleading ....
Jake

Toodledo Admin
Posted: May 19, 2016
Score: 0 Reference
Yeah, we should improve the error message. If you get other error messages, please look at the error_codes page in the API that I linked above. It will decipher some of them.
You cannot reply yet

U Back to topic home

R Post a reply

To participate in these forums, you must be signed in.