Magento Rest API Oauth URL Returning 404

Question

From the Magento wiki at:

http://www.magentocommerce.com/api/rest/authentication/oauth_authentication.html#OAuthAuthentication-OAuthProcess

When getting an API token you start off by getting an Unauthorized Request Token at:

www.mystore.com/oauth/initiate

However, my code does not work and when I browse to the above url in my browser I get a 404.

I am appending shop store code to the base url (eg www.mystore.com/en/) I don't know if this alters anything.

Answer 1

I struggled with this one for most of the day, so here's a late contribution in case it helps anybody:

The authorization URL that's documented by Magento, admin/oauth_authorize, assumes that you're not using a custom URL for your admin access. "admin" is the standard URL to access the Magento dashboard, but many people change it for security. If you have changed your admin URL to something other than "admin", use that instead.

IOW if you access your Magento dashboard at https://yoursite.com/foo, then your authorization URL is foo/oauth_authorize.

Answer 2

The Magento Wiki has a typo:

$adminAuthorizationUrl = 'http://yourhost/admin/oAuth_authorize';

Should be:

$adminAuthorizationUrl = 'http://yourhost/admin/oauth_authorize';

Answer 3

I also had the problem, that the following request returned the 404 http status:

http://yourmagentostore.com/oauth/initiate

The solution was quite simple: In case if you are using multiple stores and/or store views on the same domain, don't forget to add the url path which maps to the store view. E.g.

http://yourmagentostore.com/<my-store-view-path>/oauth/initiate

Answer 4

There is one subtlety don't forget the http:// so your call to the store should be

http://yourmagentostore.com/oauth/initiate

Also there is more to REST services setup then on the link you posted, it is only an overview. There is a ton of configuration on the store before you will actually get a rest response and when the user isn't recognized, unauthorized or without proper ACL privileges you will get 404 or 500 responses. I guess that deters hackers but it is a bear to trouble shoot. I've been down this road and although I am using an automation tool the Setup of the store and troubleshooting is the same.

Take a look on my blog I keep it up to date with my adventures with the Magento REST API
Cheers!
Rich Borek
http://magento-simplified.blogspot.com

Answer 5

I just had the same problem. Not many similar problems to be found and no solution. This is strange because this seems to be a missing config option 'global/request/direct_front_name', which isn't set in Core/Oauth module. How can all the tutorials work without this important setting!?

Without "oauth" setting being there, every call to /oauth/[controller] leads to "noRouteAction" being resolved (see. Mage_Core_Controller_Request_Http::setPathInfo() and Mage_Core_Controller_Request_Http::isDirectAccessFrontendName($storeCode)) instead of default indexAction.

So, the solution is to set this setting in local config or an own extension as follows

<?xml version="1.0"?>
<config>
  [...]
  <global>
    [...] 
    <request>
        [...] 
        <direct_front_name>
            <oauth/>
        </direct_front_name>
    </request>
  </global>
</config>

Afterwards you can finally get the token at least. I'm checking the further process now.