CODEWITHSUNDEEP
iosoauth-2.0vimeovimeo-api
MrJre
MrJre

Reputation: 7161

Vimeo OAuth2 Authorization

I'm currently working on an app that needs to integrate Vimeo. I'm therefore adapting my working OAuth2 client to allow authorization to Vimeo it's new beta API.

However, there are some things that are unclear to me, and the documentation is a bit vague on the matter.

  1. Should I get the client authorized before authentication?
  2. The user authentication url is https://api.vimeo.com/oauth/authorize, should I send a GET or POST request to this URL with the required parameters?
  3. Should I send a basic authorization header (Authorization : basic base64(client_id:client_secret) along with authentication or should it be unauthenticated authorization header (Authorization : Bearer unauthenticated_access_token)?
  4. Should I handle the authentication dialog through a UIWebView or through Safari?

Furthermore, I seem to get the error: { "error": "An unknown error has occured. Please let us know!"} when handling authentication through Safari. Does anyone have a clue on what actually went wrong or provide a way to find out? (Seems Vimeo improved their error displaying overnight ;))

The actual error I get is that the redirect_uri and client_id are missing, but I'm reasonably sure they get provided in the request body when doing a POST, or in the parameters when doing a GET. Any pointers?

Upvotes: 0

Views: 1179

Answers (1)

Dashron
Dashron

Reputation: 3998

  1. Client authorization is not necessary to generate User authentication. Client authorization is only necessary to make unauthenticated api requests.

  2. You don't make a request to api.vimeo.com/oauth/authorize, you send your user there. You should create a link, and put it on a page for your user to click. They will make a GET request to that endpoint, but it should not happen through your server.

  3. Since your client is making a request to /oauth/authorize, there is no way you can define the headers. You will need to provide an authorization header to /oauth/access_token, and this should be Authorization : basic base64(client_id:client_secret)

We did fix a bug last night in our oauth error reporting :D. Sorry for the temporary confusion.

Without more information I can't really answer your error message. I'll add some comments, and then update this answer with more information.

Upvotes: 1

Related Questions