Reputation: 75
Podio authentication fails after multiple calls
I've been working with the Podio API for nearly a year now and have rarely had issues, but I recently ran into one that I can't figure out. I'm not even sure how to test what is going on. When an item is created, I have a webhook to a script which will send an http GET request to an item and perform a number of functions. The script runs just fine and has never run into any issues, unless I create a number of items in quick succession (15 or so). If I do this, a certain number will finish successfully, and then I will suddenly get the following error with each new call:
2016-11-14 16:41:14 401 GET /item/514610204
2016-11-14 16:41:14 Reponse: {"error_parameters":{},"error_detail":null,"error_propagate":false,"request":{"url":"http:\/\/api.podio.com\/item\/514610204","query_string":"","method":"GET "},"error_description":"invalid_request","error":"unauthorized"}
If I wait a minute or so, it begins working again.
I'm authenticating with username and password. Does anyone know what is going on or how to check what is going on? The podio.log has not been helpful in this situation.
(UPDATE) The issue is that I am hitting an authentication request rate limit because I haven't been using a session manager. I'm now attempting to do this, but having issues. My code using the Redis setup is as follows:
require_once 'models/PodioRedisSession.php';
Podio::set_debug(true, 'file');
Podio::setup($client_id, $client_secret,array(
"session_manager" => "PodioRedisSession"
));
Podio::$auth_type = array(
"type" => "password",
"identifier" => "MY_EMAIL"
);
Podio::$oauth = self::$session_manager->get(Podio::$auth_type); //ERROR IS ON THIS LINE
if (!Podio::is_authenticated()) {
Podio::authenticate_with_password('MY_EMAIL', 'MY_PASSWORD');
}
which gives me the following error: Cannot access self:: when no class scope is active. Am I on the right track to get the session manager working with password authentication? The error occurs on the commented line.
(UPDATE) I was finally able to get the system running properly. The code above is correct. The server just needed to be reset (Windows server) for Redis to take affect.
Upvotes: 0
Views: 350
Answers (2)
Reputation: 419
To avoid hitting this limit you should authenticate with the API once and then store the oauth and refresh tokens that at are returned from the API. Redis will do the trick. Then you use the oauth token for all subsequent requests.
An example can be found here [1]
Your oauth token will be valid for at most 28 days. When it's no longer valid you will need to obtain a new oauth token using the refresh token you received when you first authenticated. [2]
[1] https://developers.podio.com/authentication/username_password
[2] https://developers.podio.com/authentication
Upvotes: 1
Reputation: 216
If your script is authenticating to Podio each time an item is created, it is possible that you are running into the Podio API’s rate limit on authentication requests.
Are you generating a new auth token each time the script is triggered by your webhook? The Podio client libraries include some general documentation on session management that may be useful!
Upvotes: 3
Related Questions
- Authentication Retries
- PODIO API call get excel using CURL, authentication error
- Podio PHP Issue
- Podio error when getting apps
- Why does Podio return an unauthorized response when I am submitting a valid access token?
- PHP: Verify webhook with the Podio API
- Unable to Authenticate on Podio API using Access Token
- Podio Authentication: how to use the scope parameter
- App token is null in Podio API request
- Podio API Pulling Wrong Data