Welcome to the RingCentral Community

Make sure to review our Terms of Use and Community Guidelines.

Please note the community is currently under maintenance and is read-only.

Home » Developers

OAuth2 Authorization Flow Issue

Tags: sdk

Jul 11, 2016 at 2:33pm • 5 replies • 0 likes

yash-patel

Hi,

I am trying to use a three-legged authorization flow to authenticate a user in my application. However, I am having an issue in the first step, requesting an authorization code:

I try to make a POST request to https://platform.devtest.ringcentral.com/restapi/oauth/authorize with response_type: code, client_id: APP_KEY, and redirect_uri: URL and I get a 405, method not supported.

What am I doing wrong?

5 Answers

Anirban answered on Jun 26, 2019 at 3:47pm

When you get HTTP 405, method not supported that means your HTTP method for calling the API is not correct.

Generally https://platform.devtest.ringcentral.com/restapi/oauth/authorize is a GET method used in browser to get code and exchange it with token. If you are using POST, you are expected to get that issue

ak answered on Jul 11, 2016 at 4:47pm

The "DOMException: Blocked a frame with origin "http://127.0.0.1:8080"; from accessing a cross-origin frame" is due to the Same-origin security policy.

As the original window is trying to access the popup window which is enabled in a different origin ( https )

You are right. The moment you provide your credentials on the popup window, the token information would be passed to the original window in the Demo app. However, if the popup window stays open, I would make sure to see the Line 38 and Line 42 is not commented within index.html

If you wish to preview the Demo using TLS option, kindly take a look at the javascript-express folder.
https://github.com/grokify/ringcentral-demos-oauth/tree/master/javascript-express

yash-patel answered on Jul 11, 2016 at 4:03pm

The demo was really helpful for a sample on how to implement using JavaScript... HOWEVER, in the demo, I am able to log in successfully and after I click the authorize button, I receive a "DOMException: Blocked a frame with origin "http://127.0.0.1:8080"; from accessing a cross-origin frame" message in the console window and the popup window stays open...

What is going on here? The expected result would be to see the access token in the original window. Any solutions?

anton-nikitin answered on Jul 11, 2016 at 3:38pm

According to OAuth 2.0 spec you should use GET method, not POST. I believe this is the reason of the error you are getting. But I agree with John, you should try out our SDK if you find one for your language.

John Wang answered on Jul 11, 2016 at 2:56pm

For the Authorization Code, flow, the user's browser must be redirected to the authorize URI. You should not POST to the URI either in your backend server code or in your browser code.

What language are you using?

We have demo apps in multiple languages here:

https://github.com/grokify/ringcentral-demos-oauth

Demos are available in C#, JavaScript (client and server-side), PHP, Python, and Ruby.

In the demos, the URL is generated by the SDK or the example code, and loaded into client-side JavaScript which opens a new window to the authorize URL. You can see an example of this here:

https://github.com/grokify/ringcentral-demos-oauth/blob/master/javascript-express/views/index.mustac...

A new Community is coming to RingCentral!

Posts are currently read-only as we transition into our new platform.

We thank you for your patience
during this downtime.

Try Workflow Builder

Did you know you can easily automate tasks like responding to SMS, team messages, and more? Plus it's included with RingCentral Video and RingEX plans!

Try RingCentral Workflow Builder

PRODUCTS
RingEX
Message
Video
Phone

OPEN ECOSYSTEM
Developer Platform
APIs
Integrated Apps
App Gallery
Developer support
Games and rewards

RESOURCES
Resource center
Blog
Product Releases
Accessibility

QUICK LINKS
App Download
RingCentral App login
Admin Portal Login
Contact Sales