Newbie authentication issue

Hi folks,



I’m trying to get started with your Mautic free hosted service and using the API from a PHP script that is used to to process a download form.



Here’s my code:

$mauticBaseUrl = ‘https://my-domain.mautic.com/api’;



$settings = array(

‘baseUrl’ => $mauticBaseUrl,

‘clientKey’ => ‘a-long-string-with-cutnpaste-clientkey-creditials’,

‘clientSecret’ => ‘a-long-string-with-cutnpaste-secretkey-creditials’,

‘callback’ => ‘http://localhost:8888/downloads/’, // @todo Change this to your app callback. It should be the same as you entered when you were creating Mautic API credentials.

‘version’ => ‘OAuth2’

);



$auth = MauticAuthApiAuth::initiate($settings);



But the response header I get back includes:



www-authenticate:Bearer realm=“Service”, error=“access_denied”, error_description=“OAuth2 authentication required”



The download form is hosted at http://localhost:8888/downloads/ and the Redirect URI is set to http://localhost:8888/downloads/ for OAuth2 authentication.



I’ve been thru the forums and the help and not seeing much to go on, so any help appreciated. Any pointers as to how to get more information than “access denied” in the response header? I don’t see anything in the mautic online UI that allows me to view the API logs, like you get with MandrillApp for example, which shows all API calls and allows you to click thru for details with the full request and full response.



Thanks,

Paul

Hi folks,

I’m trying to get started with your Mautic free hosted service and using the API from a PHP script that is used to to process a download form.

Here’s my code:
$mauticBaseUrl = ‘https://my-domain.mautic.com/api’;

$settings = array(
    'baseUrl'           => $mauticBaseUrl,
    'clientKey'         => 'a-long-string-with-cutnpaste-clientkey-creditials',
    'clientSecret'      => 'a-long-string-with-cutnpaste-secretkey-creditials',
    'callback'          => 'http://localhost:8888/downloads/', // @todo Change this to your app callback. It should be the same as you entered when you were creating Mautic API credentials.
    'version'           => 'OAuth2'
);

$auth = MauticAuthApiAuth::initiate($settings);

But the response header I get back includes:

www-authenticate:Bearer realm=“Service”, error=“access_denied”, error_description=“OAuth2 authentication required”

The download form is hosted at http://localhost:8888/downloads/ and the Redirect URI is set to http://localhost:8888/downloads/ for OAuth2 authentication.

I’ve been thru the forums and the help and not seeing much to go on, so any help appreciated. Any pointers as to how to get more information than “access denied” in the response header? I don’t see anything in the mautic online UI that allows me to view the API logs, like you get with MandrillApp for example, which shows all API calls and allows you to click thru for details with the full request and full response.

Thanks,
Paul

A couple things to check. First, ensure that the client key and secret are configured to be OAuth2 credentials. You have the option to generate OAuth1a or OAuth2 keys and they of course have to match the version used by the script.

Also, I don’t think you need the /api on the end of $mauticBaseUrl. Try changing it to just https://my-domain.mautic.com to see what happens.

Hi Alan,

That’s helped thank you.

However, I am now seeing “XMLHttpRequest cannot load https://mydomain.mautic.com//oauth/v2/authorize?client_id=1_37qat7ob9uio44co…st%3A8888&state=5f8497fdbd49a69fdc068edc9d2c1e91&scope=&response_type=code. No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘http://localhost:8888’ is therefore not allowed access. The response had HTTP status code 404.”

The API credentials Redirect URI is set as “http://localhost:8888,https://localhost:8888” and I’ve tried setting callback for
settings as both ‘http://localhost:8888’, and ‘http://localhost:8888/downloads/’. I would presume the former should work.

If you can help again that would be much appreciated.

Thanks in advance for your time.

best regards,
Paul

You are experiencing CORS. Lear about what it is for example at

https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS

Your server probably sets a header in response which doesn’t allow to process response under another domain.

Thanks for that info escopecz. I’m running into this same issue and I’m running mautic on nginx.

I read through that page you linked so as best I could, but I couldn’t find any solution being offered. Do you have any hints as to where I should focus to get around this? A configuration change to my nginx environment?