Skip to main content

How to generate AccessToken and AccessTokenSecret using OAuth (v1.0a) protocol?


In this post, I am going to briefly explain how to generate the access token and secret using  OAuth (v1.0a) protocol, here I am using Xero payroll API Request URLs for generating tokens. "https://www.hurl.it/" is used to generate the above token.

Steps:

1) Before start, we need to create a Xero account (https://www.xero.com/signup/) and valid application (https://api.xero.com/Application/). Once you create app, you can get the "Consumer Key" and "Consumer Secret".

2)The next step is to obtain an Unauthorized Request Token

Go to the "https://www.hurl.it/" then select "Add Authentication" and click on "OAuth 1.0a".

In the "Destination", choose GET HTTP method and add the "https://api.xero.com/oauth/RequestToken" in the place, then add the "Consumer Key" and "Consumer Secret" which is obtained from APP, after adding click the "Launch Request" to get oauth_token and oauth_token_secret. 

The response is "oauth_token=EPTYMJ7K1PHATINKHC0HI7BKWDJYUY& oauth_token_secret=C6LBH2Y5SOMK56FMJMVAHCOIE5SIKY& oauth_callback_confirmed=true"

3) Next, we need to obtain User Authorization, for that, we have to use oauth_token which is got above as a response.

Go to the browser and copy the following URL,
https://api.xero.com/oauth/Authorize?oauth_token=EPTYMJ7K1PHATINKHC0HI7BKWDJYUY& scope=payroll.employees,payroll.timesheets,payroll.settings,payroll.payitems, payroll.payruns,payroll.payschedules,payroll.worklocations,payroll.paystubs

It will ask your username and password for login to the Xero account, once you log in, it will go to another page and we need to authorise application by clicking "Authorise" button. Finally it will be getting a code, this will use for a next step.





                

4) This is the last step for obtaining an Access Token, again go to the "https://www.hurl.it/" and set HTTP Request Method as a POST then place the URL as "https://api.xero.com/oauth/AccessToken".
Add the "Access Token" and "Token Secret" as what we get in "step 2". In addition we need to add the parameter. 
Go to "Parameters",set the name as "oauth_verifier" and value is the code which gets in the above step.


As a response, we will get the AccesToken and AccesToken Secret.
This is the Response oauth_token=RFTFTVFNYAYFIKCVKOHWGITP3BH75V& oauth_token_secret=CQGQRCKLBBFJAE6BNBVS6KWYAODN0D& oauth_expires_in=1800&xero_org_muid=76SaGeSCeaQdSBpBvlYYxG

Comments

Popular Posts

How to install draw.io Desktop Application on Kali Linux?

draw.io is an online diagramming open source web application which can be used as flowchart maker, network diagram software, ER diagram tool, UML diagramand more. It can be freely accessible website of draw.io or official Docker image or Desktop version for macOS, Linux & Windows. This guide includes detailed instructions about Desktop version installation on Kali Linux. Download the .deb build for draw.io sudo apt update sudo apt -y install wget curl curl -s https://api.github.com/repos/jgraph/drawio-desktop/releases/latest | grep browser_download_url | grep '\.deb' | cut -d '"' -f 4 | wget -i - Install with dpkg command sudo apt -f install ./drawio-amd64-*.de When application is installed, launch the application with following command. drawio Now application is ready to use. Click on " Create New Diagram"  to create new project or click on " Open Existing Diagram " to edit. ...

What is Honeypot?

A  honeypot is a security mechanism that creates a virtual trap to lure attackers. Simply we can say that this is a  decoy box residing inside your network demilitarized zone  (DMZ), set up by a security professional to trap or aid in locating hackers, or to draw them  away from the real target system. Since this a  decoy system , a malicious attacker might try to attack; software on  the system can log information about the attacker such as the IP address. This information  can be used to try to locate the attacker either during or after the attack. Honeypots vary based on design and deployment models, but they are all decoys intended to look like legitimate, vulnerable systems to attract cyber criminals. Type of Honeypot Production Honeypot : Used by companies and corporations for the purpose of researching the motives hackers as well ass diverting and mitigating the risk of attacks on the overall network. Research Honeypot : Used by nonprofit organi...

How to install Oracle Virtualbox in Ubuntu?

Introduction VirtualBox is a powerful free tool offered by Oracle for running an operating system on your computer virtually. In this tutorial lets learn how to install VirtualBox on Ubuntu. Installation 1. Open a terminal or press Ctrl + Alt +T 2. Enter the following command to all the packages or dependencies.      sudo apt-get update ( make sure to give the root password) 3. Run the following command to download and install Virtualbox     sudo apt-get install vrtualbox virtualbox-ext-pack That's all! VirtualBox has been successfully installed on your Ubuntu machine, and you can start using it.