I'm trying to follow the instructions for Application Login Flow, as I have a weekly automated query I want to refresh my project data.
http://www.geni.com/platform/developer/help/oauth_app_login?version=1
The request of a token works fine, I get the access_token, but if I apply that to the API request, it doesn't work. It redirects me to the login page. The entire point is to avoid authentication to a user account, I want the app to make the request. Why is it taking me to the login page and not just giving me the JSON response?
Just trying to get Project data (http://www.geni.com/api/project-6/profiles), nothing that would require special permissions.
I think your application have to be approved by Geni to use that method.
Personally I use the Desktop App method and store the access_token which I just validate and continue to use the next time I start my app.
https://www.geni.com/platform/oauth/validate_token?access_token=nnnn
Even if you get an expires_in it does not happen.
Private User, it looks the Desktop App method requires authentication, stating that "If the user is already logged in, we validate the login cookie that we have stored on the user's browser and authenticate the user.If the user is not logged in, they are prompted to enter their credentials".
I don't want to authenticate a user - it's a web server service and I want it to run independent of my personal credentials. The App Login flow looks like it would do that. The Trusted App might also work, but I rather not supply my personal account into if I can have the App get it's own token.
Besides: Use this flow if your application needs to retrieve public data or take adminstrative actions. The calls will not be made on behalf of the user, but on behalf of the app itself. Unlike public api calls without a token, this flow has a higher rate limit.
The http://www.geni.com/api/project-6/profiles call is not public data, so you need an approved access_token .