I'm having issues with accessing the Fantasy Sports API using OAuth in an iOS app I am building.
I have succesfully authenticated a user, resulting in a "HTTP 200 OK" message, yet when I try to access the API (i.e.: "http://fantasysports.yahooapis.com/fantasy/v2/users;use_login=1/games;game_keys=nhl/leagues"), I receive a HTTP 401 Unauthorized Access error.
From what I can see, I am sending the correct Authorization header w/ my request, so I'm stumped. Any help and/or feedback is greatly appreciated.
Here's my Authorization Header:
realm="yahooapis.com", oauth_timestamp="1295835481", oauth_nonce="e766cc3aabb286dba70a81a2a8be542bf85cf8ad", oauth_signature_method="HMAC-SHA1", oauth_consumer_key="dj0yJmk9WjFLcW9PeHdFT1NHJmQ9WVdrOVlWUlVVRE5ZTldVbWNHbzlNVGMyTnpneE5UWXkmcz1j b25zdW1lcnNlY3JldCZ4PWFm", oauth_version="1.0", oauth_token="A%253DuFNA67HBshNMrE93z05q2hiK.87gNUU9QSsCqdzlsfJSfoFlNv5hGle.boN_ZGT6QL7RpZ7C7gZF Z7mwGhUMeJFmNQVWvvvJCTNupAZHBSJkU57AKPvZI0lY32BEYmvi2ZsxtlyaV5cius7Ed8loq5pKdXxK a yGHUPcSB9MONMH9wwsP7x.66vcSLwpeF3nE76gI94pp8ptCZE2tuV0PDOOeZZcJbo4HbHaqBacP7fKGn N 16Weomxm6sWbQSQREMPDDh3oO_TzA_rTHeJ19fpE9i3wSqC0ZT7OgJ_TZukuQjZ_Au2FoqwnFeUgBgNd O qZFQRv5L3RFLderWeIhVsy3HwSlsx1JvuzmCY28_JgPS_FwER8RRC3eur_qhYKR9L2ficcnh2oiiXp8o p SQe0e9_wHvlWWIsV3eqbhNCG2Reu7UudxxPLsV7yFUws5fW7EvuOdb6cycbNusR2PAH6X1CRB2o1OOj0 0 qW96509qL.0_02_z9CXpQkt_rdeO_wF6r21IHxjIMii9BjlKbZ9_QIPHHclFFkfNvoTsS01uJm6uVruj T 5FocAY0trq20QaI_ecwYXVsBfWZgeN147Nc5l.Q8654zL39d6Vj75PzqaHrsKL0cIk1Q5fMSi1mTL_ll G iOTtRsWj0q7jCLH.YKzJKrGH_zzheu4M1uGgE16SXFypTROa2gISy6nRhzqVpPpbUdlzKJxUgZmFJ4gT 4 VauHuTYSaHsjQKgC8GyI.sJMl53XdyAGxs5IIolsr1vHuU7q0E_RnJfYjOJE", oauth_signature="47KEQwMYeMZBhYiQRtWKO3asGLs%3D"
My callback is "oob" if that makes any difference.
I can't tell much in terms of just straight verifying the response that you provided, since it's very dependent on how you're generating the request and what inputs you're giving into it. Just a couple thoughts, though:
* Your application would need to be scoped to Fantasy Sports read (or read/write), which you set up when creating your application through the YDN site. Unlikely that's the problem, but it could definitely cause issues. * I'm not sure how you're telling that you've successfully authenticated the user. If you've gone through the steps where you were able to pass the user through to get their token verifier and then you run that back to YDN in order to get the access token, are you using the access token parameters that you get back, or the original request token parameters? ie, if you get the 200 OK back from YDN, are you also using the contents of that response in your request up to us? * What's the exactly response text that you receive back along with the 401 Unauthorized? Sometimes that can help clarify where the problem is actually occurring. * Failing all that, what does your code look like that you're using to a) get the access token, and B) submit the request to us along with the access token data?