403 forbidden when doing a Status Update

I'm having the same problem as well. I am able to get the user's GUID, Status, and Profile information, but when I try to update the Status, I get:

Your request received a response with status code 403. {"error":{"uri":"http://www.yahooapis.com/v1/errors/403","lang":"en-US","description":"Authentication failure or invalid Application ID","detail":"403 Forbidden"}}

The OAuth tokens are sent in the header. Sending them in the querystring instead of in the header also returns the same exact error.

I'm using a .NET OAuth library, not the yahoo python libs. I did set the test app's access request to be for private data and READ/WRITE, FULL ACCESS, or WRITE access for everything, so I'm not sure what else needs to be done.

I use GET for all the read requests, and PUT for the Status update request. Any help is much appreciated.

Thanks,
-Sean.

Can you please send over your full headers and response structure please? That will help determine where the error may be.

Thanks,
Jon

hi Jon
I am facing same problem. neither xml nor json don't work.

here is my code.

$timeStamp = time();
$oauthNonce = get_unique_code();
$statusEndPoint = "http://social.yahooapis.com/v1/user/$guid/profile/status";

$params = "oauth_consumer_key=".$consumerKey;
$params .= "&oauth_nonce=".$oauthNonce;
$params .= "&oauth_signature_method=HMAC-SHA1";
$params .= "&oauth_timestamp=".$timeStamp;
$params .= "&oauth_token=".$oauthAccessToken;
$params .= "&oauth_version=1.0";

$baseString = "PUT&".urlencode($statusEndPoint)."&".urlencode($params);

$signature = base64_encode(hash_hmac("sha1", $baseString, $consumerSecret."&".$oauthAccessTokenSecret, true));

$headers[] = "Accept: application/xml"; //or json

$headers[] = "Authorization: OAuth realm=\"yahooapis.com\",oauth_consumer_key=\"${consumerKey}\",oauth_nonce=\"${oauthNonce}\",oauth_signature_method=\"HMAC-SHA1\",oauth_timestamp=\"${timeStamp}\",oauth_token=\"${oauthAccessToken}\",oauth_version=\"1.0\",oauth_signature=\"${signature}\"";

$headers[] = "Content-type: application/xml"; //or json

$content = "<status>
<message>new status</message>
</status>";

//$content = '{
"status":
{
"message": "new status"
}
}';

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $statusEndPoint);
curl_setopt($ch, CURLOPT_PORT, $port);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_POSTFIELDS, $content);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'PUT');
$response = curl_exec($ch);
curl_close($ch);

var_dump($response);

function get_unique_code($length = "10") {
$code = md5(uniqid(rand(), true));
if ($length != "") return substr($code, 0, $length);
else return $code;
}

Response was this.

<?xml version="1.0" encoding="utf-8"?><error xmlns="http://social.yahooapis.com/v1/schema.rng" xmlns:yahoo="http://www.yahooapis.com/v1/base.rng" yahoo:uri="http://www.yahooapis.com/v1/errors/403" yahoo:lang="en-US"><description>Authentication failure or invalid Application ID</description><detail>403 Forbidden</detail></error>

{"error":{"uri":"http://www.yahooapis.com/v1/errors/403","lang":"en-US","description":"Authentication failure or invalid Application ID","detail":"403 Forbidden"}}

could you help me?
thank you.