Can't update Stashboard using API

[cakebread]

I can login to appspot.com and manually edit Stashboard, but the API fails with 403 errors using both the Python and Ruby example clients.

I'm using the consumer key and secret I got when registering the app with Google. This is from the logs when I used both example clients:

1. 11-02 09:40PM 05.142 /api/v1/statuses 403 25ms 38cpu_ms 0kb OAuth gem v0.4.4,gzip(gfe)
   See details

  72.10.62.12 - - [02/Nov/2010:21:40:05 -0700] "POST /api/v1/statuses HTTP/1.1" 403 189 - "OAuth gem v0.4.4,gzip(gfe)" "REMOVED.appspot.com" ms=26 cpu_ms=38 api_cpu_ms=0 cpm_usd=0.001146

2. E 11-02 09:40PM 05.160

  Unauthorized API access attempt

---

1. 11-02 09:38PM 17.442 /api/v1/services 403 22ms 19cpu_ms 0kb Python-httplib2/$Rev$,gzip(gfe)
   See details

  72.10.62.12 - - [02/Nov/2010:21:38:17 -0700] "POST /api/v1/services HTTP/1.1" 403 189 - "Python-httplib2/$Rev$,gzip(gfe)" "REMOVED.appspot.com" ms=23 cpu_ms=19 api_cpu_ms=0 cpm_usd=0.000601

2. E 11-02 09:38PM 17.458

  Unauthorized API access attempt

[Lusyok]

Is there any news regarding this issue ?

I have the same situation.

[pburkholder]

I have a similar problem, which I posted to Google Groups, only I get a 405 instead of 403. This seems to be common problem. Please, folks, you've written such a neat app, can you just help us out so we can use your awesomeness?

[kyleconroy]

@pburkholder The 405 is a different error, but may suffer from the same underlying problem. There are two APIs that stashboard provides. A read-only public API and a read/write API for account owners. The reason there are two APIs is that App Engine only let's you set authentication levels in the app.yaml.

To be absolutely sure that you access the API over SSL and are authenticated, you need to use the admin API

For further reference, please take a look at the REST API docs. https://stashboard.readthedocs.org/en/latest/restapi.html

[kaniini]

I am seeing this with stashboard on google apps. Use the OAuth credentials given to us, then access the /admin/ endpoints, and we're rejected because the OAuth credentials are considered by Google to be bogus.

[bhcopeland]

this big affects me too. I get:

{u'message': u'Authorization Failure', u'code': 403, u'error': True}

I also tried github ruby project stashboard-notifier and get same error.

has anyone got a working api for stashboard?

[goodtune]

Check your system time, I was bitten by this today - in one interpreter it was working fine, but in another it was failing. After tracing and observing that there is a time bound nonce in the OAuth response (and reading that tokens have a 10 minute TTL) I checked my system time... it was out by > 10 minutes; setting up NTP and updating the time fixed the issue.

[gopi-ar]

In our case the OAuth credentials had changed. Go to https://.appspot.com/admin/credentials to verify that they're ok.