I am trying to authenticate users by generating a request token, asking for 3rd party auth consent from TMDB, redirecting back to my app and then using the session_ID to generate a session. I am able to generate the request token, redirect to TMDB and redirect back but I don't understand what I am supposed to do after that.
As per the docs: "Once the user has approved your request token, they will either be redirected to the URL you specified in the redirect_to parameter or to the /authenticate/allow path on TMDB. If they aren't redirected to a custom URL, the page will also have a Authentication-Callback header. This header contains the API call for step #3. You can either manually generate it or simply use the one we return."
"If they aren't redirected to a custom URL, the page will also have a Authentication-Callback header." <------ I do not understand what this means
And If I choose to manually redirect then how do I recieve this session_ID that I need to generate a session?
I have validated my key with the "Validate Key" endpoint. I have retrieved a test request_token with the "Create Request Token" endpoint.
I get this example request token:
{ "success": true, "expires_at": "some date", "request_token": "abunch of random chars" }
I do not understand how to test the create session endpoint. Do I place the return from the request token endpoint into the RAW_BODY param? That just tells me "Sorry, you couldn't be authenticated with those credentials when I use the api key that I just validated.
What's the catch here?
Can't find a movie or TV show? Login to create it.
Want to rate or add this item to a list?
Not a member?
Reply by Travis Bell
on October 17, 2024 at 11:07 AM
If you have the approved request token from a user, your next step is to use that token to request a session ID. This is step #3 in the docs, and the you would use the create session endpoint to do it. The return of this endpoint will be a fully authorized session ID.
You can also follow along with the code here, in a test script I have. It's all just front end HTML/JS so you can inspect the code to see how it works.
Reply by lwinkk
on October 17, 2024 at 12:55 PM
I understand you have a link for v3 and v4 session creations. I'll dig through the network tab and read the JS code that gets applied to the session creation. Once I have done this and generated a session successfully from my end, Is there a repository publicly available where the documentation for these steps can be updated? I do not believe it's normal for developers to need to go digging through the network tab to understand how to do something. (some beginners might not even understand how they can do this) I would prefer this to be updated step by step in the official documentation and am willing to contribute in that capacity. I would also like to update the endpoint tests to include some dummy example for the required params so folks understand how to shape the returns before sending them forward to another call. Let me know if this is something we can do!
Here is what I have started working on if you're interested in having a looksy do: https://movie-api-fe.vercel.app/
You have an incredible api here. I've thoroughly enjoyed using it.
Reply by lwinkk
on October 17, 2024 at 1:16 PM
When I go through the script the body param shows JSON.stringify({ request_token: requestToken })
Request token is a string. When I go to the test endpoint for creating a session and i place { request_token: "asdfafgwdgawefgwdgaswdgsdg" } in the RAW_BODY section for the test endpoint I get a fail;ed response
{ "success": false, "status_code": 5, "status_message": "Invalid parameters: Your request parameters are incorrect." }