While working on our app, we naturally look to remove third party access from time to time. This always results in an error: Unable to remove, please try again later. [object XMLHttpRequest]
Refreshing the page (once or twice) seems to bring back a correct result of having no third party apps.
Another, possibly related problem or maybe even a misunderstanding on our part:
When we do remove third party access, and then do a call to the user's account (with information saved from earlier) we still get their data. Shouldn't there be an error or something?
I'm seeing a similar behavior, the page seems unreliable, and when I am able to “revoke” access, the app is still able to use the access token to make api calls.
For what I want to demonstrate, this really undermines a lot of the value of oAuth, it also seems to contradict the terms of use (http://www.netflix.com/TermsOfUse)
“You may revoke the third-party application’s access to your Netflix account at any time”
Anybody know a Netflix email address for developer support? I don’t see a good way to contact them directly.
I observed this behaviour just now:
- it took four attempts as an end user to revoke my app's API key through the http://www.netflix.com/ThirdPartyAccess page
- the first three attempts gave me the error "Unable to remove, please try again later. [object XMLHttpRequest]"
- I have been unable to get my app's OAuth requests to "take" - while the page request returned a page with the URL https://api-user.netflix.com/oauth/login?oauth_consumer_key=..., and displayed the message "Mike, you've successfully linked SharpRatings to your Netflix account", my app still doesn't have access (it keeps getting a 401 error) and the /ThirdPartyAccess page still doesn't show a link to my app.
It seems like there's either (a) some lag time between what the /ThirdPartyAccess page displays and what's been authorized/de-authorized via the API, or (b) just some really inconsistent database transactional behaviour.
While working on our app, we naturally look to remove third party access from time to time. This always results in an error: Unable to remove, please try again later. [object XMLHttpRequest]
Refreshing the page (once or twice) seems to bring back a correct result of having no third party apps.
Another, possibly related problem or maybe even a misunderstanding on our part:
When we do remove third party access, and then do a call to the user's account (with information saved from earlier) we still get their data. Shouldn't there be an error or something?
Message edited by Mike 3 years ago
Tags
Calebb – 3 years ago
I'm seeing a similar behavior, the page seems unreliable, and when I am able to “revoke” access, the app is still able to use the access token to make api calls.
For what I want to demonstrate, this really undermines a lot of the value of oAuth, it also seems to contradict the terms of use (http://www.netflix.com/TermsOfUse)
“You may revoke the third-party application’s access to your Netflix account at any time”
Anybody know a Netflix email address for developer support? I don’t see a good way to contact them directly.
thanks
Michael Hart – 3 years ago
The team has been investigating this the last couple days. Stay tuned.
RoundsToZero – 3 years ago
Any update on this? I can't remove my app and refreshing the page doesn't help.
Poseidon – 3 years ago
I observed this behaviour just now:
- it took four attempts as an end user to revoke my app's API key through the http://www.netflix.com/ThirdPartyAccess page
- the first three attempts gave me the error "Unable to remove, please try again later. [object XMLHttpRequest]"
- I have been unable to get my app's OAuth requests to "take" - while the page request returned a page with the URL https://api-user.netflix.com/oauth/login?oauth_consumer_key=..., and displayed the message "Mike, you've successfully linked SharpRatings to your Netflix account", my app still doesn't have access (it keeps getting a 401 error) and the /ThirdPartyAccess page still doesn't show a link to my app.
It seems like there's either (a) some lag time between what the /ThirdPartyAccess page displays and what's been authorized/de-authorized via the API, or (b) just some really inconsistent database transactional behaviour.
Michael Hart – 3 years ago
We've repro'd the issue on our end and are working on a fix.