Question

Sandbox User Provisioning Error Access Denied

  • 31 August 2023
  • 10 replies
  • 101 views

Hello,

It’s. my first time to use the momo api. I am trying to create a user in sandbox using firebase authentication trigger function. I subscribed for collections widget and am passing its primary key as the Ocp-Apim-Subscription-Key.

the user is being created successfully when i run in the sandbox but returns access denied when i execute the code.

import * as admin from "firebase-admin";
import * as functions from "firebase-functions";
import { v4 as uuid4 } from "uuid";

export const createUser = functions.auth.user().onCreate(async (user) => {
const uid: string = user?.uid;
const myUUID = uuid4();
const key = functions.config().primarycollection.key;
console.log(myUUID);
try {
await admin.firestore().collection('users').doc().set({
userId: uid,
myUUID,
createdAt: user.metadata.creationTime,
});

const provideUser = await fetch("https://sandbox.momodeveloper.mtn.com/v1_0/apiuser", {
method: "POST",
body: JSON.stringify(
{
"providerCallbackHost": "momocallback.mtn.com",
}
),
headers: {
Accept: "application.json",
"X-Reference-Id": myUUID.toString(),
"Content-Type": "application/json",
"Host": "sandbox.momodeveloper.mtn.com",
"Ocp-Apim-Subscription-Key": key!,
},
cache: 'default'
});

if (provideUser.ok) {
const data = await provideUser.json();
console.log(data);
} else {
console.log('error provisioning user', provideUser.statusText);
}
} catch (error) {
console.log(error);
}
});

 


10 replies

Userlevel 3
Badge

subscribe to the Collections https://momodeveloper.mtn.com/Products/collections  and try using the its primary key. 

Userlevel 2

The sandbox API USER and API KEY are created once, the firebase Auth trigger is not required in this case. MTN MoMo has its Auth Protocal, this means firebase auth is mostly needed for your clients.
In this case, YOU/ YOUR APP is the client to MTN MOMO, therefore who ever comes after you is your client until the time of payment where MTN will become a transaction settler.

subscribe to the Collections https://momodeveloper.mtn.com/Products/collections  and try using the its primary key. 

This worked for me. Weird how Collection Widget’s keys couldn’t work.

The sandbox API USER and API KEY are created once, the firebase Auth trigger is not required in this case. MTN MoMo has its Auth Protocal, this means firebase auth is mostly needed for your clients.
In this case, YOU/ YOUR APP is the client to MTN MOMO, therefore who ever comes after you is your client until the time of payment where MTN will become a transaction settler.

Hold up, is it created once for the entire application or for each user because my implementation means each user that registers gets their own API KEY.

You’re right, am using firebase Auth for my clients because i don’t want anyone that’s not registered with the service to use it. I am using the auth trigger to create a user and their API key when they are successfully authenticated by the application.

Hello,  Quick one again, when provisioning the user, this endpoint https://sandbox.momodeveloper.mtn.com/v1_0/apiuser/{X-Reference-Id}/apikey only returns an API key.  When i want to createAccess or createOauthToken, the require an API User Id, which endpoint do i get that from? Could I be provisioning the user in the wrong way in this post above?

thank you!

Userlevel 2

The sandbox API USER and API KEY are created once, the firebase Auth trigger is not required in this case. MTN MoMo has its Auth Protocal, this means firebase auth is mostly needed for your clients.
In this case, YOU/ YOUR APP is the client to MTN MOMO, therefore who ever comes after you is your client until the time of payment where MTN will become a transaction settler.

Hold up, is it created once for the entire application or for each user because my implementation means each user that registers gets their own API KEY.

You’re right, am using firebase Auth for my clients because i don’t want anyone that’s not registered with the service to use it. I am using the auth trigger to create a user and their API key when they are successfully authenticated by the application.

the API USER and API KEY are created once and are for your application. Let that video help you understand the logic. You can create an external API to handle user auth for you.
 

 

hey @crankluga , the video is an eye openner. I’ve learnt that there is no need for giving each user and am going to restructure that. Thank you a lot.
Can you also guide me on how to get the user API user Id? Turns out is it so vital when trying to create an access token and oauth token. Thank you!

Userlevel 2

Kindly follow the vidoes in the same playlist. 
Dont forget to like or vote where my support input has helped you.

Your possible problem

 is using Firebase trigger functions.... Remember it's not a free service when you upgrade to the use of Firebase cloud functions. You seem to be awaiting for a response from firebase for an x-reference-Id..... However because you might not have paid for the premium features, it's not working and thus returning null values.

Here are the possible solutions. 

1- Ensure you have correct subscription keys

2- First create API user before storing the details in Firestore rather than first saving the details awaiting response then using those values to provision APiUser.

3- Don't use firebase trigger functions if you haven't upgraded to premium. Use alternative means such as realtime database event listener callbacks. 

@Harold Rwothomio, The trigger function couldn’t work if I were using a free tier. I using premium and getting the x-reference-id successfully. Issue is, creating an access token requires an API-user-is which i can’t seem to know how to find and neither does the documentation mention about. And I failed to make sense out of crankluga’s video. 

Reply