问题
I'm trying to get an access token from vKontakte (russian social network) via their OAuth2 API. This is how I make the call:
https://oauth.vk.com/authorize?client_id=12345&scope=wall,offline&redirect_uri=https://www.example.com/oauth/vk.php&display=page&v=5.24&response_type=token
I'm receiving an access token but if I try to post a message with it, I'm receiving this error:
//error: Permission to perform this action is denied for non-standalone applications: you should request token using blank.html page.
My app is a standalone application - why do I receive the error?
回答1:
I see that your "client_id" is '12345' - is it a fake ID, or a real one? Did you get a valid client_id from VK?
It appears that you should request the token via "blank.html":
https://oauth.vk.com/authorize?client_id=<app_id>&scope=...,wall,...&redirect_uri=https://oauth.vk.com/blank.html&response_type=token
(instead of vk.php, in your example)
回答2:
The steps that you have followed are correct.
The warning message Please do not copy the data from the address bar to third-party sites. So you can lose access to your account. will be displayed on the screen. Whereas, the actual access token will be found on the address bar.
回答3:
That's exactly what it says it is - you cannot use implicit flow for non-standalone application. Instead, you should use authorization code flow, which is more secure for client applications.
来源:https://stackoverflow.com/questions/25619028/how-to-get-an-access-token-from-vkontakte-vk-via-oauth2