Hi Everyone,

I am looking into the NING API for a friend, and I am having some problems with step one. I feel embarrassed but I don't know what the problem is. I have gotten the Consumer key and the Consumer secret.

I use this command with my own email, the consumer key and secret I have gotten from my friend and the correct subdomain.


curl -u admin@example.com \

-d 'oauth_signature_method=PLAINTEXT&oauth_consumer_key=0d716e57-5ada-4b29-a33c-2f4af1b26837&oauth_signature=f0963fa5-1259-434f-86fc-8a17d14b16ca%26' \


But I still get this:

"success" : false,
"reason" : "The oauth_signature is invalid. That is, it doesn't match the signature computed by the Service Provider.",
"status" : 401,
"code" : 1,
"subcode" : 12,
"trace" : "e8bfe2a6-b71f-47c3-8bcb-87c32f6c7cf4"


oauth_signature is invalid... We have tried several keys, but still get this respons every time.

What am I missing ????


Thanks a lot,





Views: 2677

Reply to This

Replies to This Discussion

I solved it: I forgot to append %26 to the end of the oauth_signature.

However, I'm stuck to the next step and I'm not able to use the returned credential to access a resource...


I'm in the same position as you were.  I'm using curl and python to attempt to get an access token.  In the end I'll use C# to interact with I've attempted to login with a user who is apart of the member role, administrator role and the creator account.  For the first two I receive

"success" : false,
"reason" : "Invalid username",
"status" : 401,
"code" : 1,
"subcode" : 23,
"trace" : "c2406933-e55d-40c0-9a4c-612f56082e4c"

When I try to get the token using the creator account, I receive

"success" : false,
"reason" : "Only members are allowed to make this request.",
"status" : 403,
"code" : 2,
"subcode" : 4,
"trace" : "b8b79e05-0114-4c84-bad7-4ac114674bb5"

I'm using Burp proxy and I can see I'm doing the HTTP POST.  The command line I'm using is the following.  Should I be replacing anything else in here with something related to my ning site?  The proxy is telling me that I'm failing to authenticate to external.ningapis.com but the login is valid for the ning site.

curl --insecure --proxy https://localhost:8008 -u testuser@gmail.com -d "oauth_signature_method=PLAINTEXT&oauth_consumer_key=xxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx&oauth_signature=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" "https://external.ningapis.com/xn/rest/apiexample/1.0/Token?xn_pretty=true"

Any pointers would be greatly appreciated.



So I got this working in Python not curl.  I'm not sure what was wrong with my curl, I will note that I did change apiexample to the name of the Ning network I'm working with.


We are building an external application outside NING to be used by our NING community members. We would like to implement login functionality for the members such that our members if already logged in into NING can access the external application without login. Is their any cokkies our PHP application read to know if user is already logged in or not. The other option we are trying is login using NING PHP APIs. Here we are asking user to enter email and password which are being passed on to the NING using APIs along with consumer and secret keys. Till this points it works that returns an array with access token. But we are stuck with how to get other details like author, ning profile url, screenname etc. 

Following is the code we are using:

$email = "someemail@domain.com";
$password = "XXXXX" ;

$ningApi = new NingApi();


$ningApi = new NingApi($subdomain, $consumer_key, $consumer_secret, $email, $password);

print_r($ningApi); // THIS IS WORKING

// Get the most recent photo
$result = $ningApi->photo->fetchNRecent(); //THIS IS WORKING. THIS GETS THE RECENT PHOTO IN THE COMMUNITY.

print_r($result); //THIS IS WORKING

$recent = $ningApi->user->fetchRecent(); // THIS IS SHOWING 'FAIL'
catch(Exception $e)
echo "Fail";

Anybody have done anything of this kind??


I use NING PHP API to access users info in three networks I own.

I always use the network creator credentials on every network as well as the every network API consumer / secret tokens.

The code I use on the three networks it's the same, but in one of my networks I randomly receive an error message saying "Only administrators can view email address of members".

Removing the email field in the $extraFields in the NingUser.php file is not an option to me because I need to get the user email address and as stated by Devin the email field is available to the network creator.

This happens in both the production and test network.

I already checked the network creator credentials as well as the API consumer / secret values.

I already submitted a ticket in the network where this issue is happening but the answer I got suggest me to put the question is this forum.

Any advice on what could be the cause of this problem?


Luis Gaspar

Devin said:

By default, the Ning API library requests the 'email' field. This field is only accessible to the Network Creator to prevent malicious members from harvesting email addresses. You can remove this field from the request by editing the $extraFields array found in the objects/NingUser.php file.

Reply to Discussion


Blog Posts

Getting Started

Posted by Kyle Ford on October 13, 2010 at 8:00am 3 Comments

A Note on API Pricing

Posted by Phil McCluskey on October 1, 2010 at 8:55am 0 Comments

Welcome to Build!

Posted by Kyle Ford on September 30, 2010 at 8:30pm 1 Comment

Ning Status

© 2024   Created by Build Team.   Powered by

Badges  |  Report an Issue  |  Terms of Service