How to create share link using API

I try to create a share link using the API

curl --request POST \
     --url https://api.lucid.co/documents/<MY DOC ID>/shares/shareLinks \
     --header 'Lucid-Api-Version: 1' \
     --header 'accept: application/json' \
     --header 'authorization: Bearer <MY KEY>' \
     --header 'content-type: application/json' \
     --data '
{
  "role": "editandshare"
}

I get

{
  "code": "accessForbidden",
  "message": "Access to this resource is forbidden",
  "requestId": "eb1ab5121051b735"
}

I have Team plan. The document was created by me using API https://developer.lucid.co/reference/createorcopyorimportdocument

What is wrong with my request?

Page 1 / 1

I created this document using API https://developer.lucid.co/reference/createorcopyorimportdocument

Unfortunately, https://developer.lucid.co/reference/createdocumentsharelink does not accept API keys. For security purposes, a share link must correspond to an OAuth2 client.

Generating an OAuth2 token can be found here: https://developer.lucid.co/reference/using-oauth-20. Additionally, an example of a python script that helps get and refresh OAuth2 tokens can be found here: https://github.com/lucidsoftware/sample-lucid-rest-applications/tree/main/audit-logs-ingestor (the audit log specific stuff being irrelevant here)

Thank you @Michael B , let me check it!

@Michael B
I got access token using authenticate function from
https://github.com/lucidsoftware/sample-lucid-rest-applications/blob/main/audit-logs-ingestor/oauth2.py
But when I use the token

import requests

url = "https://api.lucid.co/documents/<MY DOC ID>/shares/shareLinks"

payload = {
    "role": "editandshare",
    "linkSecurity": {
        "restrictToAccount": True,
        "allowAnonymous": True
    }
}
headers = {
    "accept": "application/json",
    "Lucid-Api-Version": "1",
    "content-type": "application/json",
    "authorization": "Bearer <MY OAUTH2 ACCESS TOKEN>"
}

response = requests.post(url, json=payload, headers=headers)

print(response.text)

I get

{
  "code": "accountOperationOnly",
  "message": "Only OAuth2 clients can perform this operation on behalf of a user",
  "requestId": "1aabcd2f027b6732"
}

What is the issue?

actually I slightly changed the python code, I use the following scope when I request the code from redirect URL:
"&scope=account.audit.logs+offline_access+lucidchart.document.content.share.link+lucidchart.document.app.picker.share.link"

Ah, that is on me. The `auditLogs` script generates an `Account Token` which audit logs require. But, share links require a `User Token` (which most do).

Remove the `account.audit.logs` scope and change this line: https://github.com/lucidsoftware/sample-lucid-rest-applications/blob/main/audit-logs-ingestor/oauth2.py#L69 to be:

authorize_url = "https://lucid.app/oauth2/authorize

to generate a ‘User Token’

Additionally, I’ll fix the error message. It should say: "code": "userOperationOnly"

@Michael B Thank you, with

"linkSecurity": {
    "restrictToAccount": False,
    "allowAnonymous": False
}

works for me!

Awesome. I’ll get a version of that helper script created that’s more endpoint agnostic (and ask the user which type of token they want).

Reply

Create an account in the community

Log in to the community

Scanning file for viruses.

This file cannot be downloaded