Unfortunately Bentley is out this week (bad timing, I know!). I’ll be trying to resolve this issue in the meantime. Good news is I have been able to reproduce this, so I’ll report back once I have something to share.
I do have questions for everyone:
Which authorization “pattern” are you using when this issue occurs? Either:
calling Trello.authorize(), as shown in this guide.
Or by constructing the authorization url manually and calling t.authorize(), as shown here?
Theoretically it shouldn’t matter, but you can never be too sure .
Also, for everyone reporting this issue, are they all for custom apps/power-ups? Is anyone here reporting this issue for a public Power-Up?
If you are experiencing this issue with a custom power-up, please try using this t.getRestApi().authorize() pattern instead outlined here: REST API Client
If this resolves your issue PLEASE let us know.
However, I assume most of you are experiencing this issue outside the context of Power-Ups. Could someone please first confirm my assumption, that you are all developing your own apps which integrate with Trello (i.e. NOT Power-Ups?) . If so, I’m still investigating this.
Thanks for your patience. I think I have a workaround/solution for everyone.
In your app’s code, I presume you have something like <script src="https://api.trello.com/1/client.js?key={APIKey}"></script>
to gain access to client.js. Could you try switching it to this instead?
Good question. I think we’d want to make it so either one would work, to avoid confusing situations like this. I’m still working with the team to see how this could be done.
Same problem here for the past week — getting bombarded with support requests from the customers. Just getting stuck on the blank screen after approving the token.
Hi everyone. Thanks to all who responded to this thread. Even just chiming in to say you are experiencing the issue helps, because it tells us how widespread an issue is.
I’m pleased to say we have pushed out a fix, so whether you grab client.js from “api.trello.com” or “trello.com”, it should work either way. When your users try to auth your app, they should be take to “trello.com/1/authorize…” no matter what. Please let me know if your are still experiencing this issue.
I am still experiencing the same issue (with and without the api part in the URL).
I am not sending the API key in the url, I’m calling Trello.setKey(api_key) in the code.
It’s not possible for us to switch to passing the API key as a query parameter due to the nature of the project.
Edit: @Jireh@bentley (not sure which one of you guys took over the issue )
It apparently doesn’t have anything to do with the way how the API key is passed, I get the blank screen with both ways.
So I guess this is the normal process as anyone else reported, but here it is:
Once I call the Trello.authorize() using the same parameters as e.g. JordanKatz, it opens a popup with this url: https://trello.com/1/authorize?response_type=token&key={api_key}&return_url=http%3A%2F%2Flocalhost%3A33006&callback_method=postMessage&scope=read%2Cwrite%2Caccount&expiration=never&name={app_name}
Although the returnUrl is set to be http://localhost:33006, I’m calling this from a bit different route, which goes something like http://localhost:33006/one/two/three#four
Once I click the “allow” button, the popup switches to api.trello.com/1/approve, blank screen with this HTML:
<html><head><script>
if(window.opener) {
window.opener.postMessage("{some token that's not my api key}", "http://localhost:33006")
}
</script></head></html>
Nothing else happens, the blank popup just hangs there.
While it seems to be fixed for some people, unfortunately the fix doesn’t work for us.
If you need any other information, I’ll be more than glad to provide it, just to get this over with finally.
@eimamovic2 Hi there, thanks for bringing up your issue, and sorry for not seeing this earlier. I will look into this as much as I can today, but please know it is the Thanksgiving holidays here in the US. I’ll report anything I find at the end of the day, but I won’t be able to pick this up again until next Monday.
Also, I wanted to clarify that the token inside that window.opener.postMessage isn’t meant to be the same as your API key, but rather a token generated specifically based on the token’s user, expiration date, and scope.
@A.Desp are you experiencing the exact same issue? If you are, could you also elaborate on what methods you are calling and what your /1/authorize url looks like?
Hi @bentley , thanks for your response! However, I’m getting a 404 (“Well, you found a glitch”) message for your Glitch link, mind re-checking that URL so I can see it? Thanks!
.
)