The error is this:

Access denied: no access to call this method

The URL that the user navigates to and gives us access or token:

https://oauth.vk.com/authorize?сlient_id=$id&display=page&redirect_uri=http://lend.sloadmx.xx&scope=friends,groups,video&response_type=token&v=5.44

A script that sends data to a method and accepts answers:

 var get = location.hash.split('=')[1]; var get = get.split('&')[0]; // получаем access_token if (get) { function callbackFunc(result) { console.log(result.error.error_msg); } var url = "https://api.vk.com/method/groups.join?group_id=112450248&v=5.44&access_token=" + get; var script = document.createElement('SCRIPT'); script.src = url + "&callback=callbackFunc"; document.getElementsByTagName("head")[0].appendChild(script); };

The same code on Pastebin .

Most likely, if you use Standalone-applications, then only together with the OPEN API.

But it really annoys me there the whole thing, where you can turn it on in the settings, and a list will appear with the REDIRECT URL and so on. Nevertheless, for other methods it is impossible to do anything at all, with your URL.

For this, no REDIRECT URL exists, it seems, and the documentation is lying.

  • redirect_uri should be https://oauth.vk.com/blank.html , see vk.com/dev/auth_mobile - Stack
  • @Maksym Perhaps a hybrid use of methods from open api and such authorization will not work (especially open api does not use access_token). Only using blank.html - And this is java for android and stuff. Because the documentation is a bit out of order with contactors, I think it's worth asking them about it. - Alexey Shimansky
  • @ Alexey Shimansky Most likely. But I hope that the contactors are not so idiots to push the ability to configure the OPEN API into the application. Oh, I'm going to play - Vlad
  • @Maksym how much I personally tried, after using VK.Auth.login(function(response) { with the settings (rights) 262146 (which corresponds to scope=friends,groups ), then after VK.Api.call('groups.invite in when requesting VK.Api.call('groups.invite will still beat out Access denied - Alexey Shimansky
  • one
    @Maksym In support, obviously ¯ \ _ (ツ) _ / ¯ - Aleksey Shimansky

2 answers 2

Have you read the documentation for this method?

This method is available only to standalone applications.

  • They have all the documentation through * op. Written redirect_uri - Адрес, на который будет переадресован пользователь после прохождения авторизации (домен должен быть указан в поле «Базовый домен» в настройках приложения; адрес полностью должен быть указан в поле «Доверенный Redirect URI» в настройках приложения). Although it does not work. Only blank.html - Alexey Shimansky
  • I read. I understand what I'm doing. The application is Standalone. - Vlad
  • do you have groups? - IEVGEN
  • @IEVGEN There is, as you can see in the first URL - Vlad

In general, he wrote in support of VK. At first they answered a long time, but in the end they said that they could not use such methods on sites. That is, methods that require Standalone will not work. For example, groups.join

I see three options:

1. To do a desktop application

2. Try to get around. I tried, no success. (for example steal URL with token)

3. To forget on VK

By the way, there is a question, why didn’t it work?

1. It is necessary to specify the default URL in the REDIRECT URL URL. oauth.vk.com/blank.htmk

2. For these methods it is recommended to use client authorization.

3. To send requests for entry and so on, it is necessary to do through the user's IP. Otherwise, an error will pop up. That is, the left-hand IPs are not allowed. Use either browser-based JS / ...

4.It is imperative STANDALONE application must be

  1. Not necessarily, but still - in the settings there is an OPEN API and various parameters. It is recommended to fill them in if you are going to do more than just the декстоп method.

I would be glad if someone wants to try to advise in the comments how to get around this business. They really asked (but few people understood me), and on another resource, specifying how and what I want, they said that it was not possible. suddenly....

  • Do not get around this application for the site. Made specifically to avoid "left" subscriptions on behalf of the user. You can do it through blank.html and ask the user to insert the resulting link with the token into the field and rip this token, but this is poor. - ModaL
  • @Maksym's answer is both true and not true)) For example, Использовать клиентскую авторизацию is not exactly that. Because client authorization that means javascript can be done. And this is not so because Для отправки запросов на вступление и так далее,необходимо делать через IP пользователя . Therefore, the item should be marked Standalone ... Despite the fact that the docks say that redirect_uri can be written если обращаетесь к API с внешнего сайта, необходимо указывать ссылку в рамках домена . That is, the docks are clearly lying and it is necessary to tell the contactors that they should fix it .. - Alexey Shimansky
  • @Maksym 4.STANDALONE - тип должен быть also be understood and flagged ..... type by type, but in the application settings even if the Standalone application - you can specify the way of working: Open API and register the site from which you want to work - it will not be anyway work))) In general, a clear limitation is needed. 1 Documentation is lying (What I said). 2 By Standalone it is an application that can be "issued" directly into one "in the hands of the client." In general, we all about it at once and said in the comments)) - Alexey Shimansky
  • @ Aleksey Shimansky There it is: redirect_uri=https://oauth.vk.com/blank.html Это обязательное условие для работы с методами, в описании которых указано, что они доступны только для Desktop-приложений. Not exactly, but this is an explanation of why. - Vlad
  • @Maksym not. see: vk.com/dev/auth_mobile redirect_uri - Адрес, на который будет переадресован пользователь после прохождения авторизации (домен должен быть указан в поле «Базовый домен» в настройках приложения; адрес полностью должен быть указан в поле «Доверенный Redirect URI» в настройках приложения). and below Если Вы разрабатываете браузерное Javascript-приложение(обращаетесь к API с внешнего сайта), надо указывать ссылку в рамках домена,указанного в настройках приложения.В остальных случаях в качестве redirect_uri нужно использовать адрес https://oauth.vk.com/blank.html - Alexey Shimansky