The exception I was getting was from: http://code.google.com/p/google-wave-resources/source/browse/trunk/samples/extensions/robots/java/stocky/com/google/wave/api/AbstractRobot.java?spec=svn179&r=179#1013
I added setAllowUnsignedRequests(true) after setupOAuth: public Robot() { setupOAuth(key, secret, ".../robot/rpc"); setAllowUnsignedRequests(true); } which gets me passed the exception and allows my robot to create and fetch waves from my server. My simple robot just creates and fetches waves and does not need to access the server as another user. So, would I be correct in saying that it does not need to implement signed requests? Are there any security advantages of adding this mode of authentication to my robot? Thank you both for your help, Patrick On Sun, Apr 3, 2011 at 9:15 AM, Lennard de Rijk <ljvder...@gmail.com> wrote: > On Sun, Apr 3, 2011 at 06:10, Yuri Z <vega...@gmail.com> wrote: > > > The URL for active API is: http://example.com:9898/robot/dataapi/rpc. > > > That's the Data API for getting access to the user's data using for > instance > another frontend such as Splash, the robot/rpc link should be correct. > > Have you downloaded the latest Robot API since I distinctively remember > making some changes to it so that it could actually handle different URL's > and keys?* *Also is the error being thrown from [0]? > > Greetings, > Lennard > > [0] > > http://code.google.com/p/wave-protocol/source/browse/src/org/waveprotocol/box/server/robots/active/ActiveApiServlet.java#108 >