We did a new release of the development portal in the Azure API Management and it showed the following message:
Creating a new revision or changing revisions will automatically update the portal to the latest version of the software. Content saved in the administrative version of the portal will not be changed.
Which caused that in my portal it now shows me in the box in the transaction detail section all the information to request the authorization token with oauth 2.0
How can I hide the authorization element so that it does not show in my portal for security reasons?
The new Authorization section in the API reference pages surfaces only public information required for clients to authenticate against your API. It doesn't show the secret configuration of your OAuth server. This information has always been publicly accessible, now we just visually render it. If, for some reason, you need to hide the public OAuth server details, you can remove the authorization server configuration from your API Management service. Keep in mind that it will also affect the test console.
If you still consider it a problem, please open a GitHub issue in the developer portal repository: https://aka.ms/apimdevportal and precisely describe your concern.
Related
I am trying to connect and query our foundry ontology from different Microsoft tools in our own network. I was able to do so using a token as described in the documentation. That works great and it is easy to configure. The problem is that it is associated to only one account and the token expires often.
Reading the documentation I saw the option for OAuth. What is not very clear in the documentation is whether we have to register an application for ODBC and how to do it. When I have had to register applications in the past in cloud environments, the application normally has a returned address that the cloud app hits to authenticate. However, in this case, I don't see how that would help for ODBC from desktop applications like Excel or Access.
Any suggestion or reading would be appreciated
To use the OAuth flow with the ODBC driver on Windows you can register a third-party application in Foundry (see docs). You can use a public or confidential client, and the redirect URL should be set to http://127.0.0.1/foundrydriver/oauthredirect.
I am trying to publish the Azure APIM developer portal - it is enabled for user/pass - authentication. We haven't customized it and are just trying to get it to work.
When I click publish and go to view the portal in a different browser I get the following message
"This is a home page of the Developer portal - an automatically generated, fully customizable website for publishing your API documentation where consumers can discover APIs, learn how to use them, request access, and try them out.
The content hasn't been published yet. You can do so in "Developer portal" section of your API Management Service in the Azure portal. Learn more."
When I go back to the Portal publish page, it resets to show "Publish" as if nothing has happened?
Are there any logs or anything I can test to get this to work?
BTW - the Legacy portal works 100%.
Thank you.
I have Created the APIM instance and added the HTTP Trigger API from Function App and published the developer portal by enabling the CORS option also.
Next, I have created the user and given all APIs Level access in the APIM Instance and opened both deprecated and legacy portal in different browser, logged in with the non-administrative user:
You can see logs of all activities in the Activity log of APIM Instance:
To see the Function App API imported in the APIM Instance, you have to add that API to the products subscribed by that user:
Published the developer portal again with new changes:
Activity Logs:
Result:
You can check each log activity from the Activity log to see complete details whether the operation publish or other is succeeded and how much time it took to complete.
We have an Azure API Management Service that uses a custom domain. We have it added to the custom domain section of the service, and have a certificate uploaded too.
The certificate has recently expired so we went to the blade and updated the certificate. However, when we hit the API the browser is still serving the old certificate, so we are getting an invalid cert error.
Does anyone have any idea why it might be holding onto the old cert?
After long support calls the issue turned out to be a fatal flaw with that version of the APIM. We had no option but to recreate the APIM and redeploy our APIMs. Microsoft assured us that new instances of the APIM wouldn't have the same problem.
I am running Report Service Manager - Web portal for accessing the Reports. For Development and Testing purpose, Report service is running from my computer.
Whenever Testing Team tries to access the web from their end, report service is asking an Initial Authentication of my computer account. ( Windows Authentication ). How to skip this authentication mode ? This is an Internal Application, i want Report service to run on any computer without asking any authentications.
If you are all on the same domain, simply add "DomainName\All Users" with the appropriate role to the portal. The testers may also need to add your site as a trusted site in their browsers. "All Users" is exactly as it sounds - any user account on that domain will have the access you grant.
Alternatively, if you need to disable security entirely (bad idea), you'll have to configure a new security extension - it's relatively simple to do, especially with all the samples you can find online (google "SSRS custom authentication" or "SSRS anonymous authentication"), but if you've never done anything like this before, you may struggle if you run into any unexpected issues.
See here for one example on how to enable anonymous access:
http://blogs.msdn.com/b/jameswu/archive/2008/07/15/anonymous-access-in-sql-rs-2008.aspx
Can I authenticate with just Google account username and password instead of using OAuth? If not, is it planned to support this kind of authentication in the future versions of Google Drive API?
I am currently using Google Documents List API which allows to authenticate with just username and password. So I am wondering if I can I do the same thing with Google Drive API.
Are there any reasons you cannot use OAuth 2.0 as your authorization mechanism?
Client Login is currently being deprecated and it would be better for you and your users to use OAuth 2.0.
There are multiple code samples available in the Drive SDK documentation as well as in the various client libraries project page to help you get started.
If you are running a server application, consider using a service account with OAuth2 and the Drive API. This will allow you to run the app on a server without a user having to provide OAuth2 credentials on the console or through a UI. You can also do impersonation if you want your app to act on documents with a specific account.
GoogleCredentials credentials = new GoogleCredential.Builder()
.setTransport(HTTP_TRANSPORT)
.setJsonFactory(JSON_FACTORY)
.setServiceAccountId("[[SERVICE_ACCOUNT_EMAIL]]")
.setServiceAccountScopes(DriveScopes.DRIVE, DriveScopes.DRIVE_FILE,
"https://www.googleapis.com/auth/userinfo.email",
"https://www.googleapis.com/auth/userinfo.profile")
.setServiceAccountPrivateKeyFromP12File(Auth.keyFile)
.setServiceAccountUser("[[impersonateduser#domain]]")
.build();
credentials.refreshToken();
I've found this blog post somewhere (possibly here): http://blog.databigbang.com/automated-browserless-oauth-authentication-for-twitter/.
I know it is regarding Twitter, but it uses the same method, so I reckon it just needs a little tweak in the names. In short: if the script is run only by server, install Jython + HTMLUnit, simulate user going to the generated authorization link and clicking 'allow access' button and get token.