If I send context to the Watson Assistant service with, for example
{
"global":{"system":{"user_id":"42"}},
"skills":{"main skill":{"user_defined":{"account_number":"007"}}}
}
I can successfully refer to account_number in my Assistant dialog with $account_number or with context.account_number, as documented, but $user_id returns nothing.
How do I refer to Watson Assistant's global context variables?
Passing the user_id field to your Assistant allows you to enable User metrics:
"context": {
"global": {
"system": {
"user_id": "{UserID}"
}
}
}
(thats API v2 as v1 is slightly different)
As you later found out, the user_id fields will be then used for User metrics, and can be a referred as
<? context.metadata.user_id ?>
You can use that code and assign it to $user_id on Assistant.
More information can be found at https://cloud.ibm.com/docs/assistant?topic=assistant-logs-resources#logs-resources-user-id
Related
I'm trying to retrieve the CIF and also the Tax Id of the logged in user following your documentation. When trying to request that information via additional claims via the Consumer API, with the scope of &scope=openid I'm supplying the below claims parameter in my authorization request. Making sure that the External App is configured with the claims access in the Banno portal, I don't get anything in my response id_token. I've also attempted to switch this to the userinfo leveraging the opid/me resource which just returns the user "sub".
Claims readable:
claims={"id_token":{"https://api.banno.com/consumer/claim/customer_identifier":null}}
Here it is url encoded:
claims==%7B%22id_token%22%3A%7B%22https%3A%2F%2Fapi.banno.com%2Fconsumer%2Fclaim%2Fcustomer_identifier%22%3Anull%7D%7D
decoded jwt id_token repsonse:
"id_token": {
"header": {
"alg": "RS256",
"typ": "JWT",
"kid": "sig-rs-0"
},
"body": {
"sub": "sub uuid",
"at_hash": "ShHf2gRtROCBdE-j_5YZkw",
"aud": "aud uuid",
"exp": 1668092577,
"iat": 1668088977,
"iss": "https://api.banno.com/a/consumer/api/v0/oidc"
}
}
using the same example switching the claims key to "userinfo" and making a request to .../a/consumer/api/v0/oidc/me I only get this response:
UserInfo Response:
{"sub":"sub uuid"}
In either scenario, I'm expecting the following example to be in the response:
"https://api.banno.com/consumer/claim/customer_identifier": "AAA1234",
However I don't get anything no matter what I do. What am I missing here?
It looks like there is an extra = in the encoded version. If I take what you've posted in the question, claims==%7B%22id_token%22%3A%7B%22https%3A%2F%2Fapi.banno.com%2Fconsumer%2Fclaim%2Fcustomer_identifier%22%3Anull%7D%7D and decode it, I get claims=={"id_token":{"https://api.banno.com/consumer/claim/customer_identifier":null}}, which has an extra = next to the claims parameter name.
That seems to have the effect of the name of the claim not matching up with what is expected, therefore that claim's value is not included in the Identity Token (and isn't available from the UserInfo endpoint).
The Claims in the Identity Token guide will be helpful to review.
I'm writing a script to enroll all my students (2,000) each one in his own classroom.
referring to the Method page I wrote a simple sentence like this:
Classroom.Courses.Students.create({
"courseId": "9898688798",
"profile": {
"name": {
"familyName": "Xxxxxx",
"givenName": "Yyyy"
},
"emailAddress": "myemail#gmail.com"
}
});
but I receive this error:
Exception: Invalid number of arguments provided. Expected 2-3 only
Where did I make a mistake?
Issue:
As the error you are getting says, this method requires two or three parameters, and you're only providing one.
Solution:
If you start typing the method you'll see a popup displaying the required parameters for this method:
resource: referring to the student resource, which is the request body that has to be provided for the API method.
courseId: the identifier of the course to create the student in, which is the path parameter for the API method.
optionalArgs: [OPTIONAL] referring to any additional parameters you'd want to add, like enrollmentCode.
Also, for the first parameter, resource, three of the four fields from the student resource are read-only, so you only have to provide the userId, which can be one of the following:
the numeric identifier for the user
the email address of the user
the string literal "me", indicating the requesting user
Code snippet:
So in your example, you could do this:
const resource = {
"userId": "myemail#gmail.com"
}
const courseId = "9898688798";
Classroom.Courses.Students.create(resource, courseId);
I have a doubt. I have set a complete solution around the Yubico U2F keys. But now, I cannot stop duplicate registration of the same device for an user for the same app id. While checking on the keyhandles on my database they show different values for each of the duplicate registration. Please help me out.
If you are using the WebAuthn API, you can send all the already registered keys to the client when trying to add a new key using the 'excludeCredentials' key. These credentials would be formatted the same as when trying to log in.
excludeCredentials — Contains a list of credentials that were already
registered to the user. This list is then given to the authenticator,
and if the authenticator recognises any of them, it cancels operation
with error CREDENTIAL_EXISTS, thus preventing double registration of
the same authenticator.
Source: https://medium.com/#herrjemand/introduction-to-webauthn-api-5fd1fb46c285
An example of the JSON the client receives when adding a new key could be:
{
"publicKey":{
"rp":{
"name":"YourApp",
"id":"YourAddress"
},
"authenticatorSelection":{
"userVerification":"preferred"
},
"user":{
"id":"UserId",
"name":"Username",
"displayName":"displayName"
},
"pubKeyCredParams":[
{
"type":"public-key",
"alg":-7
}
],
"attestation":"direct",
"extensions":{
"exts":true
},
"timeout":20000,
"challenge":"...",
"excludeCredentials":[
{
"id":"...",
"type":"public-key",
"transports":[
"usb",
"ble",
"nfc",
"internal"
]
},
{
"id":"...",
"type":"public-key",
"transports":[
"usb",
"ble",
"nfc",
"internal"
]
}
]
}
}
When the browser detects that the user tries to register a key that was already registered, it will tell the user to try another key and the request will not be sent to the server at all.
I am trying to set webhook notification for SharePoint Online drive using MS Graph API. The subscription is setup. Whenever I make any change in the drive by adding/deleting a file I get a notification but the resourceData is null.
Is this standard behaviour?
{"value":[
{"subscriptionId":"XXX",
"clientState":"secretClientValue",
"tenantId":"XXX",
"resource":"drives/<id>/root",
"resourceData":null,
"changeType":"updated",
"subscriptionExpirationDateTime":"2019-01-22T18:23:45.9356913+00:00"
}
]
}
Thank you for any suggestions.
Not all resources return resourceData within the notification itself, OneDrive is one of these.
OneDrive will return the following properties:
{
"subscriptionId": "string",
"expirationDateTime": "datetime",
"resource": "relative url",
"clientState": "string optional",
"changeType": "updated"
}
You can find the spesific documentation for this entity here.
I need to display live interactive graphs based on customer data present in MySQL,for generating the graphs, I am planning to use Amazon Quick Sight but i would like to know whether the generated graphs can be integrated with my web application UI ?
Datasource MYSQL is hosted in AWS.
Any other better design solution is also most welcome :)
I don't think so. Even if you want to share the dashboard to
someone, you need to create a user in QuickSight. Any more than 1
user will be charged by AWS.
The dashboard cannot be public and you need to login to view the
dashboard. If it was public, you could have embedded it in your
webpage as an iframe. But you cannot.
So, I think you are having limited options here, when it comes to
QuickSight.
You can always using D3 or Google Charts to display the data by
exposing REST services for your data in MySQL.
If you have a huge database, you may want to consider indexing the
data to Elasticsearch and perform queries on it.
Check if Kibana + Elasticsearch works out of the box for you.
Good luck!
Update: Dec 28 2018
Amazon announced in Nov 2018, that Amazon QuickSight dashboards can now be embedded in applications. Read more here at this AWS QuickSight Update.
AWS has enabled the embedding of the Dashboards into web apps. The feature was released on 27th Nov 2018. Here are a few helpful links:
1. https://aws.amazon.com/blogs/big-data/embed-interactive-dashboards-in-your-application-with-amazon-quicksight/
2. https://docs.aws.amazon.com/quicksight/latest/user/embedded-dashboards-setup.html
Note: This answer is applicable only if you are using AWS Cognito
In order to generate Quicksight secure dashboard URL, follow the below steps:
Step 1: Create a new Identity Pool. Go to https://console.aws.amazon.com/cognito/home?region=u-east-1 , click ‘Create new Identity Pool’
Give an appropriate name.
Go to the Authentication Providers section, select Cognito.
Give the User Pool ID(your User pool ID) and App Client ID (go to App
Clients in user pool and copy id).
Click ‘Create Pool’. Then click ‘Allow’ to create roles of the
identity pool in IAM.
Step 2: Assign Custom policy to the Identity Pool Role
Create a custom policy with the below JSON.
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "quicksight:RegisterUser",
"Resource": "*",
"Effect": "Allow"
},
{
"Action": "quicksight:GetDashboardEmbedUrl",
"Resource": "*",
"Effect": "Allow"
},
{
"Action": "sts:AssumeRole",
"Resource": "*",
"Effect": "Allow"
}
]
}
Note: if you want to restrict the user to only one dashboard, replace the * with the dashboard ARN name in quicksight:GetDashboardEmbedUrl,
then goto the roles in IAM.
select the IAM role of the Identity pool and assign the custom policy
to the role.
Step 3: Configuration for generating the temporary IAM(STS) user
Login to your application with the user credentials.
For creating temporary IAM user, we use Cognito credentials.
When user logs in, Cognito generates 3 token IDs - IDToken,
AccessToken, RefreshToken. These tokens will be sent to your application server.
For creating a temporary IAM user, we use Cognito Access Token and credentials will look like below.
AWS.config.region = 'us-east-1';
AWS.config.credentials = new AWS.CognitoIdentityCredentials({
IdentityPoolId:"Identity pool ID",
Logins: {
'cognito-idp.us-east-1.amazonaws.com/UserPoolID': AccessToken
}
});
For generating temporary IAM credentials, we call sts.assume role
method with the below parameters.
var params = {
RoleArn: "Cognito Identity role arn",
RoleSessionName: "Session name"
};
sts.assumeRole(params, function (err, data) {
if (err) console.log( err, err.stack); // an error occurred
else {
console.log(data);
})
You can add additional parameters like duration (in seconds) for the
user.
Now, we will get the AccessKeyId, SecretAccessKey and Session
Token of the temporary user.
Step 4: Register the User in Quicksight
With the help of same Cognito credentials used in Step 3, we will
register the user in quicksight by using the quicksight.registerUser
method with the below parameters
var params = {
AwsAccountId: “account id”,
Email: 'email',
IdentityType: 'IAM' ,
Namespace: 'default',
UserRole: ADMIN | AUTHOR | READER | RESTRICTED_AUTHOR | RESTRICTED_READER,
IamArn: 'Cognito Identity role arn',
SessionName: 'session name given in the assume role creation',
};
quicksight.registerUser(params, function (err, data1) {
if (err) console.log("err register user”); // an error occurred
else {
// console.log("Register User1”);
}
});
Now the user will be registered in quicksight.
Step5: Update AWS configuration with New credentials.
Below code shows how to configure the AWS.config() with new
credentials generated Step 3.
AWS.config.update({
accessKeyId: AccessToken,
secretAccessKey: SecretAccessKey ,
sessionToken: SessionToken,
"region": Region
});
Step6: Generate the EmbedURL for Dashboards:
By using the credentials generated in Step 3, we will call the
quicksight.getDashboardEmbedUrl with the below parameters
var params = {
AwsAccountId: "account ID",
DashboardId: "dashboard Id",
IdentityType: "IAM",
ResetDisabled: true,
SessionLifetimeInMinutes: between 15 to 600 minutes,
UndoRedoDisabled: True | False
}
quicksight.getDashboardEmbedUrl(params,
function (err, data) {
if (!err) {
console.log( data);
} else {
console.log(err);
}
}
);
Now, we will get the embed url for the dashboard.
Call the QuickSightEmbedding.embedDashboard from front end with the
help of the above generated url.
The result will be the dashboard embedded in your application with
filter controls.
I know this is a very late reply, but just in case someone else stumbles across this question... We use periscopedata.com to embed BI dashboards in our SaaS app. All that's needed is knowledge of SQL (to create the charts/dashboards) and enough dev knowledge to call their API endpoint to display the dash in your own app.