I want to get credentials to use the Amazon product api for a project im working on, and to do that I need to open an Associates account.
When opening associates account they asked for a link, so I created a coming soon website in wix and gave this link.
After opening the Associates account I went to sign for product advertising api, but I can't sign up cause they say I need my application to be approved, and to get approved I understood I need to be accepted into the Associates Program.
To be accepted into the Associates Program I think I need to put link on my site and make a purchase from one of the product links in my site? not clear how that actually works...
some blog posts said they create some content on their site, which is fake, cant I just tell Amazon I need the api access so I can build my website and its not relevant before?
Related
I am looking to make a website whereby a user will be able to login and register. Once registered and logged in I would like for them to see a list of their own customers and carry out some functionally configured to the user (e.g send an SMS from their registered phone number).
I have seen plenty of tutorials on how to implement both login and register functionality. But I have no idea how to make the information shown be specific to each customer?
Can someone assist by pointing me in the right direction for something like this? Or even a template that may already have it done?
So fair I have been able to create a very basic site (localhost) that has a user login and registration form.
Sending SMS from website is done with paid services, you can search some of them.
User specific website is done for example by using PHP. For example you have form for registration and then save the data into a database. Next time the user comes, you offer him login form, if he logs in succesfuly, you now know who the user is and offer some content according to the user. For example (simplified) you will have a folder named "Peter" and in this folder you will have informations about Peters customers. And if Peter logs in, you offer him data from this folder.
TLDR: Is it possible to email a login button which will open a web page and enter the appropriate user information into the username/password fields? Is it possible to embed this within an HTML button, or possibly in SQL injection? If so, where should I start my research to make this happen?
OK, so what I am tasked with is generating the billing lists for about 2000 non-technical users. Currently we use a third party billing site which does not have an API or any way to authenticate users from the URL heading. What we have been doing is using mail-merge to email users their username and password along with a link to the billing site. This is great, except that our users are... special. We get dozens of phone calls a day from elderly users who can't copy/paste the given information into the website.
What I am looking for is someone to point me in the right direction for making an email click here button that will open the web page, enter the username and password (from a CSV/XML of usernames/passwords) and click enter.
I'd even settle for opening the webpage with their credentials filled into the appropriate fields. Is there a way to do this? What is the best way to go about this?
Before we get into best practices/security, CC information isn't stored on the site, and the only user info view-able is the invoice, so security isn't a huge concern here since the users can't set their own passwords (username / password generated from static fields in another database silo).
Not looking for someone to do this project for me, but perhaps a few friendly pointers in the right direction for how to do this.
Is it possible to email a login button which will open a web page and enter the appropriate user information into the username/password fields?
Not unless either:
The website is specifically designed to allow that. Since you said it was a third party side, then you would have to ask the people who wrote it.
The site suffered from an XSS security vulerability. (Explaining how to search for one would be too broad for a SO answer, searching for one would be illegal pretty much everywhere).
I'm creating an application to work with OneNote in Office 365 and so I'm creating an app registration in Azure. I want to be able to view notebooks, and there are two permission options: View notebooks and View notebooks in your organization. Irrespective of which permission I select, the only notebooks the call returns are ones in the currently authenticated user's personal site (using "https://www.onenote.com/api/v1.0/me/notes/notebooks" as the Url for the GET request).
So...is it because of the Url I'm using (I haven't found any documentation that uses anything other than ".../me/..."), or is it just working as expected? For example, there's no documentation I've found that describes what all notebooks "in your organization" means - does that include every SharePoint site collection Notebook? Something else? Any additional details or links to specific information would be appreciated.
Yes it is possible to Get Personal Notebooks in the Users OneDrive For Business (/me/) as well as Notebooks hosted in SharePoint sites(/myorganization/) that the user has access to.
Organization Notebooks -
https://www.onenote.com/api/{version}/myorganization/siteCollections/{id}/sites/{id}/notes/notebooks
You would need SiteCollectionId and SiteId to access the organization notebooks.
To understand how you get the notebooks (in the users organization) by referring to this documentation -
https://blogs.msdn.microsoft.com/onenotedev/2015/06/11/and-sharepoint-makes-three/
I did finally find the documentation where they list the different locations from which you can request notebooks: https://msdn.microsoft.com/en-us/office/office365/howto/onenote-get-content. Also, to get the gist of my question, although the service uses a common Url to access notebooks, there isn't a single location where you can ask for all notebooks in an organization. The Azure permission merely gives you the right to go get them if you can find them. As noted in the first answer above, if you know where they are at and if you have the right permissions with your app then that all works great. But you have to know where they are, because there doesn't seem to be a discovery type API for them.
At my company, they have a Wordpress site. Disclaimer: I'm a new hire here.
They also use a third party service/website called "act-on". Within act-on, we can manage our campaigns, generate webforms that submit data back to act-on and generate anchor tags that link to resources that act-on hosts.
I want to be clear, we upload documents to act-on. Then, act-on gives us links that we can place on our website to these documents. When a user clicks the link on our website, they are taken to a subdomain of our website that they did not create, to view the resource.
When I talk about "act-on", I'm referring to this service:
https://www.act-on.com/
Example:
We live at websitename.com.
The anchor tag that act-on creates, links to solutions.websitename.com/acton/resourcename
We didn't create a page or subdomain "solutions.websitename.com" and don't have any pages that reflect that.
I need to know how this works because their google analytics doesn't seem to track page visits to this subdomain.
How has act-on created some subdomain on our website? I don't understand that process. How can act-on link to files that they host, but the url be a subdomain of our website.
Thanks,
It is very similar to another company called reachlocal. They basically proxy all your web content, and in a lot of cases they even put up proxy phone numbers and record the calls audibly and transcript them. All this in addition to marketing campaigns such as analytics, PPC and alike.
A business essentially gives them this right when signing up and are told about it upfront.
It is all for the sake of keeping record in order on file of everything taking place, with web presence and "presented in a friendly interface and graphs. Which also allows employees to listen to recorded calls to "see how the employee does"
More than likely from my experience is they were given the keys for all web presence, including web, analytics, social sites and so on by the owner or project manager.
Unfortunately, by proxying all the websites they in turn get a lot of Google ranking, but it can be a valuable service for some.
Bottom Line: Someone at your job, signed up, gave them the go ahead to perform tasks such as proxy domain names and are in fact paying them.
How can I (as a vendor contracted to develop an app for an enterprise) publish an app to the Google Play Store on behalf of an enterprise?
They don't have a Google Play account set up but want the app to appear under their brand in the Google Play Store.
What's the correct technical (and legal) process I should follow to set up their account and give my own company access to publish on their behalf?
The bare minimum requirement that I am aware of is that your company should get a written consent from your client, authorizing your company to use their company's name, logo, brand, etc for the expressed purpose of being displayed in Google Play.
My company had done something similar, we publish branded apps for clients, though our company's name is used as the vendor name. One of those apps got removed because some zealous legal guy in one of our client companies found the app and, unaware of the cooperation between the companies, filed a complaint to Google. The app was reinstated without much fuzz after getting that guy to send another email to Google requesting the app to be reinstated, so it looks like Google doesn't have anything against this (assuming your client doesn't reside in a sanctioned country).
You can give them advance notice by providing legal documents via this link
https://support.google.com/googleplay/android-developer/answer/6320428
From the page itself...
The Google Play App Review team accepts advance notice about your
upcoming app or store listing publishing event.
We only accept advance notice in the following scenario(s):
You have written documentation proving that you have permission to use
a 3rd party's intellectual property in your app or store listing (e.g.
Brand names and logos, graphic assets, audio, etc.). You have gambling
or casino-style elements in your game, and need to provide your Korean
Game Rating and Administrative Committee (GRAC) rating certificate to
Google so your game can be distributed in Korea.
Lesson learn by one suspended app. Hope this will help others. If your app suspended for such reason you can also contact them via link in the suspension email.