There are lots of Articles, Blogs, Question/Answers about Migration to FCM from GCM.
Although not very clearly documented is what is going to happen with Older Clients which uses GCM tokens (either old or newly obtained) after April 2019.
My questions are :
1) After April 2019, "most" . GCM services will be stopped.As per google they have mentioned "most". It is not explicitly mentioned what are going to be stopped and what would continue working. Any pointer on this would help.
2) What happens to older clients which still uses GCM Client SDK and obtains new tokens after April 2019 ? Will the clients able to obtain a new token using GCM SDK without any error ? Will those tokens work with FCM with GCM API key or FCM API key from Server side?
Related
SMTP.Send with Outlook REST V2.0 API works fine.
Same client using Graph V1.0, the only change being the ‘scopes’ URIs, gives a ‘535 5.7.3 Authentication unsuccessful’.
However, AAD’s Sign-in logs (‘User sign-ins - non-interactive’) for the app show ‘Success’.
Unless Graph SMTP.Send uses a different server URI than the published https://smtp.office365.com, this should be impossible.
The problem is pressing because the Outlook REST V2.0 API will be decommissioned in November '22.
Background detail
Uses V2 Authorization and Token endpoints, and scopes URIs of https://outlook.office.com and (the default) https://graph.microsoft.com respectively. Detail of the event in the AAD Sign-in log tally exactly with the (jwt decoded) content of the Access token. ‘User-sign-ins (interactive)’ show nothing of relevance. Client’s HTTP is via Guzzle.
This is a link I have added to same project in test application as well as production server:
<script type="text/javascript" src="http://maps.googleapis.com/maps/api/js?sensor=false"></script>
But it works on test server but do not working on production server.
I am doing an auto geocoding by passing address and gets location from it.
The test server only gives warning saying Google Maps API warning: NoApiKeys... but returns result.
But Production server says: This service requires an API key and no result getting returned.
If that mandatory then why it is working on test server.
In what case an API key is mandatory?
As announced in this blog Keys are now (as of June 22, 2016) mandatory (the sensor parameter is no longer required):
We no longer support keyless access (any request that doesn't include an API key). Future product updates are only available for requests made with an API key. API keys allow us to contact developers when required and help us identify misbehaving implementations.
Can't say why it is working on the test server, unless the test server has been actively using the Google Maps API since before June 22, 2016, in which case it could be grandfathered for keyless access.
My website makes use of Google Maps API. I recently received an email from Google that says that I should switch from a Browser Key to a Server Key in order to continue using the API past 2 Dec 2015.
So if I am not mistaken all I have to do is request a Server Key in the Google Console and put it in place of my Bowser Key? is that simple?
Here is part of the email:
Yesterday, we announced a pay-as-you-go option for seven of the Google
Maps API Web Services for free, external, publicly available websites
and mobile implementations. As part of this launch, we are tightening
security around how developers identify their usage of the APIs. You
are receiving this email because you may be affected by this change.
Starting today we have deprecated usage of 'Keys for browser
applications' or 'Browser keys’ with the Google Maps API Web Services.
Developers should instead use ‘Server keys’ with these services. Any
newly created browser keys will not work, but existing browser keys
will continue to work for 90 days starting today. On 2nd December
2015, we will be completely disabling usage of browser keys to access
Google Maps API Web Services, at which point any requests to Google
Maps Web Services APIs using such keys will begin to fail.
Currently, in my HTML I have the following that loads the Google Maps API:
<script scr="https://maps.googleapis.com/maps/api/js?v=3&signed_in=false&key=MY_BROWSER_API_KEY&sensor=false"></script>
In another page in the same website, I use the YouTube Data API in the server side to which I feed the SERVER_KEY I obtained from Google Console.
The code looks like:
require_once 'google-api-php-client/src/Google/autoload.php';
$client = new Google_Client();
$client->setDeveloperKey(GOOGLE_API_SERVER_KEY);
$youtube = new Google_Service_YouTube($client);
Yes, all you have to do is change out the key. There are complications with white lists, that may or may not affect people. The white lists between server and web keys need to be merged. This is a problem if the server does not send outgoing communications with the same ip address everytime. For example, for my company, our set up is a group of instances that get dynamically assigned ips from a public pool. In our case we are going to add an extra network interface.
So a better answer to your question is depending on whether you only use the key in a public webpage, or if you use it on a server. If you use the key on a server, and the key is connected to a paid google account for a specific map api service, then you will have to figure out the outgoing ip address(es) and add each one to the list.
A lot of people, particularly on shared hosting accounts have not white listed the server ip as until now, as it could be hidden and the risks of people pirating the key were minimal. But now, in the next 90 days, a lot of private server keys are going to be publicly exposed when people also have to put the key in their html. This will probably mean that there will be a mini migration from shared hosting to more controlled environments, in my opinion.
In our organization we have an in-house developed web based application that make use of Google Data (GData) APIs(gdata-java-client) API to manage email user accounts, email settings, nickname, profile updates , contact management. This application was built some years back. Recently we planned to enhance some features and had a look at the API and Google API website. Looks like some of the GData APIs are getting deprecated or planning to take down(April 20, 2015). We are using below GData APIs and want to confirm/check which all APIs we need to migrate immediately to new Google APIs Client Library for Java (google-api-java-client) so that the services can function smoothly.
1) Google Apps Provisioning API - V2 (URL used - https://apps-apis.google.com/a/feeds/{ourdomain}/user/2.0)
For Creating User/Update User/Delete User/Nick Name
2) Google Apps Email Settings API - V2 (URL used -https://apps-apis.google.com/a/feeds/emailsettings/2.0/{ourdomain}/{username}/webclip)
For Disabling WebClip
3) Google Apps Profiles Data API - (URL Used - {hostname}/m8/feeds/profiles/domain/{ourdomain}/full/{username})
For Retriving and Updating Profile
4) Google Domain Shared Contacts API - (URL Used - {hostname}/m8/feeds/contacts/{ourdomain}/full)
For CreateContact/DeleteContact / UpdateContact
Jars/Versions of GData Libs that we are using today.
gdata-client-1.0.jar : 1.46.0 / gdata-core-1.0.jar : 1.46.0 / gdata-appsforyourdomain-1.0.jar : 1.3.1 /gdata-contacts-3.0.jar : 3.1.0
Please let us know what all APIs will be taken out of service on April 20,2015 and also please provide the new APIs that we can use for coding the migration. Do we also have any migration guide ? Can we keep gdata-java-client jars and google-api-java-client jars together in the class-path. We would like to migrate the services which are going to brought down by April 20, 2015.
We had completed the migration and thought will update the thread and it might help someone else. Below APIs/components are getting shutdown by April 20, 2015.
1) Google Apps Provisioning API Migrated to ADMIN Directory API
2) Google Apps Profiles Data API --> Migrated to --> ADMIN Directory API
3) ClientLogin --> Migrated to --> OAuth 2.0
Google Apps Email Settings API is still under GDATA API but its placed under ADMIN SDK. No need to migrate this. But we were using ClientLogin Auth model so we need to move to OAuth 2.0
Also for using ADMIN SDK you need to make changes in Google Developer console and Admin console. Details in below links.
https://developers.google.com/admin-sdk/directory/v1/guides/prerequisites
https://developers.google.com/admin-sdk/directory/v1/guides/delegation
I'm in the middle of developing an application that integrates Box with an identity management environment for the purposes of SSO and user lifecycle management. Basically, our users use SAML to sign into their Box accounts, and then the status of their Box accounts is managed based on the status of their corporate accounts - if we terminate a user, the user's Box account needs to get disabled. This is one of many use cases that were in progress before the OAuth2 change.
Prior to the OAuth2 change, I was able to authenticate my enterprise admin account with the api_key and auth_token. This worked very well.
Now, with OAuth2, I'm not sure how to proceed. There is no UI for this at all, and I have no place to handle a redirect for the authorization token. Moreover, this is a nightly process that runs using the enterprise admin account, so I would have to get a new refresh token and bearer token every time this runs.
This doesn't make a lot of sense for my use case. Is there an alternative?
I am busy writing the same code with the same frustration as you have. However the refresh token does live for 14 days and what I plan to do is store the returned values encrypted in the registry. Each run my first action is to refresh the bearer key.
There however is no current timeline on the phasing out of the V1 Auth method and since some of the Enterprise stuff is yet to be ported to API V2 I suspect that if enough Enterprises push the BOX API team for a solution on this I am sure they will listen.
If I am honest I prefer the OAuth2 solution as it stops the key to your whole Enterprise data been sent in clear text across the internet as a URL param in API V1 and if someone did manage to break the SSL then only get a access token that is worth 60 mins max.
Not sure what language your writing the routines in but I am working with the API V2 SDK written by John Hoerr on GitHub and apart from a few little issues that he has fixed straight away from a .Net perspective it makes hitting the API a much more pleasant experience with all the de\serialisation handled by the SDK.