Is there any way to obtain/request a user's location (i.e. lat/long) using adaptive cards (preferably via sms channel)? Thanks.
Adaptive Cards are declarative JSON payloads, so the information shown in them is not dynamic. There is nothing stopping you from using a library or some service that provides this information, before you display or build the Adaptive Card
Related
I have a setup in which Dynatrace is monitoring my host and application. Further, it is integrated with PagerDuty in which the incidents are generated. I have integrated them using the custom webhook integration and currently am using the available placeholders. Now, my problem is that I want to use some custom alerts other than the placeholder or any plain text. Also, suppose we get a JSON for a particular placeholder, can we use a part of it and not entirely as we sometimes need only a part of that entire JSON?
Thanks in advance.
I'm just making a simple widget where I can display my facebook feed as customized, like grid view.
When I was submitting for app review, there was so much permission when it was my own feed only. I have no plans for visitors to like login into my site. It's just my own feed on my site on grid view.
Are there other simple ways to do this rather than graph API? Simply to get my facebook feed as JSON.
If it is just for your own account, you do not need review. Review is only neccessary if you want to enable other users to use your App - or, for example, if you want to get data of Pages you do not own.
Just use a User Token with the correct permissions to get your account data with the Graph API.
On the introduction page for the 'APIC Test and Monitor tool' one of the listed features is 'Get alerts on your API Health'. However once inside the tool I can't find any reference on how to generate alerts...
Is it already possibble? Or just an idea for the future?
Great question, thank you for asking. You are absolutely right, we are working on shipping notification/alerts as a pluggable ecosystem. We are building a fully featured API and Webhooks, any platform that leverages an API can be used, as well as email and SMS.
Out of the box we will provide the most popular plugins such as the following:
Slack
BigPanda
HipChat
StatusPage.io
JIRA
Twilio
DataDog
New Relic
Elastic
You will also be able to create alert groups, ex. specific tests/monitoring can be mapped to specific groups.
Will update this space when it becomes available. Your feedback is helpful, what is your preferred method to be notified by?
Thanks!
This question comes from the following post:
OWIN cookie authentication get roles on client side
I've created a separate thread for the question since it is more general than one in the post above.
In short:
Let's say we have a web application with javascript as client side + ASP.NET web api as server side and also an identity server. Only authenticated users can access web api endpoints, some of them accessible only for specific roles of user.
Now the client side of application should show specific items based on what role user is in. For example: user in administrator role can see an extra tab: manage items. There are two approaches to achieve this:
When rendering client side application, one could call an endpoind in web api which would return what roles user have. Based on that result, show/hide items in html.
When application loads, an endpoint, which returns how the structure should look like (for example: json string) would be returned, and based on that structure client application would be rendered. No show/hide html on client side based on roles in such case.
Now regarding 1st point: some could argue that there is a security leak, since malicious user can modify html to see elements that he is not supposed to see. But in this case he will not see any content from database and will not be able to load/update it since he will not be authorized to do that based on his role which is checked in server side.
2nd point seems more valid since we keep all identity related information logic on server side. And also all unnecessary content is not in html (while in 1st point it's hidden) - so that leads to better performance? In this case though if for example developing angular application, the json structure of application should include such information as name of angular controller and route for example. Would that not add complexity to developing application?
Assume that the application itself have a lot of roles and a lot of items should be visible/not visible based on these roles.
Pros/cons between 1st and 2nd? Thanks!
I stick always with the first suggested point.
As you mentioned the second choice will add more complexity for developing. For the 1st there is no security leak. If you don't want your users to modify the html and to access forbidden areas in your application simply use ng-if instead of ng-show. If you are not familiar - ng-if will not just hide the content with display: none;. It will completely remove it from the DOM and this leading the user unable to show that content as it is not in the DOM.
Read this for more detailed explanation for ng-if and ng-show: what is the difference between ng-if and ng-show/ng-hide
I usually have an endpoint getting information about the user - including it's role and save that user into a service (factory). This gives me the flexibility to use it everywhere in the application and check if the user has access or not to certain parts of it.
We have a user who gave consent for our Cloud Project to read their Fit data through the Android app. We now want user's coach to access their Fit data through a web UI associated with our Cloud Project. Is this possible, and if so, what is the right way to do it?
Can cross-client identity be used? https://developers.google.com/identity/protocols/CrossClientAuth
I was trying to replace "me" with "user#gmail.com" in the REST endpoint but it doesn't work:
https://www.googleapis.com/fitness/v1/users/me/... ->
https://www.googleapis.com/fitness/v1/users/user#gmail.com/...
Thanks!
There is a mechanism for Android apps to obtain offline access for web back-ends highlighted in the CrossClientAuth guide from your question. With offline access, you can theoretically serve or store that data in any way that the user has consented to. Any access controls of that data to another person is something that you'd have to handle on your own.