I am trying to use Chrome Web Store API and I have followed this link https://developer.chrome.com/webstore/using_webstore_api
But after creating application on developers console I am not getting client secret which is used to get the access token.
Please help me in finding the SECRET TOKEN.
Thanks in advance.
Got the solution by simply passing the client secret blank in the request.
Related
In 'Autodesk Construction Cloud APIs' I try to use GET method for projects/{projectId}/issues.
This is the documentation for the API: Get issues API Link
I am using Postman and for other API's it works without problems, but for some reason for this API I got the following error:
image of the error:
I know my ProjectId and Token are fine. I am wondering if it has to do with some access the admin must to give me.
best regards,
It looks like your access token is 2-legged. Instead, you will need to use a 3-legged one since its Authentication Context is user context required.
See:
https://forge.autodesk.com/en/docs/oauth/v2/developers_guide/basics/
https://forge.autodesk.com/en/docs/oauth/v2/tutorials/get-3-legged-token/
https://forge.autodesk.com/en/docs/oauth/v2/tutorials/get-3-legged-token-implicit/
First of all, sorry for my bad English :)
I am building a Gmail addon which integrates file uploading to an external website using their API. The API have an auth endpoint which uses plain authorization flow i.e. takes email and password of a user to authorize and return authorization token. That token is then used in the subsequent call of file uploading process.
My question is, it has been mentioned in gmail addon guide that an app should use oAuth when connecting to a third-party service. However, the related website's API do not have oAuth but use plain authorization flow. If I create a login form with email and password fields using the card service, would that be okay and approved by google to be listed in the addons directory? Creating oAuth on third party service is not in my hands
Thank you!
Q: would that be okay and approved?
My experience is that it is OK to use basic authentication (since a lot of APIs still use basic auth, it would be devastating if the use of API was prohibited), most likely you will be approved. However, if there ever be a version of the API that supports OAuth, please, migrate as soon as possible.
Caveats
You mentioned creating a login form in CardService - please, be aware that there are no "password"-style TextInputs, so all characters will be visible all the time + there isn't, as of yet, any support for input event, so you won't be able to emulate the behaviour easily.
If you are planning on storing the credentials, try to avoid using PropertiesService - it isn't considered a secure storage (though if credentials are to be entered only once, storing the token should be fine).
You will still be asked to implement the authorizationCheckFunction.
I am new to setting up ping federate identity provide configuration and writing code to get token. I have got a ppt file which explain how web client connects to ping federate server and get token. and they mention to pass client_id as param but I have no idea what is client_id?
Does anyone have any idea?
client_id is your user identity. When you call writetoken() method, it has parameters to pass... hope this helps.
I will assume you are using OAuth2 or OpenIdConnect and calling PingFederate to get an Access Token.
First, here is a detailed explanation of what a client is RFC 6749 Client Registration and its role in this authentication protocol.
Second, once you understand this topic. You must configure Clients on Ping. For that you must follow their documentation Client Management.
Finally, You must point your web application to the OAuth2 endpoints passing the client_id and client_secret, with that depending on which OAuth2 flow you are using will get you closer to get an access token. You can find more information about that on Ping Documentation Site.
Hope this helped.
The answer posted here https://stackoverflow.com/a/10486729/1919484 references an 'instant mode' box.com api authentication option that 'gets you an authentication token via the /tokens V2 API endpoint, but limits you to accessing a single folder in the user's account.'
I've googled around for such a thing but I can't find any more info about it. It seems like exactly what I need for an app I'm working on.
Can anyone shed any light on whether such a thing is still in the works, or if it has been canceled or replaced?
Many thanks in advance.
Instant Mode is a beta feature that we're still testing/iterating on. It's not ready for production applications at this time, but you can email us at API at box.com with your use case so we can let you know when it's ready.
I want to use the places api for getting the places names within a circle in localhost. Does anyone know how to get the client id for localhost?
I'm using Visual Studio and when I debug locally the URL is:
http://localhost:2386/index.html
To connect to Google API I set the following two properties of the Client Id in the API Access tab of the Google API console:
Redirect URIs: http://localhost:2386/oauth2callback
JavaScript origins: http://localhost:2386
I'm using the Analytics API but hopefully this will help in your case as well.
I am not sure if this is what you are looking for but a possible workaround could be:
Get to know the IP of your computer (e.g.: http://whatismyipaddress.com/)
Add your IP in this Format (http://xx.xx.xxx.xx/) to the Google Console (https://developers.google.com/console/)
Use the API-Key for testing.
Be sure that your IP doesn't change :)