I am working with an API where only certain whitelisted domains are able to access our services. Each domain can use a multitude of services (we have more than one), and each domain will have a unique access token related to each service.
Here is the structure of the tables I have set up:
Basically, there is a M2M relationship between Whitelist_Domains and Services, as well as a M2M relationship between Services and Tokens.
I want to retrieve "TOKEN" from the Tokens table, and the information I provided with is Whitelist_Domains.DOMAIN, and Services.ID.
I am having trouble generating a SQL query that will return the correct information though.
Any help would greatly be appreciated. Thanks.
Related
I have not found any exact match for my query so creating this new thread. I am trying to build an application which is going to be work in the following way:
seller come to the example.com.
Initially they run the applicaiton as seller1.example.com
seller buy a domain say seller.com
they need to point our cname to their domain panel
then they can run the seller portal with seller.com url
Now the queries or concern are as follows:
If we dont add the domain which is created by user in my hosting as add on domain will it work?
There can be 1000 of user is it convenient add such huge number of add on domain?
There are several domain providers. Some provide facility to point NS record, some provide facility to point IP/A record how this can be manage via cpanel APIs.
Any suggestion or pointers will help us a lot.
Thanks in advance!
We are connecting Marketing cloud and SF orgs. In Salesforce org we have leads and person accounts. When we connected both environments, We see that we have contacts and accounts as different objects instead of one in MC sync option for Data Sources.
Now my questions is for data extensions which object should i refer to? account or contact?
Our data extensions refer to contacts but this is primarily because our data extensions utilize a contact type field which we use for blasts.
It is worth noting that salesforce documentation does reference that person accounts work with marketing cloud and references a link here to more information:
https://help.salesforce.com/articleView?id=account_person_behavior.htm&type=5
I want to merge 6 different profiles into one, consolidating FLS, Record Type, Permission sets, Page layouts in salesforce. May I know whats the best possible and easiest way to do it?
Thanks
Use the Salesforce Metadata API to retrieve the 6 profiles in xml form. You can then view all the permissions each profile has and consolidate into one. Then use the Metadata API deploy() to deploy the profile to your Salesforce org.
Salesforce give examples on how to retrieve profiles and the required package.xml to include in the request here: https://developer.salesforce.com/docs/atlas.en-us.api_meta.meta/api_meta/meta_profile.htm
Note: the retrieval content of profiles is relative. i.e to see the profile permissions for Account object, you must include the Account object in your retrieve request.
Salesforce documentation:
https://developer.salesforce.com/docs/atlas.en-us.api_meta.meta/api_meta/file_based.htm
https://developer.salesforce.com/docs/atlas.en-us.api_meta.meta/api_meta/meta_retrieve.htm
I have multi-tenant application, which exposes some API for our customers to use. I would like to expose it using Azure API Management. Mostly to provide Development Portal to our customers, which I find very useful, and maybe use some other features.
If I understand correctly, our customers will set up their own subscription keys for authentication, which API Management proxy will validate.
Question: How can I link and identify user/subscription to the tenant of my application, to ensure that only data from this tenant are returned.
One direction I can see to explore is to use delegated sign up, which I guess will help me to link subscription to the tenant. But then still the question is how to get user id in my backend API?
Any direction to documentation or samples is very appreciated
You could create separate groups in APIM to represent your tenants and then put users into those groups using delegation hookups. Withing APIM policy in expressions you can reference context.User.Groups to list groups user making the call belongs to and forward that information to backend.
Alternatively you could use Note field to store tenant name and access it as context.User.Note. Or if you're willing to store mapping on your side the just take an id context.User.Id.
All of above could be passed as a header using set-header policy like:
<set-header name="userId">
<value>#(context.User.Id)</value>
</set-user>
All scenarios would require you to have delegation setup to fill this information automatically for every new user created.
I am designing a RESTful API which will serve as common backend for several mobile apps. So far, it consists of:
Users table: id (primary), name, email, password
Apps table: id (primary), name, description
Just independent tables...
I want to implement the OAuth Password Grant method to request OAuth Access Tokens from mobile apps, using an email / password form in each case so that I can use OAuth scopes to leverage access levels.
And I am just wondering which is the best approach for designing the database schema.
My tries, so far:
Adding an app_id field to users table and making the email field unique, but this would limit them to use only the first app where they register. So that is not a solution. However, with this approach, I could implement OAuth scope-based permission system the easy way :(
Adding an app_id field to users table but not making email field unique. Then I could have two rows with the same email and different app_ids. But the implementation of OAuth scope-based permission in this case would be inconsistent as I could have two rows with the same email / password when I called 'oauth/token' route...
As many users can be registered in many apps, other idea was to create a pivot table between apps and users (app_user). That table would have:
app_id, user_id, and a role field to specify the role of each user in each app. So far so good with this, but the problem here comes when a user with high privileges in an app would use his/her golden Access Token to perform forbidden actions in another app... :(
Please, can someone shed some light on this topic?
Many thanks in advance.