Graph API: User Access Token - json

I'm trying to use the Graph API to get the feed of multiple public groups then that of multiple users.
When it comes to the feed of groups, it works flawlessly, all I have to do is fetch the following :
graph.facebook.com/$group_id/feed?limit={feedLimit}&access_token={access_token}
My access token being comprised of: AppID|AppSecret
However when it comes to fetching the feed of a user (Whose confidentiality settings are set to public of course) all I get is an empty answer. I would've thought it impossible to get such info and stopped there but then I stumbled upon ApiGee. All I have to do then is authenticate as a user (facebook-Authenticated-user) and it works.
Here's an image of it: http://s9.postimg.org/ynq5tar9r/feed.jpg
My question is : "How is that possible? I've read all I could in the docs and I still can't understand how it works. And how can I remedy that?"
Thank you.


The token you are using is an App token (AppId|AppSecret). With the app token you can't really get users personal feeds. With ApiGee you authenticated to get a user token, which can be used to fetch posts on the authenticated user's feed.
Read more about Facebook's access tokens

Related

Get User's first and last name via Google API

Currently I am developing a Chrome-GMAIL extension which requires me to get the logged in user's first and last names. For experimentation, I have used the following goggle API (userinfo) and have successfully obtained the names I wanted:
https://www.googleapis.com/auth/userinfo.profile
However, using the userinfo APIs will cause a change in the OAuth2 scopes in my manifest. This change will in turn cause a permission-prompt to my existing users (if a domain wide delegation is not setup in place). Point being the idea of having more prompts in front of my user, or additional oauth scope is not really something I desire.
Currently our extensions use the following OAuth scopes and API :
Chrome's Identity API
Chrome's Storage API
GMAIL.modify
GMAIL.send
My question is, is it possible to get the first and last names using an API that is defined/allowed/provided for by any of the above scopes/permissions I listed? or is userinfo the only way to go?
Thank you very much.

Profile data like first name and last name is private data. You are corect that some Google apis give you access to some data that would normally require an extra scope. For email normally you would need to to request the email scope to get this back however the Gmail api does have an endpoint getprofile which will return the current users email address without you requesting the email scope.
However i am not aware of any apis that will give you access to the users first and last name without you requesting the profile or user.profile scope.
If you do decide to add the scope, I do recommend going though the people api rather then the userinfo endpoint as the data returned by the user info endpoint is not guaranteed to always return the name.

Where to put access token in Reddit API url?

I'm trying to use the reddit api in a practice app to practice parsing JSON in Swift, and I've registered to get an access token, but now I'm confused as to where to put it. In other APIs I've used, I'd just put the access token string (?) somewhere in the endpoint url and that would be it, but I can't see anything pertaining to that in the documentation. For example if I'm trying to access https://api.reddit.com/api/v1/top/, where would I add my access token?
In the OAuth documentation is says to use the url https://www.reddit.com/api/v1/authorize?client_id=CLIENT_ID&response_type=TYPE&
state=RANDOM_STRING&redirect_uri=URI&duration=DURATION&scope=SCOPE_STRING but that seems to need:
CLIENT_ID
RANDOM_STRING
URI
DURATION
SCOPE_STRING
I plugged in all the necessary values according to the documentation, and it redirected me to the front page of reddit (I gave https://www.reddit.com/ as my redirect uri)
In previous practice apps with other APIs, I would simply have a single url (that included my auth token) and I'd plug that url into my function that parses the data. Now that I've followed the OAuth directions, I still can't seem to find an endpoint url that I can use in my app.
I tried https://api.reddit.com/api/v1/top in my browser and it says {"message": "Unauthorized", "error": 401}, and I tried https://www.reddit.com/api/v1/myAccessToken where myAccessToken is the string they gave me when I registered. This leads me to a "page not found" on Reddit.
What do I need to do here to get a basic endpoint url that gives me the JSON data for, just for example, recent posts?

Analytics API v3 | Error 401 (Invalid Credentials) Only On A Few Accounts

Hey
I work for a marketing agency and I've developped a small script in Google AppScripts that pulls data from my customers' Analytics accounts and formats it into a Google Slides presentation.
How it works:
Our customers give us access to their Analytics views, and using Analytics API I get the id of each view shared with us on our main account and use these ids to make requests to the API.
The script works perfectly fine for almost every view, but recently I've had issues with some Analytics accounts.
Basically I get a 401 response code, despite having manager access to the given property.
The method I use to make requests to the API is Analytics.Data.Ga.get, and here is what the result looks like :
[18-10-23 06:57:02:128 PDT] {totalsForAllResults={ga:users=0}, totalResults=0,
columnHeaders=[{columnType=DIMENSION, dataType=STRING, name=ga:userGender},
{columnType=METRIC, dataType=INTEGER, name=ga:users}],
profileInfo={profileName=Toutes les données du site Web, accountId=xxxxxx,
profileId=xxxxxx, tableId=ga:xxxxxx,
webPropertyId=UA-xxxxxx-x, internalWebPropertyId=xxxxxx}, itemsPerPage=1000,
kind=analytics#gaData, query={end-date=2018-09-30, max-results=1000,
start-index=1, ids=ga:174758787, start-date=2018-07-01, metrics=[ga:users],
dimensions=ga:userGender}, containsSampledData=false,
id=https://www.googleapis.com/analytics/v3/data/ga?ids=ga:xxxxxx&dimensions=ga:userGender&metrics=ga:users&start-date=2018-07-01&end-date=2018-09-30, selfLink=https://www.googleapis.com/analytics/v3/data/ga?ids=ga:xxxxxx&dimensions=ga:userGender&metrics=ga:users&start-date=2018-07-01&end-date=2018-09-30}
When I go to that link "id" link, here's what I get :
{"error":
{
"errors":[
{
"domain":"global",
"reason":"required",
"message":"Login Required",
"locationType":"header",
"location":"Authorization"
}
],
"code":401,
"message":"Login Required"
}
}
I gathered this has to do with the OAuth2 protocol, which I never had to worry about since it's usually automatically handled by AppScripts.
I've looked around pretty much everywhere trying to fix the problem myself, but I can't seem to wrap my head around the OAuth 2 protocol, and the way it works in this very case.
I've already created credentials for my script, so I have access to my client id and client secret for this project.
My assumption is that the tokens for the problematic accounts have expired, and I need to refresh them somehow and give them the right scope. I just have no idea how to do that.
I would be very thankful if anyone could enlighten me on this one :)
Have a nice day!!

Fixed the problem, turns out it has nothing to do with the OAuth2 protocol. The demographics reports were simply turned off in Analytics for these accounts, which is why I wasn't getting any response from my query.
If anyone is wondering, the error 401 in the REST request is because no token or key is passed at the end (using "?key=..." or "access_token=..."), so it's like some anonymous person tried to access the data.
If you wonder how to get the acess token, you can get it token using Query Explorer. After running a query, select "Include current access_token in the Query URI (will expire in ~60 minutes)."
Anyway, this can be closed.

Extracting ACL support in Yammer REST api

Is there any support in Yammer REST Api for extracting ACLs (Access control list) of the logged in user. Like what if I want to know that the given message is accessible to the given user or some group containing this user.

There isn't a way to get an ACL exactly, but depending on how your app works, you may be able to get the answer you need. If you a verified admin of the Yammer network has authenticated with your app, then you can use the Impersonation API https://developer.yammer.com/docs/impersonation to impersonate the user in question and then simply attempt to access the given resource. If the response is a 401, then the user doesn't have access.

Youtube Api get user's subscriped channels

I'm coding a app which needs to get a list of subscribed channels of the user.
So the user gets navigated to this page so I can get the authorization key:
Get Access key for my App "AboReminder"
Now I get the access key which I need for some api requests. But I am stuck on the issue that I dont have any glue how to get the subscription list.
I'm not able to understand the information on the google page: Google APi documentation
So my question how is a possible request for getting all subscriped channels of the user?

send an ajax request to the following URL after replacing the {{OAUTHKEY}} with the appropriate user authorization key
https://content.googleapis.com/youtube/v3/subscriptions?part=id,contentDetails,snippet&maxResults=10&mine=true&key={{OAUTHKEY}}
This should be a GET request and no request body required to set.
You can navigate to the next set of results using 'nextPageToken' in the response.
By default api can generate only 5 results. You can get upto 50 results by providing 'maxResults' query parameter.
As far as I know, there is no way to get all the list.