Trying to figure out if I can do the following via the box-api.
authenticate as an enterprise admin
lookup a user (in our case a special box user named "group_xxx" where this account will serve as a non-person shared group like "group_math_dept", "group_engineering_dept", etc...).
query for the root folder info for a given user-id (perhaps "GET /users//folders/0"
(tried that it doesn't work).
View the list of enterprise users with whom the given folder has been shared.
Modify the list of enterprise users with whom the given folder has been shared.
What I'd like to do is develop an app to delegate admin of these special group accounts to an appropriate individual in the given group. We can maintain who admins what locally. I can authenticate as one of our Box Admins (i.e. I have working code for steps 1 and 2). However, I don't see support in the API v2.0 doc for steps 3, 4, and 5.
Am I missing anything?
Unfortunately my understanding is the same as what you've found; that account and meta operations like steps 3 through 5 are not currently supported through the API.
UPDATE:
Looking at Box's developers blog it looks like functionality for steps 4 and 5 were actually just added, but are not yet in the documentation.
http://developers.blog.box.com/2012/09/10/v2-api-updates-keep-rolling/
Box actually has some more enterprise/admin API methods in private beta. Those are made accessible to early testers for a controlled environment, and include methods to perform operations on behalf of other users with administrative privileges.
If you're interested, feel free to email api [at] box [dot] com to discuss the testing of beta methods.
Related
I was asked by a potential client if I can have my software interact with Esri/ArcGIS Online.
Use case: users is logged into SomeRandomSoftwareApp and is looking at a Widget, this Widget includes an Esri asset id, the user clicks a link that passes that ID to Esri/ArcGIS Online and behind the scenes the user is logged into Esri and they see the data associated with the Esri/ArcGIS Online.
Thanks, Keith
If I understand correctly, you have two options for this: API Keys or Application Credentials.
The first one, is a permanent token generated by the owner of the data that will allow the application easy access to it. This is still in beta, and it was not ready for use the last time I check some time ago.
The second one, the owner of the data will generate credentials for your application. With this credentials you will have to request a token each time you want to access the data, all this via OAuth 2.0.
Check the docs for more details ArcGIS Services - Security
Currently I work on a Chrome extension published but unlisted in the Chrome Webstore. Our organisation uses Google Workspace and the extension's owner is bound to a group in the Workspace which Google calls using a 'Group Publisher Account'. We ship the extension to support another application and because of this our documentation describes how to manage the installation of the extension via the Extension ID (the alpha numeric UUID that identifies the extension)
Because of various corporate changes, we'd like to transfer the ownership to a group in a different Google Workspace. In the developer console when we tried to unhook the group publisher account it said that we must unpublish all extensions. While the extensions not being available is a little inconvenient its not the end of the world. However, what we're now concerned about is that unpublishing the extensions, removing the group publisher (at which point ownership will revert to an individual account in the group based on some rules, we think we can arrange for this to be an individual in the new Workspace by adding them as a member of the original Workspace group), and then republishing may cause our extension ID to change. Which is something we really need to prepare for.
Does anyone have an experience with doing this, that could warn us of any landmines we might step on here?
You'll want to use the One Stop Support form to initiate the transfer request.
My item (extension, app, or theme)
I want to transfer my item
The form itself calls out a few caveats to be aware of. As of Feb 14, 2022 it stated:
Please make a note of the following information -
After submitting this form, you will need to confirm the transfer from the original publisher email address
The destination account needs to be registered before submitting this form. A $5 registration fee is required for the registration. Learn more.
Ensure you give the correct account details
Only items that are published and without any violations will be transferred.
Transfers can take up to 7 days
Transfering an extension does not have any impact on end users. The extension ID will be retained, existing installations are not affected, and users will continue to retrieve updates as expected.
I'm creating an application to work with OneNote in Office 365 and so I'm creating an app registration in Azure. I want to be able to view notebooks, and there are two permission options: View notebooks and View notebooks in your organization. Irrespective of which permission I select, the only notebooks the call returns are ones in the currently authenticated user's personal site (using "https://www.onenote.com/api/v1.0/me/notes/notebooks" as the Url for the GET request).
So...is it because of the Url I'm using (I haven't found any documentation that uses anything other than ".../me/..."), or is it just working as expected? For example, there's no documentation I've found that describes what all notebooks "in your organization" means - does that include every SharePoint site collection Notebook? Something else? Any additional details or links to specific information would be appreciated.
Yes it is possible to Get Personal Notebooks in the Users OneDrive For Business (/me/) as well as Notebooks hosted in SharePoint sites(/myorganization/) that the user has access to.
Organization Notebooks -
https://www.onenote.com/api/{version}/myorganization/siteCollections/{id}/sites/{id}/notes/notebooks
You would need SiteCollectionId and SiteId to access the organization notebooks.
To understand how you get the notebooks (in the users organization) by referring to this documentation -
https://blogs.msdn.microsoft.com/onenotedev/2015/06/11/and-sharepoint-makes-three/
I did finally find the documentation where they list the different locations from which you can request notebooks: https://msdn.microsoft.com/en-us/office/office365/howto/onenote-get-content. Also, to get the gist of my question, although the service uses a common Url to access notebooks, there isn't a single location where you can ask for all notebooks in an organization. The Azure permission merely gives you the right to go get them if you can find them. As noted in the first answer above, if you know where they are at and if you have the right permissions with your app then that all works great. But you have to know where they are, because there doesn't seem to be a discovery type API for them.
According to OneNote in the Microsoft Graph API (in Preview) it should be possible to retrieve and access notebooks owned by the user and shared by other users (plus O365 group notebooks).
However, executing https://graph.microsoft.com/beta/me/notes/notebooks just returns my (owned) notebooks (not the shared ones). So maybe I'm doing something wrong here, but how do I list all notebooks that my user has access to (owned as well as shared) using the Graph API?
Sorry for the confusion, OliverL. We've updated the blog post to clarify that the /me endpoint currently only provides access to the OneNote content that’s owned by the current user.
Soon the /me endpoint will also include OneNote content that others have shared with the current user, and then you'll be able to get a list of shared notebooks. But right now, you can only use the /users/<id> or /users/<userPrincipalName> endpoint to access content that another user (specified in the URL) has shared with the current user.
We'll announce the upcoming change in the OneNote Dev Blog when we release it, and make note of it here too. Thanks for your feedback!
I have a web application that we are building. We need a text editor to allow for our registered users to create and or edit documents. We want the documents to be used within our app, but would like to use the Google drive interface to create/edit/upload docs. What I am concerned about is the OAuth2 process. I would like for our web app to be the authenticator, and allow our users access to our files/folders that are under our account rather than theirs. Can we do this? All of our users are authenticated by our application already, and we do not want them to have to use their personal credentials to access files used by our application.
According to Google's documentation:
Each Gmail account intended and designed for use by an individual
user. If you have multiple users frequently accessing the same account
from various locations, you may reach a Gmail threshold and your
account will be temporarily locked down.
Anecdotal evidence confirms this: a worker at a school reported a 403 error possibly caused by too many people logging into the same account at the same time.