Is it possible to delete Authorized GitHub App with Rest API call?
If yes, how can exactly can I do it? what is the request URL, body, etc.
Related
Is it possible to authenticate the Twitter API through a URL in a web browser?
ex. https://api.twitter.com/1.1/search/tweets.json?q=%40twitterapi&secret_token=234234234234
I've been researching this for quite a while and haven't found a definite answer.
And if so, where in the docs would the names of the variables be that I need to authenticate via a URL?
No, that's not how the Twitter API works. You need to construct a valid OAuth authorization string and include it as the header in your request.
See Authorizing a Request in the Twitter REST API documentation.
Which URL I should user for authentication user in the Twitter?
For example, in the Instagram token for user can be received when user click on the following link
https://api.instagram.com/oauth/authorize/?client_id=XXX&redirect_uri=XXX&response_type=XXX
After this its return token and I can work with user profile.
How to build such link for twitter?
Twitter API has several ways to authorize and it depends on what you want to do for determining which approach to take.
The OAuth2 approach that instagram takes is called application-only in Twitter API. The thing about application-only is that you can only use it on endpoints that aren't associated with a user. e.g. it's great for search, but doesn't work well for tweeting (which is something a user would do).
A couple other approaches are Single User Authorization, which is good if your app only needs one set of credentials. e.g. a server app. Another is Pin Authorization which is a work-around for devices that can't manage Web callbacks. These use OAuth 1.0A.
There are a few other OAuth options, but this was just to give you an idea about the available choices and the need to think about what you want to accomplish and match that with what the Twitter API offers. Here's the Twitter docs for more info:
Authentication and Authorization
I am making an app that uses Kinvey as a backend. I want to access the Github api. I need the user to authenticate with OAuth. Can I do that with Business Logic? As far as I can tell, every request needs to be authenticated as a user, when Github redirects to my Business logic it won't have those credentials. I feel like I am missing something simple(never worked with oauth before).
Can this be done with Kinvey alone?
The OAuth2 callback does not have to be to Kinvey. If the user is interacting with the system and authorizing the token via OAuth, the redirect should actually be back to your web server - this way the user is redirected away from the authorization page, and back to your site. From there, you can get the token from the callback URL query string, make a request to store that token in Kinvey, and redirect the user to the appropriate page on your site.
If you are doing the server-side OAuth flow, you can set your callback to be any collection (you can create a dummy collection for this purpose.) Endpoints will not work for this, because endpoints only currently accept POST requests, and the OAuth2 callback is a GET request. In this use case, you would create a pre-save endpoint that receives the callback, obtains the token from the query string, and then does whatever processing it needs to do.
I have an application that needs to display number of followers and following (users/show.json) for a random user on a public page (authentication is not required).
With the Twitter API 1.0 it was quite easy as authentication is not needed for the request. With the new Twitter API 1.1 is no more possible, so I need to authenticate the request (via OAuth).
Is it possible only "authenticate" the application and not the user too?
I mean: can I avoid to ask user to login and only authenticate with application key/secret? Or everytime I need to create a token with user credentials too, creating callback, etc.?
Yes, it is possible! If your application doesn't need to do things like post statuses or send direct messages on behalf of a user, you should be able to retrieve all of a user's public information with a single hardcoded set of Twitter OAuth credentials, and not require the user to authenticate.
Login to Twitter and go to the developer dashboard at https://dev.twitter.com/apps
Register a new application; after the application is registered, view the application details. You'll see an "OAuth Tool" tab, where you'll find all the relevant OAuth values for that application: Consumer Key, Consumer Secret, Access Token, and Access Token Secret.
Using these credentials, you'll be able to make requests to the new Twitter API.
If you're not comfortable using the Twitter API directly, there are a number of good API wrappers out there for various languages -- among others, the Temboo SDK, which will give you code snippets for calling various methods (and also gives you a place to securely store your Twitter credentials, so you don't need to bake them into your application).
Take a look at:
UserTimeline
GetFollowersByID
(Full disclosure: I work at Temboo.)
The easiest way to do what you're asking is to use Twitter API 1.1's 'application-only authentication' feature, which works for much of the API. See Application-only authentication. You can see a Python example of it in get_bearer_token.py.
Once you have a bearer token, you only need to include that in your request authorization header - signing is not necessary.
I'm accessing the Google Contacts API using OAuth.
I see from the docs that I have an authorize URL (https://www.google.com/accounts/OAuthAuthorizeToken), used to get the access token, but not an authenticate URL, a thing other services implementing OAuth use to automatically redirect the user to my site when he has previously given me the permission to access his data.
Linkedin does it
https://www.linkedin.com/uas/oauth/authorize
https://www.linkedin.com/uas/oauth/authenticate
Twitter does it
https://twitter.com/oauth/authenticate
https://twitter.com/oauth/authorize
But I couldn't find a way to do this using the Google API.
Anyone knows if it's there?
Thanks
Google uses the same url for authentication and authorization, so just redirect your users to the authorize url with the appropriate parameters in the query string. Google then determines if the user needs to login, authorize your app, or both.
The flow would go something like this...
Get the request token
Redirect your users to the authorization link
https://www.google.com/accounts/OAuthAuthorizeToken?scope=http%3A%2F%2Fwww.google.com%2Fm8%2Ffeeds&oauth_token=REQUEST_TOKEN&oauth_callback=http%3A%2F%2Fwww.mysite.com%2Fcallback
User authorizes your app, then exchange the requst token for an access token.