Google deprecate loopback IP address flow recently, while their samples for Windows app is still using loopback IP address, and they don't provide any other alternative.
Here is their sample : https://github.com/googlesamples/oauth-apps-for-windows
How can Windows apps use Google Sign In now?
Related
CTAP2 allows apps on mobile phones to act as roaming authenticators. An app may implement the protocol over one or more of the supported transports.
However, there are use cases where the web or native app being accessed would be run on the same mobile device as the roaming authenticator. Can this use case be supported by CTAP2?
PS: Why is there no ctap or ctap2 tag? I used 'fido' as a proxy.
However, there are use cases where the web or native app being accessed would be run on the same mobile device as the roaming authenticator. Can this use case be supported by CTAP2?
CTAP defines a protocol that is used between devices. For apps to provide credentials on the same device, the OS of that device would need to support them plugging into the standard APIs.
We (Google) said yesterday, “Please stay tuned for more updates from us in the next year as we introduce changes to Android, enabling third party credential managers to support passkeys for their users.” But I believe that's the most that any of the platforms have said on this point so far.
Requesting guidance on how to get the OAuth Client Id whitelisted, so that Oauth works in Embedded browsers.
My Client id is : 665249451488-84nosliqrc80hpe0ot1vperj1eb8gbfk.apps.googleusercontent.com
Any email address / contact details for whitelisting will be helpful.
Similar question : Ios captive portal Google oauth disallowed agent - angular app
'disallowed_useragent' error on captive portal
Thanks in advance
Google OAuth does not work on embedded browsers because this is known to be insecure. See https://developers.googleblog.com/2016/08/modernizing-oauth-interactions-in-native-apps.html and https://security.googleblog.com/2019/04/better-protection-against-man-in-middle.html. On iOS, you should use safariviewcontroller instead of relying on embedded web views.
As explained on the other question, if the issue your users are running into is a captive portal, this is the recommended way to continue to use Google Sign In: https://support.google.com/accounts/answer/9690282?hl=en.
I am working on a chatbot in NodeJs and we are using Ngrok to establish a tunnel, the problem we have for teams is that every time we relaunch Ngrok we get a diferent url so i have to manually change the messaging endpoint on the botframework website(under settings)
Is there a way to do this via the api? or maybe the SDK?
This was not an issue for other chat platforms but for Teams i cannot find this feature.
Claudiu
Unlike some other chat/bot platforms, Bot Framework (and therefore Teams) works by having the chat service initiate the connection to the bot instead of the other way around. That's why every bot requires an https: endpoint.
Ngrok is one way to do it without running the bot in the cloud, but as you note those temporary URLs only last 7 hours. You can purchase the premium version of Ngrok which lets you have static subdomains - for example at our Build conference I used https://build2018.ngrok.io.
One of our developers also created Tunnel Relay which you can download. The utility itself is free but you have to have an Azure subscription and use Azure Service Bus - which at the basic tier is $0.05 per million transactions. All the details, including a download link, are on the GitHub page linked above.
There is no public API for changing your bot's messaging endpoint. (If there were, it would be a great way to steal the traffic from other bots.)
Following situation:
An SAP OnPremise system is connected over cloud connector to SAP HCP
In the cloud version of the SAP mobile plattform (SMP) I configured the system
I have a hybrid app (using SAP Kapsel SDK) and try to connect to
a) SMP itself (registring)
b) also to the real backend sytem with the data needed
User name of SMP and backend system is not the same
Does anyone have a good tutorial / documentation link how to setup this correct?
I found a very good tutorial about the Kapsel plugins:
- https://blogs.sap.com/2016/10/20/getting-started-kapsel-part-1-sp13/
With a trial account and a trial backend account (same user name) it seems somehow working. But in my situation it is more complex.
Problem in other words (Edit)
I am searching for a way to use user & password from OnPremise system to authenticate against HCPms over a Hybrid app.
May I ask why you require two different users at all? From a usability point of view, it is very awkward for a user to give two sets of credentials for an app. I'd typically recommend to either
configure SCIM in Mobile Services. This would allow you to register with Mobile Services using your back-end credentials
configure no-auth in Mobile Services. While users still need to give their credentials for back-end access, they can register with Mobile Services without credentials at all
The rest depends on your back-end configuration. For example, if it requires Basic auth, configure your back-end connection accordingly and leave the user/password fields empty. When you supply those with your client requests, they will be forwarded to your back-end.
Edit: I misread the question and thought you were using "SAP Cloud Platform Mobile Service", the cloud equivalent of the SAP Mobile Platform. The answer basically remains the same, only the terminology changes (italic):
configure HTTP(s)-based Basic Authentication SSO in Mobile Platform. This would allow you to register with Mobile Platform using your back-end credentials.
configure no-auth in Mobile Platform. While users still need to give their credentials for back-end access, they can register with Mobile Platform without credentials at all
Either way, SCIM for Mobile Service is described in the documentation, and so is Basic authentication for Mobile Platform.
I am super new to the Hybrid architecture of Cordova Dev Tool and not very familiar with the architecture and the capabilities of it. I am working on building an app using Cordova that will allow only my company users (internal) to login and access it. Our users use the Cisco anyconnect VPN mobile client on mobile devices. I would like to authenticate that the user is connected to VPN when they login to my app. If VPN is not enabled, the app should error out with some sort of a message. Any ideas or sample code would be appreciated.
Thanks!!
Is there a resource that they can only access when using the VPN? I'd suggest that in your app you make a HTTP request to access that resource, if they're using the VPN it'll work but otherwise it won't work.