I am developing a web application on the Vue Framework. But I ran into a problem and I don't know how to implement a Zoom API and any video calling company since my web application is dedicated to allowing different people with similar tastes to come in and talk to each other.
I would appreciate if you can explain to me how it could be done or what would be the process to carry out in order to implement it
The Zoom API allows developers to access information from Zoom. You can use this API to build private services or public applications on the zoom app marketplace. To learn how to get your credentials and create private/public applications. All endpoints are available via HTTPS and are located at api.zoom.us/v2/.
For instance you can list all users on an account via https://api.zoom.us/v2/users/.
Related
I'm currently working on custom hosting panel (Angular), which should interact with third party services like Proxmox, Billmanager, Zabbix, Grafana etc.
So my question is how this panel should interact with this services? Should I call directly each of them by API? Or I need to integrate some kind of middleware API (laravel/django) and allow my angular panel to interact only with that API, and after each call this middleware API will call some of third party services (Proxmox, Zabbix etc) if needed?
I will add some schema of possible solutions.
Will be great if you can share some best practice examples.
Thanks in advance for your help)
Ok. So based on some research v1 is a right choice.
This "middleware" is called API Gateway. And in such systems which includes interaction with lots of third party services we definitely need it.
Benefits
We can make all services private (no pubic access)
This adds async to all system
etc
I am building a Xamarin iOS Native project for a iPhone app and i am using Google Maps for creating Routes to several delivery points.
I registered for the Google Maps API but i have troubles with the security of the API key.
In my project i have installed the Nugget package for Xamarin.Google.iOS.Maps and set the App restrictions to my iOS Bundle name. When initializing the MAP all works fine.
BUT we also use the Direction API for setting up routes to different points of the map. But this call function method is a HttpClient call to a JsonAsync call. The Google API denies the call because it did not work with the Bundle name because its a HtppClient Call.
The project is installed on Mobile devices so restricting with a IP address is not a option for us. No restriction AT ALL is also bad for the security.
So my question is : How do I secure this?
Please note that web services cannot work with API keys that are Android/iOS restricted. Web services are server-side and can only work with API keys that are either unrestricted or restricted by IP address.
To resolve your issue, please create a second API key to use for web service requests only.
The public docs on best practices when using API keys has also some suggestions for when IP address restrictions are impractical as with the case with mobile applications.
When using Maps Web Service APIs in these scenarios, secure your apps using one or more of the following techniques:
-proxy server
-obfuscation
-pinning
References:
https://developers.google.com/maps/api-key-best-practices#api_key_table_sup_5
https://developers.google.com/maps/api-key-best-practices#proxy_server
I know this sound strange, but please bear with me. We have a legacy desktop app (DataFlex), and we are developing a new web app. Both apps share the same business logic. We are in the process of moving the business logic to a centralized project that is exposed as an asp.net-core web api, to be used both by the desktop app and the web app.
So far, we have been able to access the new business logic project from the legacy desktop app via COM, but because maintaining interfaces and DataFlex wrapper classes is a pain, we are hoping to find an easier way.
We could access the business logic using the web api via http. But many users are still only using the desktop app, and setting up web servers for all of them is not something that can be done anytime soon. So we want to call the asp.net-core project in a way that resembles the way a web app does it, passing method calls as strings (JSON?)
Is this feasible? If so, how?
I am using new feature of Azure that enables the active directory authentication for your website without writing any code.
http://azure.microsoft.com/blog/2014/11/13/azure-websites-authentication-authorization/
But the problem is my web application is also hosting some Web APIs, which need to be called without any authentication.
Is there a way (some attributes?) so that I can call Web APIs without any authentication?
Tushar, I see that Byron also replied to your question on his post- and suggested creating another website as for APIs as a work around. However I suggest that you wire-up auth separately for your Web App and APIs following our samples here: https://github.com/AzureADSamples/WebApp-OpenIDConnect-DotNet, https://github.com/AzureADSamples/WebApp-WebAPI-OpenIDConnect-DotNet
Let me know if you run into any issues.
From the very same article you refer:
Current Limitations
There are some limitation to the current preview
release of this feature:
...
With the current release the whole site is placed behind login the
requirement.
Head less authentication/authorization for API scenarios
or service to service scenarios are not currently supported.
So, no, you cannot have partial APIs or pages anonymously available - all pages and API will be protected by the Azure Active Directory.
I'm currently planning the creation of a mobile application for ios and android.
The application will permit to the end-user to manage and see the progress of its projects. (Web creation company).
The application will have:
Project management (multiple)
View progress
View tasks
View hours
View files
View messages
Login/Logout form + Profile/Edit Profile section
Send/Reply Messages
Add comment on tasks and files
The question is: What is the best way to create an API (Restful or something else) using the Zend Framework?
This API must and will be integrated to a custom-made Projects Management System and a MySQL DB.
I just working on PHP API (no matter if API is for mobile platforms or another webs) and after realizing between SOAP and REST I chose a RESTful API and I can recommend it...
Zend Framework has components for both of mentioned approaches, but REST is easier and more understandable in comp. with SOAP...
The one thing what you have to think about is logging, you can use HTTP Auth or OAuth (HTTP autentification is easier), but better approach according to me is generate unique API KEY for your users (each user should have own KEY) and this KEY ensure you can recognize user and a security risk is minimal because user do not have to send login and password inside HTTP request (security risk) and in case of KEY is catched on WIFI or infrastructure, hacker do not get user logins to web application, only for API where propably will not be all features what main web app offer.
And if you set some time expiration for you KEYs or IP restriction for KEY, than you can make it more safe:)
Some tip for the end: Implement API as new separated ZF module.
One of the best stuffs I have noticed so far is http://getfrapi.com/
It makes use of everything from Zend to Pear. May be you should checkout the video http://www.youtube.com/watch?v=vJVQi7ZFSaQ