How to create authentication rest api in odoo 14? - odoo-14

I want to create rest API in odoo14 for authentication using postman.
like register user and login user api

Odoo comes equipped with API keys and its own authentication module, with each user having an API key. Take a look at their documentation here.

Related

How to generate permanent access token for WhatsApp Cloud API integration

I'm using WhatsApp Cloud API Integration for our company use case and all functionality will be server-to-server API call and I have to generate a Permanent token to call the WhatsApp API to send the message. I have submitted a request to get advance access to whatsapp_business_messaging but it got rejected as we do not have any frontend UI to showcase the implementation. Facebook support team said I do not need advance access if we are implementing WhatsApp API for our own use case. We have also generated the permanent key by creating a system user from the Facebook Business dashboard but the API throws an error that this key does not have permission.
Please guide me on how can a get approval or get a permanent access token to use the WhatsApp Cloud API Integration.
Thank you in advance
On your business setting go to the User(left side menu) and create a system user there. and there you can create the permanent access token.

AWS Cognito Mobile Hub

I need to login users via Instagram for my mobile application so I can make calls to Instagram API and get some information from the Instagram. Simply, my application will ask user to authorize Instagram access and able to get access token for API calls. Application should not ask user to login again once the user is authorized. I already setup my Instagram client-app to implement server-side authentication flow.
My challenge is I want to do this on by using AWS mobile services. I already setup custom authentication from MobileHub and came to point where I need to define my custom authentication flow (in this case it is Instagram authentication flow). Under AWS Cognito app when I go to Triggers tab, I see different options for defining lambda functions associated with my authentication (such as pre/post auth or define / create / verify auth challenge). I am not sure how to align Instagram Authentication flow with these functions. Or should I use something else. Also I am not clear how does AWS Cognito manages authentication flow: I don't want my users to go through authorization process every time they start my application. I believe AWS Cognito link users from my custom flow to some Cognito identity and able to authenticate when they use my application. I really appreciate any suggestions, or even code sample (if available).
Check this Document for Cognito Identity. Instagram is not there by default. So you have to use External Identity Provider, most probably using Open ID Connect Providers.

Web API Security using Individual User Accounts and Custom Storage Provider

I am developing a REST based application using Web Api 2. On the project, I elected to use the individual user accounts option when I created my project. On the frontend, I am using a combination of angularjs and ios interfaces to interact with web api. I would like a user to enter their credentials and upon successful authentication, receive a jwt token(SSL) that they can use as long as the ticket hasn't expired. I read an article outlining how to create a custom storage provider, which I need as my user schema is different from asp.net identity.
What is the recommended approach to this scenario?
Can someone provide an example of how to setup .net individual accounts for authenticating users trying to access web api action methods? As stated above, the user interface is angularjs.

api created in wso2 appfactory preview api publisher is not working

I created api from WSO2 appfactory preview api publisher. But when I call it from REST client it says the service doesn't exists where in yahoo weather api in the same api store gives OAuth error (which is expected without a token). The backend service runs nicely.
"404Status reportNot FoundThe requested resource (/usdToLkr/0.0.2) is not available."
My API is given here
http://apimanager.appfactorypreview.wso2.com:8280/usdToLkr/0.0.2
What I am doing wrong?
Is it blocked in appfactory preview?
First of all, if you create an API, you have to publish it by publisher.
Then you have to login from WSO2 Appfactory preview and via resources page, you should click on subscribe to API and login to API store via that.
Then you have to first subscribe to the particular API via your created application.
Then the consumer and application keys should be generated manually or automataically once you click on the Renew API keys or API button.
Then if you have provided a working production/sandbox URL during the API creation, it should work.
If you try out with the REST client, you should provide required header values. You get an OAUTH error because you havent provided the token.
A working API invocation sample for App factory preview can be seen from this documentation.
Using REST client to test an API can be seen from this documentation.
Are you looking for an online API management / gateway solution? If so, you should use WSO2 API Cloud instead.
Also, see the tutorials covering the scenarios you mentioned here.

Authentication for new Twitter API 1.1

I have an application that needs to display number of followers and following (users/show.json) for a random user on a public page (authentication is not required).
With the Twitter API 1.0 it was quite easy as authentication is not needed for the request. With the new Twitter API 1.1 is no more possible, so I need to authenticate the request (via OAuth).
Is it possible only "authenticate" the application and not the user too?
I mean: can I avoid to ask user to login and only authenticate with application key/secret? Or everytime I need to create a token with user credentials too, creating callback, etc.?
Yes, it is possible! If your application doesn't need to do things like post statuses or send direct messages on behalf of a user, you should be able to retrieve all of a user's public information with a single hardcoded set of Twitter OAuth credentials, and not require the user to authenticate.
Login to Twitter and go to the developer dashboard at https://dev.twitter.com/apps
Register a new application; after the application is registered, view the application details. You'll see an "OAuth Tool" tab, where you'll find all the relevant OAuth values for that application: Consumer Key, Consumer Secret, Access Token, and Access Token Secret.
Using these credentials, you'll be able to make requests to the new Twitter API.
If you're not comfortable using the Twitter API directly, there are a number of good API wrappers out there for various languages -- among others, the Temboo SDK, which will give you code snippets for calling various methods (and also gives you a place to securely store your Twitter credentials, so you don't need to bake them into your application).
Take a look at:
UserTimeline
GetFollowersByID
(Full disclosure: I work at Temboo.)
The easiest way to do what you're asking is to use Twitter API 1.1's 'application-only authentication' feature, which works for much of the API. See Application-only authentication. You can see a Python example of it in get_bearer_token.py.
Once you have a bearer token, you only need to include that in your request authorization header - signing is not necessary.