I need to add by Power Virtual agent bot to Microsoft teams left navigation bar, so that it is pinned and available to all users in an organization, how can I do this without adding the bot to App-studio? Should I submit for admin approval so that I can add in organization wide global MS-teams policy?
To make the Bot available for other users in searches under "More Apps" section of teams
is it sufficient that the bot is sent to teams admin approval without adding in App Studio?
How to pin the Bot for all organizational users after it is available under more apps?
To make the bot available to everyone in the organization and enable installation, the bot should be submitted for Admin approval and approved by an Admin as per these instructions.
A Teams Admin can then proceed to Pin the application for all users or specific users using a policy in the teams admin center by creating or modifying an app policy.
Related
I am new to Google API usage, so please excuse the seemingly basic question.
I am writing a mobile app for members of a Club. The app needs to access a Google calendar and photo storage both maintained by the Club admin. I am having difficulty getting my head around the type of app I should be creating (Web Client, IOS, Android or all). When the OAuth consent screen opens, I am not sure which credentials the user should be entering (theirs or the Club admin).
What is required to allow the user to gain access to the shared calendar and photos?
I need to give Team Admin role for an outsource firm because they'll send applications to iTunes Connect but I'm worry after saw this "Team Privileges" table on Apple Developer Documentation page:
Hmmm, Team Admin can "Register, configure, and delete App IDs"... I give them Team Admin Role and call them by phone, and they say "now we can remove App Id, delete button here and I'm able to use it..."
No, They shouldn't be able to do that! Am I doing something wrong?
Role descriptions:
Team agent:
A team agent is legally responsible for the team and acts as the initial primary contact with Apple. The team agent can invite team members and change the access level of any other team member. There’s only one team agent.
Team admin:
A team admin can set the privilege levels of other team members, except the team agent. Team admins manage all assets used to sign your apps, either during development or when your team is ready to distribute an app. Team admins can edit the App ID to enable app services and create technology specific identifiers used throughout the system. Team admins can sign apps for distribution on nondevelopment devices.
Team member:
A team member can create their development certificate, register a device connected to their Mac, and create a team provisioning profile using Xcode. Team members can’t register devices and create development provisioning profiles using their developer account.
I found my answer under "Maintaining Identifiers, Devices, and Profiles" document.
Deleting App IDs
You can also remove App IDs when you no longer need them. However, you cannot delete an explicit App ID for an app you uploaded to iTunes Connect.
Anyway, weird to see that delete button there.
As part of our "off-boarding" process for employees leaving the company, as super admins we use the Google Apps Admin SDK Directory API to change the user's password so that they can no longer access their account. Then we log in to do a Google Takeout, reset passwords for their other accounts, etc.
However, we recently decided to enforce 2-Step Verification for all of our users. So now when we go to log in to their account, it sends a code to their phone.
Since 2-Step is enforced for their SubOrg, we can't even turn it off through the admin console. So all I can do now is to have the API move the user to a different SubOrg where the 2-Step enforcement setting is turned off, and then manually turn off 2-Step.
Is there any way to programmatically turn off 2-Step verification for an account?
I looked in the Google Apps Admin SDK Directory API Users:update documentation, but it doesn't seem to have anything to do with 2-Step.
The Reports API can find out the user's enrollment status, but it's read-only for reporting purposes.
What you are doing is the correct way to remove the 2-Step verification. As you mentioned if it is enforced under a Organization Unit, removing it would get against that rule and that's why you are not able to do it unless you move the user to another OU where this is not enforced.
I was not able to find some way to do this programmatically. However, you could Suspend the user. After that, the user won't be able to access to that account. The account will still be visible in your Admin Console and all the information in the different Google services will remain attached to that account until you finally delete the account.
While the user is suspended, as admin, you can use service account to impersonate that user. By doing so you can act as that user and edit permissions or transfer the ownership of the files contained in Drive to a different account so those files won't get lost.
I hope this helps.
The easiest way to do this is to create a Group for which 2FA is exempt (see here: https://support.google.com/a/answer/2370108). Then add the user to that group, then you can click "Disable 2FA" on the user page in the admin console. I'm assuming you can do the same through the API.
The only downside is that this means you'll have a group through which it is possible to exempt users from the 2FA enforcement option. So that's a risk you'll have to accept and a policy you have to carefully check.
I want to use Google as OAuth provider for my web site. So I created a new project in Google Developers Console. There under "Consent screen" I wanted to set the email address my users can see when logging in to my company's non-Gmail address.
However, since this is a drop-down box I can only choose from one of the associated accounts, set in the project's permissions. My problem is that I need to set an email address that does not belong to Google, nor do I have a Google Apps account.
So my question is: Can I set a non-Gmail email address in a Google project, even if that domain is not in Google Apps?
You will have to register an account at google developer with your non-gmail address first. And then go to Permissions in the Google Developers Console, add a Member with the non-gmail account as owner. After that you will be able to select the non-gmail email address in Consent screen.
Now I want to develop an application on ARM with libspotify to play music.So I buy a premium account on spotify to get the API key.My original idea is that anyone who has my equipment could enjoy the music served by spotify,but the spotify does not allow to play the same song by the same account on different equipment at the same time.And even the user has their own account,they can not login from the application developed by my API key.How can I resolve the contradiction
As per Spotify's Docs, users must have premium accounts to use that functionality.
Login
To access Spotify functionality the user will need log in using Spotify or Facebook credentials. The logged in account needs to be a PREMIUM one. Note that in the Spotify login flow can be shown when the user e.g. tries to play music, it doesn’t need to come when launching the app. When logging in the user will need to accept our terms of service: spotify.com/legal.