I have a web application that will authorize a user with eBay so that I can post items for them. But I want to cap the limit at 50 per account and eBay account. I can easily track how many item posts they performed in my application. But what prevents the user from opening another account with my application and re-authorize with the same eBay account.
So I tried it with my application and my eBay account and looking at the tokens from account1 and account 2 there's literally 5 characters difference at the beginning of the token String (around character 15). Rest of the token is the same.
Is there a way to tell from the token if it's the same account?
Ok to handle this you would need to get the eBay User and compare to see if they have already registered. Using the user authorized token make a call to get the user details via:
ApiContext.getApiCredential().seteBayToken(FetchTokenCall.fetchToken());
GetUserCall gu = new GetUserCall(ApiContext);
UserType user = gu.getUser();
Now compare and save relevant data.
Related
I am trying to display only the images the client uploaded to instagram on their website. The client's user ID# is 176722013. According to the API this URL will provide just such a feed:
https://api.instagram.com/v1/users/176722013/media/recent
As indicated by the error message, I need to provide either a client_id or an auth_token. Since I don't want to deal with authentication I went ahead and created an "app" in instagram developers to get a client_id # 5b5a6e95469f465f9f70e4ebcf9ee3a6
Yet when I add it to the URL I still get an error that I needed to provide an auth_token. How does that make sense?
https://api.instagram.com/v1/users/176722013/media/recent?client_id=5b5a6e95469f465f9f70e4ebcf9ee3a6
The app is in sandbox mode. When I attempt to submit it for review I must provide the purpose for the app. Upon selecting " I want to display my Instagram posts on my website." as the purpose I get the following message:
You do not need to submit for review for this use case. If you are a
developer and you want to display Instagram content on your website,
then you do not need to submit your app for review. By using a client
in sandbox mode, you can still access the last 20 media of any sandbox
user that grants you permission.
I am truly at a loss for how to proceed. Thanks for any support
As of June 1st, 2016, you need access_token to access API, where did u read: either a client_id or an auth_token ?
authenticate and get access_token and use to get API response.
#snucky you don't need authentication but you do need the users permission - from what I gather, instagram is accessible only by registered users - so you still need the access token - but instead of a server-explicit you need client-implicit.
Make a http request from your client to the api/authorize with the ?client_id=ID AND A redirect_uri=http://yoursite.com/ when the user allows the application, you'll receive an access_token in the url, which you will then use in every subsquent instagram call
read more here
I'm developing of a community website that features about 500 user profiles. We now want to add the option to show the users' Instagram feed on their profile (with their consent). Going through the instagram API documentation some questions arose concerning the right approach about permissions and the review process.
Can anyone clarify if the following is a working approach and a valid use case regarding instagram's policy: Creating one client ID / access token for the website that is used to communicate serverside with the Instagram API, using the public_content permission to query the members' timeline. Server side caching would ensure that the rate limits are respected.
Since we need read-only access to public content only we would like to avoid managing authorization of every single member.
Thanks!
In the recent API changes Instagram removed the ability to use the client_id for requests and now an access_toek obtained by authorising and Instagram account is required for everything
You could make an account for your website, authorize it and use its access_token, but it will need to apply for the public_content permission and I don't thin Instagram will like this use case. Also with 500 accounts you may hit your Ali request limit.
The better option is to require uses to authorise their Instagram account if they want their recent posts on their profile and use their token to get their recent posts. This way you don't need the public_content permission
I'm trying to access public information from API's without actually having users grant access to the API in my mobile Application. Is this actually possible, or are the Oauth permissions for any sort of access to an API?
For example, I want my application to be able to pull a list of nearby restaurants for my application without asking the user if Yelp can access the application. Since the user just wants nearby food information, the request for restaurants isn't user specific, and the user shouldn't actually have to login.
Another example is if I want Eventbrite to simply give me a list of upcoming events. Is there a way to get this list without having a user authenticate Eventbrite within my application itsself?
You can call an API endpoint with your own token (between your Eventbrite account and your application key), and if the data is public (even if it's 'owned' by a different Eventbrite account) we'll return the data.
For example, if you want a list of events across our Event Directory (Event Search endpoint: http://developer.eventbrite.com/docs/event-search/) you can call this method with your own OAuth token (you can grab your OAuth token here: http://eventbrite.com/myaccount/apps).
Hope that helps!
I am trying to use the Ebay API to get completed transactions for a seller(s) that is using a different account from my developer account. I've looked into GetSellerTransactions and GetOrders. Unfortunately, I am not sure if it's possible to specify a User ID different from mine. Could you point me to working example of how to do this?
To get transactions for a user you should be first authorized by that user.
You will need a developer account for that.
This links will guide you
http://developer.ebay.com/DevZone/XML/docs/WebHelp/wwhelp/wwhimpl/common/html/wwhelp.htm?context=eBay_XML_API&file=GettingTokens-Getting_Tokens_for_Applications_with_Multiple_Users.html
http://developer.ebay.com/DevZone/XML/docs/WebHelp/wwhelp/wwhimpl/common/html/wwhelp.htm?context=eBay_XML_API&file=DevAndTestApplications-Testing_Applications.html
Once you get the user token for a user you need to send them along with your developer credentials to make the getOrders API call for that particular user.
I am new to linkedin api. I have a doubt regarding the api.
I am integrating the api in my application, so different user have to register in the linkedin to get the data using that api? Can it be pre registered and the user can get the data whatever he wants.
Suppose user wants to search about company. He will type the company name and will get the names of the company related to search. He should not log in in linked in before searching.
Is it possible?
If you are using the JavaScript API, then yes, you may need to have the user log in each time as the JavaScript API's authorization is cleared every time the user closes their browser.
If you are using the REST API, you can store the user's OAuth token and use that to make the calls on behalf of the user, saving them having to sign-in each time.