I'm trying to make users follow a SharePoint Online site using the Microsoft Graph API. When I enter my user ID in the below scenario, the operation is successful. When I use another user's ID, the operation fails with a 403 error. The text says to check the permissions in the modify box but all permissions are granted. Is this just a limitation of the API that you can't make another user follow a site?
Error image
My test result is same with you, I think follow site should be a personal action, so setting follow site for others is prohibited.
Related
I am trying to enroll a user on my Moodle site via using the Moodle API.
My Moodle instance is hosted on AWS and all relevant ports are open and listening. So, from the network perspective, I can commit that is all ok.
The steps I have already done based on Moodle Documentation:
I have enabled web services on Administration > Mobile app >Mobile settings
I have gone through the 10 steps on the overview of allowing an external system to control Moodle as explained in the documentation (shown also in this Youtube video)
For testing purposes, I am using Postman. Some requests are going through (e.g. getting the token for a certain user, getting the list of all courses, etc.)
Example:
But when I try to i.e. create a user or enroll a user in an existing course I am getting this error:
{
"exception": "webservice_access_exception",
"errorcode": "accessexception",
"message": "Access control exception"
}
The way I am trying to i.e. create the user is as follows:
In the body section I am sending the following data:
users[0][username]
users[0][email]
users[0][lastname]
users[0][firstname]
users[0][password]
Based on my research, most of the contributors suggested enabling web services, but as mentioned above I have enabled them but the problem persists.
Can someone help me solve the issue here or maybe suggest a way of debugging it?
Fortunately, I managed to solve the issue for both user creation and user enrollment.
Here is a great guide that helped me. In addition, you need to add some additional functions to the web service (roles wary based on what you want to do in Moodle) and also you need to alter the permissions of the new user (again depending on what you want to do)...
We have 2 domain in salesforce:
1-) https://gablesinsurancerecovery.my.salesforce.com
2-) https://gableinsurancerecovery.force.com
and we have 2 user:
developer#cloudspade.com
communitytest#cloudspade.com
developer#cloudspade.com mail work with success on 1. domain but not work on 2. domain.
Likewise, communitytest#cloudspade.com mail work with success on 2. domain but not work on 1.domain.
Its not a problem. Problem is:
2.domain is important to us. Because we have a react-native project by forcereact and we want work with community domain. ( 2. domain ). We setup with successfully this link: https://www.youtube.com/watch?v=9zxMUrayFZ8&t=1634s
We was work with perfectly with the video in the link for login.salesforce.com or 1. domain but doesn't work for 2. domain.
Error is:
error image
As seen in the photo we was see a page. But our expectation was that it would working we send redirect_uri. The redirect_uri we sent was to return "girApp://success" with an access_token and instance_url at the end. But we encounter a screen as you can see in the photo. Redirect is not working. Our goal is to access the access_token with redirection within the application after login and authorize.
Lots to unpack here.
***.my.salesforce.com is your main domain, for internal users. ***.force.com is for Customer/Partner Experience Cloud (formerly known as Communities, formerly known as Portal).
developer#cloudspade.com mail work with success on 1. domain but not
work on 2. domain
Out of the box Salesforce is perfectly fine with internal users logging in to community or even 1-click switching over from internal SF to community. Collaboration and all that. Your administrator probably marked only certain profiles / permission sets as community members, you'd need to check config. But it's possible to use the community login page, you guys just chose not to.
communitytest#cloudspade.com mail work with success on 2. domain but
not work on 1.domain
Yes. Community members must use community login page. They can't use generic login.salesforce.com, test.salesforce.com or your branded ***.my.salesforce.com
works perfectly with (...) login.salesforce.com or 1. domain but
doesn't work for 2. domain
That's because most of the time the community login url must be full. Just the domain might not be enough for login because you can have up to 100 communities under same domain. You probably saw the example when you were enabling communities (Setup -> Digital Experiences -> Settings)
Go to Setup -> Digital Experiences -> All sites and write down the url you'll see there. It'll probably be something like ***.force.com/myportal. That means that for API login you might have more luck with ***.force.com/myportal than ***.force.com.
Stop reading this answer now and go read Sitecore - How to get User ID if the user was logged in using external identity provider (Salesforce SSO). Play with that OpenId Heroku app, once you get this to work with community user in the browser - you'll know which url to put in your react app. React developer might "like" this link too: https://gablesinsurancerecovery.force.com/.well-known/openid-configuration
It's kind of written in this article's footer: https://help.salesforce.com/s/articleView?id=sf.remoteaccess_oauth_endpoints.htm&type=5
Instead of using login.salesforce.com, you can also use the My Domain,
Experience Cloud site, or test.salesforce.com (sandbox) domain in
these endpoints. For hostname, use the My Domain, Experience Cloud
site, or custom URL
GOAL: Create users in Azure Active Directory using our Global Admin account from an API.
PROBLEM: Every single way I try, I get "unauthorized".
WHAT I'VE TRIED:
I've been focusing mostly on this: https://graph.microsoft.com/v1.0/invitations
I've tried as outlined here
the "Authorization Bearer {token}" is problematic -- I can't seem to properly retrieve tokens, using any of the built URLs recommended (ie, combining ClientID & TenantID in the URL.)
I've tried the relevant portions of this, including creating the app, setting permissions on the app, trying both Web API and Native. I'm able to get a code back, but using it always comes back with Unauthorized.
As an aside, I am using Nintex to run this web service, as it is part of my workflow. Typically, web services don't give me issues. So, this sucks.
I'm missing something, here. Any thoughts or direction?
UPDATE: Removed the word "method" - bad choice of phrasing.
If you want to use Microsoft Graph explorer to create user as the global admin, you could use POST https://graph.microsoft.com/v1.0/users, and the required permission is:
Permissions
For the details, you could read Create user.
Global admin runs as a user by default. To grant access to Active Directory, you need to elevate permissions in the portal.
I'm not convinced you have the permissions to create the user, and that's why I think you're getting the error.
Also, try and avoid using Global Admin. Create a Service Principal and provide more granular permissions.
I want to know how to use photobucket api. I successfully created a login in photobucket.
I am following the guidelines given http://api-portal.anypoint.mulesoft.com/photobucket/api/photobucket-api/docs/getting-started
The first step i am failing is that http://developer.photobucket.com is redirecting to different page.
As it is written
Go to the Photobucket developer web site at developer.photobucket.com, agree to the terms of service, sign up, and get the API key.
I am not able to open developer.photobucket.com.
I also see a redirect from developer.photobucket.com to photobucket.com. It seems that they incorrectly configured the redirect. The information about using Photobucket API required link was found in the support section:
Our engineers are working on a new API, with lots of changes, however,
this won't be available to users for a couple more months. Here is the
documentation on the current API.
If you'd rather not wait for this updated API, and would like the
current iteration now, please send an email to our API request email
address with the following information:
Your Photobucket username (This is the username for the account that
you have already created on Photobucket): Your application name
(whatever you would like): Do you require the key for commercial or
non-commercial purposes:
All three of these answers are required!
Send the API request to: pbdl-api#photobucket.com
The subject for the email should be: API Request
I want to access my pentaho user console without login.Could it happen?How?
What i mean user console is page thats appear after login.Like url below:
http://localhost:8080/pentaho/home
I already follow this tutorial but i cant continue to the 3rd step.And the error said
The requested resource () is not available.
Anyone have suggestion?
That tutorial may be slightly dated. Here are the latest instructions from The Pentaho Security Guide: http://infocenter.pentaho.com/help/index.jsp?topic=%2Fsecurity_guide%2Ftask_removing_security.html
I have not enabled anonymous access myself, but have made other customizations to roles and the ACLs. I reviewed these instructions and they seem reasonable and complete.
Good luck!
There is an option following the steps found in this guide: https://help.pentaho.com/Documentation/6.1/0P0/150/040
The documentation might result confusing but it definitively works.
Basically the end result you should get is this:
Autologin with AnonymousUser when you enter the pentaho URL
AnonymousUser only has read privileges
In case you want to edit you enter the login URL and use admin credentials