I receive this role does not have permission for this action. WHen I try to add a Azure QnA Service.Not sure how to get around it
Go to access control (IAM) blade of your qnamaker service in azure portal
Add role assignment
Select Cognitive Service QnA Maker Editor Role
Select the identity you are using to log on to qnamaker.ai
Save
This will resolve the issue and you should be able to select your qnamaker service.
Recreate one from the QnAMaker page, then once you created it, refresh the whole page (not by clicking Refresh Button on the current QnAMaker.ai/Create page).
If that doesn't work, delete the current QnAMaker service, recreate it, and do the above process.
It worked for me.
You must go to access control (IAM) and add a role assigment.
First you need to select owner and your assignemt access (Azure AD user, group, or application. Then, the identity that you are using to log on to qnamaker.ai and save.
By the end, repeat all the before process, but instead of owner you must select contributor and save. Refresh the page and Voil`a ;)
Related
I spun up a simple AspNetCore (3.1) web application based on a built in template with in-app authentication (following basic tutorials).
I can run my app and when I try to go to a secured page I'm required to log in.
I register and can log in as expected. I can find my user in the AspNetUsers table in the database.
I want to create "temporary" users that can access some functionality before logging in or registering.
This temporary user would be valid for x days, they can save data to the database and can come back to the website and retrieve that data. If they choose to login or register, this data will be either merged to their account, or the temporary account would become permanent.
Should I create a full user in AspNetUsers, or use some separate method to keep this data.
If I save it to AspNetUser with a temporary role, they won't have a username, password or email, and I want them to auto-login when they leave and come back.
Does functionality like this already exist in AspNetCore Identity?
Newbie to Parse Server here.
I have an app which reads data from Parse Server and displays it to users without logging them in.
I want to create another 'Admin' app which will allow ONLY ONE pre-populated admin user to login and change the data. Is this possible via Facebook login? I would prefer Facebook login because with normal (user, password) login I can't implement 2FA easily on Parse Server. Facebook login would take care of the issue since the user is already logged into Facebook using 2FA.
Is this possible? Any suggestions / pointers would be appreciated. I am coding both apps in React Native. The first app is complete.
The type of login has nothing to do with the abilities a user has. The simplest solution for your desired setup is using class-level permissions:
create a new Role object and name it accordingly, e.g. admin
add your admin user to that role
set class-level permissions for your data classes: grant public read access, limit write access to the admin role
Now every user can see all the data, but only members of the admin role are able to manipulate them. If you want you can add more users to the role to also give them write access.
BTW: all these steps can be performed in Parse Dashboard, no coding required.
EDIT
Actually you can have it even simpler, the class-level permissions can also be granted to a single user -- so no need for a role, if you really only need one admin.
I am working on Netsuite and I'm new to it, so I need help. After creating roles and assigning a user to that specific role, I want to assign them to an application created using the integration record. When I wanted to create an access token, after selecting the application in the application name drop down, I am not finding any users or roles in the user drop down box and the role drop down box:
This is where I am facing the problem. So I need a solution to select users in the drop down box.
This link tells you all you need to know about setting up TBA and the correct basic permissions needed:
Token Based Authentication
Your user needs to have a role assigned to it with the following basic permissions:
User Access Token: Full
Access Token Management: Full
Web Services: Full
Once this role has been assigned to your user, the user will be available for selection when creating a token.
Go to the role you have setup for this OAuth and click Permissions tab > Setup and make sure User Access Tokens permission is there.
Here are the docs for setting up TBA roles. Maybe you are missing one of the permissions?
Getting Started with Token-based Authentication
I'm working on a project to pull information from a SharePoint calendar and and post it into the atTask Time Off calendar. This should be pretty simple, but nothing in the AtTask API works the way I would expect. I've already asked about the "POST" action deleting existing records. Now I'm running into some strange rights issues.
I have administrator rights in our AtTask sandbox. I am able to access the Time Off records (RESVY) for all users on the system. I am able to delete them without issue. However, I am only able to create new records (POST) for myself. When attempting to create a new record for another user, I'm plugging in the sessionID from my login as the administrator and the other users userID.
The result is an error message: "You do not have sufficient access to edit this User".
It seems odd that the API would allow me to delete the RESVT records for another user, but no create new records.
We are using Active Directory for authentication into AtTask, so I don't have access to the passwords of the other users. This is really getting to be a headache.
Thanks in advance,
Mark
To update another users Time-Off the following 3 scenarios will allow you to mark time-off for another user. This is using the new access module.
You are a system admin
You have User Admin setting enabled in your access level settings (Located under the Fine Tuning option through the Edit Rights at the user level)
You have users who report to you (you are a manager) you will be able to edit users Time-off for users who report to you.
I am creating an app in ai2 that connects to one of my fusion tables as a high score datastore.
If I use traditional Oauth2 flow then each user would be presented with an oauth login for their fusiontable, which is not what I want.
I have set up a
Client ID for Android application
in the google developer console which gave me
Client ID xxxxxxxxx.apps.googleusercontent.com
Redirect URIs
urn:xxx:xxx:xxx
http://localhost
Package name appinventor.ai_xxxxxxxx.xxxxxxxx
Certificate fingerprint (SHA1) 12:34:56 etc
Deep linking Disabled
What I want is for my app to connect to my fusiontable using my credentials regardless of which device or which user. How do I do that?
Thanks
This document is a very simple and straight-forward guide to creating a fusion table for your app.
https://docs.google.com/document/d/1HifuZqz5xu0KPS-e4oUv-t-nQoUQ8VMNyh_y6OjZkc0/pub
Steps:
First, you have to create a project at console.developers.google.com.
Then go to the API manager in the menu. Search for and enable the fusion tables API.
Now create a service account key. You may have to look in the credentials menu for this setting. Choose "enable Google apps-wide delegation". A service account is a localized email address that your app can use when you share the fusion table with that account. It provides more security than the anyone with the link can edit setting.
Now go to New Credentials > Service account key. Select P12, and the file will automatically download. If the name of the file has spaces, remove them.
Next, create a google fusion table.
Now share the table with the service email you created. Set the permission to Can Edit. Uncheck the notify box and hit Share.
Now, go to App Inventor. You need:
Your Service Account Email address (also called service account ID)
Service Account key file (.p12)
Fusion Table ID code (don't worry about this yet)
First, upload the key file.
In the fusion tables component property menu, set the KeyFile property to the key file. Copy the email address you created earlier and paste it in the ServiceAccountEmail property. Check the Use Service Authentication box.
Last thing: In the fusion table, go to File > About This Table. Copy the table Id. When you do operations with the table, you will need this id. You can store it in a variable if you want.
This property means that you can share and use multiple different tables with the same service account. Just share the other table(s) you will use with the service account and use that table's id when you do operations with that table.