I am trying to receive notifications for ItemListed from the Ebay API on Production.
I have successfully subscribed to Ebay's notifications although I am not receiving any mail or call to the specified URL upon actions that I surely know have happened.
I logged in to my developers account and set the right URL and email for notifications.
This is the XML code for the subscription:
<?xml version="1.0" encoding="utf-8"?>
<SetNotificationPreferencesRequest xmlns="urn:ebay:apis:eBLBaseComponents">
<!-- Use the Developer portal or the <ApplicationDeliveryPreferences> container to set
the Application delivery settings -->
<RequesterCredentials>
<eBayAuthToken></eBayAuthToken>
</RequesterCredentials>
<ErrorLanguage>en_US</ErrorLanguage>
<WarningLevel>High</WarningLevel>
<ApplicationDeliveryPreferences>
<!--Enter an email address-->
<AlertEmail>mailto://email#email.com</AlertEmail>
<AlertEnable>Enable</AlertEnable>
<ApplicationEnable>Enable</ApplicationEnable>
<ApplicationURL>MYHHTPSURL</ApplicationURL>
<DeviceType>Platform</DeviceType>
<DeliveryURLDetails>
<DeliveryURL>MYHTTPSURL</DeliveryURL>
<DeliveryURLName>TEST</DeliveryURLName>
<Status>Enable</Status>
</DeliveryURLDetails>
</ApplicationDeliveryPreferences> -->
<!-- Use the UserDeliveryPreferenceArray to enable to the user for various Event -->
<UserDeliveryPreferenceArray>
<NotificationEnable><EventType>ItemListed</EventType>
<EventEnable>Enable</EventEnable>
</NotificationEnable>
</UserDeliveryPreferenceArray>
</SetNotificationPreferencesRequest>
I am adding a pastebin link with the GetNotificationPreferences:
https://pastebin.com/JBAnnX8d
To me everything seems completely fine. Anyone can shed some light?
Might be helpful to people having this problem in the future. I solved it by
authenticating to the API through eBay's authnauth system. Weird solution but works.
Related
Im completely new to Salesforce and API's.
Im trying to make a Merge record call using SOAP API . Using Postman for the same .
I have imported the WSDL to my local , Called Login method to get the serverURL and sessionId.
Using these parameters to make subsequent merge calls .
During the login , I have used username and password to authenticate .
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<login xmlns="urn:enterprise.soap.sforce.com">
<username>username</username>
<password>password+auth_token</password>
</login>
</soap:Body>
</soap:Envelope>
and getting the below response:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns="urn:enterprise.soap.sforce.com" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Body>
<loginResponse>
<result>
<metadataServerUrl>https://**company_name**--dev.my.salesforce.com/services/Soap/m/54.0/00D0Q0000000QP8</metadataServerUrl>
<passwordExpired>false</passwordExpired>
<sandbox>true</sandbox>
<serverUrl>https://**company_name**--dev.my.salesforce.com/services/Soap/c/54.0/00D0Q0000000QP8/0DF0Q0000004Ct6</serverUrl>
<sessionId>**masked**</sessionId>
<userId>xxx</userId>
<userInfo>
.....
</userInfo>
</result>
</loginResponse>
</soapenv:Body>
</soapenv:Envelope>
Later im making the Merge call using the session ID returned from the above .
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:urn="urn:enterprise.soap.sforce.com"> xmlns:sobject="urn:sobject.enterprise.soap.sforce.com">
<soap:Header>
<urn:SessionHeader>
<urn:sessionId>**masked**</urn:sessionId>
</urn:SessionHeader>
</soap:Header>
<soap:Body>
<merge xmlns="urn:enterprise.soap.sforce.com">
<request>
<masterRecord xsi:type="sobject:Account" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<Id xmlns="urn:sobject.enterprise.soap.sforce.com">0010Q00001abcdefgh</Id>
</masterRecord>
<recordToMergeIds>0010Q00001ijklmnop</recordToMergeIds>
</request>
</merge>
</soap:Body>
</soap:Envelope>
and able to merge the records.
My question is - what should the body be if i donot want to use username and password but use Bearer token.
Can i call the login method without passing username and password?
You might be a victim of XY problem. You can't do it in SOAP API, will REST API be an option?
SOAP API's login call demands username and password (+ optional "security token", extra thing you add to password if you log in from untrusted IP). There are no other ways around it.
REST API has more options for logging in but it'd help if you read up about OAuth2 a bit before diving in. You call login and (similar to SOAP API) get back endpoint to use from now on and access_token. That access_token acts like SOAP APIs session id, you use it in next requests. Most of the time they should be interchangeable, access_token obtained via REST should be good to use in SOAP API calls.
If you already have session id / access token (will look like "00D...!....", first part is org id which you can see in Setup -> Company information for example) - you don't need login call. Call the SOAP API's merge directly and pass that value in <urn:sessionId>.
If you don't have session id, want to log in but without hardcoding username and password in your application... You have LOTS of options. Selecting right method is an art and it depends what are you making. A website, a mobile app? For internal users or community? Will it hold some credentials (for example if it needs sysadmin powers, working in background without human interaction) or will it show users the SF login screen and redirect back to the app? There's even "Internet of Things" stuff for pieces of equipment reporting their status to SF or logging in on device without keyboard (TV, fridge) where you initiate process there and finish on laptop or phone...
If you've never heard about OAuth2 before it's a big topic, "login with Google/Facebook/Twitter/LinkedIn" is just a piece of it. You'll be better off reading some blogs, checking out https://trailhead.salesforce.com/en/content/learn/trails/build-integrations-using-connected-apps or even studying to the Identity and Access Manager certification. Clicking through https://openidconnect.herokuapp.com/ might help too.
There's "username-password flow" which looks almost like SOAP API's login.
There's web server flow and user-agent flow for websites & mobile apps to send user to SF login screen (can be really SF, can be some single sign-on, doesn't matter) and back to the app. So your app doesn't see the password, doesn't see any credentials
There's refresh token option in some of these flows (you logged in once with another method, your app received access_token but also refresh_token. When access expires - app can use refresh_token to silently get back to the system without asking user to log in again. For 60 days for example). So you could still have initial "human authorises connection between the apps" but then it can just work in the background
There's JWT flow which you'll have hard time trying in Postman but there are examples such as this and this. You establish trust between SF and your app by uploading a certificate to Salesforce, marking user as allowed to use this method and then the app sends a special request just with username, no password needed.
Hi and thanks for taking this time to look,
I've recently been asked to investigate integration using CRM Online 2015, I've come across some issues trying to Authenticate using Raw SOAP requests.
While I know there's other ways to authenticate, predominantly the using the CRM SDK, my iron will is pushing me to find a solution using Raw SOAP.
I came across a very helpful blog by Jason Lattimer: http://jlattimer.blogspot.co.uk/2015/02/soap-only-authentication-using-c.html
Following this sample, I successfully authenticated with a Trial CRM account using RAW SOAP... Great... Done... I was wrong.
As soon as I pointed this sample at the CRM development environment I got a SOAP error:
<?xml version="1.0" encoding="utf-8" ?>
<S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust" xmlns:psf="http://schemas.microsoft.com/Passport/SoapServices/SOAPFault">
<S:Body>
<S:Fault>
<S:Code>
<S:Value>S:Sender</S:Value>
<S:Subcode>
<S:Value>wst:FailedAuthentication</S:Value>
</S:Subcode>
</S:Code>
<S:Reason>
<S:Text xml:lang="en-US">Authentication Failure</S:Text>
</S:Reason>
<S:Detail>
<psf:error>
<psf:value>0x80048821</psf:value>
<psf:internalerror>
<psf:code>0x80047860</psf:code>
<psf:text>Direct login to WLID is not allowed for this federated namespace</psf:text>
</psf:internalerror>
</psf:error>
</S:Detail>
</S:Fault>
</S:Body>
</S:Envelope>
The only difference I can think between the Trial version which worked and the development environment is that the development environment setup uses ADFS / AD On-Premises.
Fiddler logs show that Jason's Sample goes straight to login.microsoftonline.com whereas CRM SDK (which works) goes to dynamicscrmemea.accesscontrol.windows.net.
So I believe this is the problem area!
I've been around in circles on stack overflow/other sources, I have a feeling it will a relatively small change required to the SOAP request but I've reached the point where I need some fresh eyes/advice.
Has anyone had experience with this setup? Can anyone gently push me in the right direction?
Many Thanks
Gareth
We experienced a similar issue, attempting to create a BizTalk integration. Eventually we resolved the issue by using a Windows Live/Office 365 account to actually connect with, rather than one that authenticated against the actual AD. CRM determines authentication types by User, not by org, so you can mix and match...
I got a problem with OpenAM. Need your help.
I installed OpenAM and simply configured it as an IDP - set name and circle of trust. Then I added a remote SP by uploading SP metadata, see below
<?xml version="1.0" encoding="UTF-8"?>
<EntitiesDescriptor Name="urn:mace:shibboleth:testshib:two" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" mlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<EntityDescriptor entityID="http://192.168.0.6:8080/employee/">
<SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol http://schemas.xmlsoap.org/ws/2003/07/secext">
<NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
</NameIDFormat>
<AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://192.168.0.6:8080/employee/" index="1" isDefault="true" />
</SPSSODescriptor>
</EntityDescriptor>
</EntitiesDescriptor>
SP and IDP are in the same Circle of Trust.
When I do SAML request for auth from SP to IDP, I get to login page of OpenAM with SAMLRequest=... as URL params. Decoded SAMLRequest is below
<samlp:AuthnRequest AssertionConsumerServiceURL="http://192.168.0.6:8080/employee/"
Destination="http://192.168.0.7:8181/openam/" ForceAuthn="false"
ID="ID_479ff8a2-8dc5-44b5-997f-0438a2d87417" IsPassive="false"
IssueInstant="2015-01-07T13:31:01.067Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Version="2.0">
<saml:Issuer>http://192.168.0.6:8080/employee/</saml:Issuer>
<samlp:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" />
</samlp:AuthnRequest>
Then i do login and come to user profile page in OpenAM, instead of redirect to SP. Why it happens? What should I configure to enable redirect back to SP?
There are several things you could do:
Don’t use IP address when installing OpenAM, because cookies will not be saved on such addresses, so you can easily encounter weird problems like this.
If you have goto URL validation enabled (by default it'd disabled), then there were some old bugs around not handling redirect URLs correctly. Not sure which version you are using, so this may not really apply to you.
You should capture the network traffic with tools like LiveHTTPHeaders Firefox plugin or similar, so you can see how the HTTP requests go around. That should help you determine where exactly are things going wrong.
I sometime get this error while trying to add Accounts(v1.0/jsonsdk/SiteAccountManagement/addSiteAccount1) or get MFA Response(v1.0/jsonsdk/Refresh/getMFAResponseForSite)
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<Errors xmlns="http://namespace.yodlee.com/pfm/2009/Error">
<Error>
<errorDetail>Token authentication failed for cobrand/user Stale conversation credentials</errorDetail>
</Error>
</Errors>
can someone help me that issue.
Thank you.
Yodlee doesn't allow multiple user login and hence this exception comes when you have logged in the user again by calling the Login(/authenticate/login) API and still using the old userSessionToken.
Please use the login (/authenticate/login) call once and use the same userSessionToken for all the API calls for next 25-30 minutes.
I am very new to ELK stack and am trying to hit APIGEE analytics REST API, which is in the form of a URL. The response from the URL would be a JSON file. What is the best approach to go ahead with the implementation?
I hope the question is still valid. If I understand it correctly you want to send logging data to an ELK stack. So why not send it instead of retrieving it?
Below is an example of how this policy works on the apigee platform. You need to add it to any API proxy and preferably at the PostClientFlow:
....
</PostFlow>
<PostClientFlow>
<Response>
<Step>
<Name>Message-Logging-Policy1</Name>
</Step>
</Response>
</PostClientFlow>
Below the policy.
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<MessageLogging async="false" continueOnError="false" enabled="true" name="Message-Logging-1">
<DisplayName>Message Logging</DisplayName>
<Syslog>
<Message>{system.time.year}-{system.time.month}-{system.time.day}:{system.time.hour}-{system.time.minute}-{system.time.second}.{system.time.millisecond} {apiproxy.name} {request.header.x-requestor-app} {request.header.x-realm} [{request.header.x-requestor-type}|{request.header.x-requestor}] </Message>
<Host>logstash.xxxx.com</Host>
<Port>514</Port>
</Syslog>
Hope this helps.