I am trying to send FCN messages to a closed user group using the HTTP v1 protocol.
Note: By my definition a "closed user group" is a group that users can not enter themself. Only an admin or a server-side program with certain credentials can add a user to the group.
My first tests using a topic were successful:
POST https://fcm.googleapis.com/v1/projects/<my_project_id>/messages:send
Authorization: Bearer <oauth token from GoogleCredential.getAccessToken()>
Content-Type: application/json; UTF-8
{
"message": {
"notification": {
"title": "Sample title",
"body": "Sample body 15:33:31"
},
"android": {
"ttl": "172800s"
},
"topic": "MyTopic"
}
}
My problem is that topics aren't closed. Any user can subscribe on any topic and I can't limit it (one can only hide the option but on code-level you can still subscribe to every topic).
The only possible approach I see is to create an Audience and specify explicitly users by their user-id to belong to the audience.
I did this and I have now an Audience but there seems to be no way to specify an audience as message receiver. I tried to use the condition field of the message object (instead of the topic field), however it seems that one can only specify topics in it.
Is there a way to send a message to an Audience group? Or is there an alternative way to achieve sending a message to a closed user group?
Related
This only happened in the past few days that I am having this issue but only for getting an Item. I can get contacts and get branding themes. Therefore, tenand id is working and accesstoken.
This is the endpoint when i'm getting item:
https://api.xero.com/api.xro/2.0/Items/SHO B 100 S
Response:
{
"Type": null,
"Title": "Forbidden",
"Status": 403,
"Detail": "AuthenticationUnsuccessful",
"Instance": "94aa22f4-6ba1-43f6-8f76-699befb1b1f3",
"Extensions": {}
}
And this is the scope:
offline_access accounting.transactions openid profile email accounting.contacts accounting.settings
I am not sure what had changed but everything is working except getting an item. Please tell me how can I fix this and what causes the issue. Thank you so much in advance.
Couple of things you can confirm to debug this.
You have a valid, refreshed access_token (Can you make api calls to any other endpoints? is the JWT's "exp" > than current time?)
Did you add the scope after you generated the initial token? (To test, completely clobber the token set, and re-generate a new one going through the OAuth2 flow)
The query looks correct. The screenshots are when I query an item with a code that exists and doesn't. You should get a 404 if not found not a 401 so I def think its something in #1 or #1
Here is the google oauth2 discovery url.
https://accounts.google.com/.well-known/openid-configuration
And in the response, it looks like this
{
"issuer": "https://accounts.google.com",
"authorization_endpoint":"https://accounts.google.com/o/oauth2/v2/auth",
"token_endpoint": "https://oauth2.googleapis.com/token",
"userinfo_endpoint": "https://www.googleapis.com/oauth2/v3/userinfo",
"revocation_endpoint": "https://oauth2.googleapis.com/revoke",
"jwks_uri": "https://www.googleapis.com/oauth2/v3/certs",
...
The token_endpoint in the google document here https://developers.google.com/identity/protocols/OAuth2WebServer#exchange-authorization-code said it should be https://www.googleapis.com/oauth2/v4/token.
Maybe recently the token_endpoint is updated, but when I use https://oauth2.googleapis.com/token this one to exchange token with code., I will get an error response.
{ "error": { "code": 400, "message": "Request contains an invalid argument.", "status": "INVALID_ARGUMENT" } }
And if I use https://www.googleapis.com/oauth2/v4/token to do the same thing, everything is fine.
Is there anything changed in google identify platform? Thanks!
The OAuth endpoint has been updated a number of times over the last five years. I normally follow the one i the discovery doc but your example shows that that is not always the best course of action all of the time.
I have never heard of google shutting down old endpoints i suggest you use the one that works. As a side note i will contact Google to see if i can get some feed back as to why one call worked and the other didnt.
I am currently trying to create a transaction or checkout from Postman, I set the Header with a full access token but the API always response:
{
"errors": [
{
"category": "AUTHENTICATION_ERROR",
"code": "FORBIDDEN",
"detail": "You have insufficient permissions to perform that action."
}
]
}
Attach the OAuth screen.Permissions image
and the postman request. https://www.getpostman.com/collections/4fe6fec54384fc10d152
Unfortunately, this is due to you not being in one of the countries currently available to Square's APIs: https://docs.connect.squareup.com/articles/faq-international-availability?q=country. You will not be able to make payments using the API when outside of the countries listed above.
Furthermore, you should never share your personal access token with anyone (which you show in your screenshot). Please change this immediately, by navigating to your Square dashboard and clicking "Replace" on your "Credentials" tab.
I try get surveys results through the api, but I am still getting an errors.
I am able to get google calendar events, but when I try get list of surveys, or results (https://www.googleapis.com/surveys/v2/surveys/{survey_ID}/results), I am getting:
"domain": "global",
"reason": "INVALID_CREDENTIALS",
"message": "User must be authenticated to make this call. Request Id: 5a73195500ff0c64532dccb0ef0001737e3430322d747269616c320001707573682d30312d33312d72313100010163",
"locationType": "header",
"location": "Authorization"
}
It looks like I have bad access token, but with same token and method, I get for example calendar events.
It looked like I have no scope, but when I issue this request https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={valid_token} I get correct answer:
"issued_to": "822311642112-***********.apps.googleusercontent.com",
"audience": "822311642112-***********.apps.googleusercontent.com",
"scope": "https://www.google.com/calendar/feeds/ https://www.googleapis.com/auth/surveys",
"expires_in": 2983,
"access_type": "offline"
I have enabled Survey api in my account. I am running this code from visual foxpro desktop application over windows object Microsoft.XMLHTTP
Any idea what am I doing wrong?
EDIT:
This is not duplicate of this question because my authentication credentials work fain with calendar, but not working with surveys.
It looks like Maia Werbos has correct answer for me, now I am getting response that request is correct (status: 200), but response contains just requestId.
Maia thank you very much.
Your request shows that you have the following two OAuth scopes enabled:
https://www.google.com/calendar/feeds/
https://www.googleapis.com/auth/surveys
But you also need to have the email scope enabled to use the Surveys API (see the Surveys API Getting Started Guide for more info):
https://www.googleapis.com/auth/userinfo.email
I have web app that I am adding DocuSign Embedded Signing to that is used both on Desktop as well as Mobile device. I have been told that the iFrame solution of SOAP API is unreliable (as I have also experienced). I am attempting to implement using REST API. Here is my status:
I have successfully executed the REST API Sample for Embedded Signing from the API Walkthrough.
I have successfully adapted the envelop to include two different signers, and then successfully completed the signing process for signer1.
How do I get the second signer signing session in a browser window?
Is there a sample (or secret sauce) for how to get the embedded signing session for signer2 to launch?
MANY MANY thanks in advance.
To generate a URL token for the second recipient you follow the same process you used for the first recipient. You make the same http POST request but simply reference the email, username, and clientUserId of your second recipient.
For instance, when you were generating the URL for your first recipient, you probably had a request body similar to this:
{
"returnUrl": "http://www.docusign.com/devcenter",
"authenticationMethod": "None",
"email": "email1#gmail.com",
"userName": "Name 1",
"clientUserId": "1001"
}
The DocuSign system uses the combination of their email, userName and clientUserId to uniquely identify this embedded recipient (also known as a captive recipient). So when you add your second recipient to the envelope you should have given them their own clientUserId value that's different from the first recipient. Then, the system will be able to identify them and generate a URL token for this second recipient.
For example, if you added a second recipient to the envelope with the following information:
{
"email": "email2#gmail.com",
"name": "Second Recipient",
"roleName": "Signer1",
"clientUserId": "1002"
}
Then you'll want to make the same http POST call you made for the first recipient, but with the following information instead:
{
"returnUrl": "http://www.docusign.com/devcenter",
"authenticationMethod": "None",
"email": "email2#gmail.com",
"userName": "Second Recipient",
"clientUserId": "1002"
}