We already have an API with the URI as Post/v1/payees used for the functionality to add payees. Another API has to be designed for this functionality but in this API only the control flow id shall need to be sent instead of all the fields required for adding the payee. The required fields shall be taken from cache for this API. Please help in suggesting the name for this API.
Related
I want to retrieve data from a data warehouse that has a web-based API, I need to use an API key for authentication and use the GET / Customers command to retrieve the list of customers data, but when I am using that same thing in postman, it's returning the same documentation page of the data warehouse?
I am new to this any help will be really appreciated.
The URL doesn't look valid:
You need a base URL, endpoint, http method, authentication scheme, and credential or a token etc.
I don't know details about your system and API, so let's see an example:
base url is https://stackoverflow.com; your current base url is localhost:4444, is your server running on your machine? If so, it might be correct, but I assumer you're talking about a server running somewhere else, not on your computer
endpoint (path parameter) is /questions/69883697, in your case /customers
http method is GET and you find it here in Postman; it also means it will not go into query parameters where you put it:
authentication scheme - your docs mentions an api key that goes into a header called Authorization, so you have to set it in Headers, not as a query parameter:
Read carefully what's on your screen, Postman uses the same language as your API documentation, so if your doc speaks about headers, you need to go into Headers tab in Postman.
I am currently using Openiddict, Identity and Entity Framework to manage my users and assign Bearer tokens to users to protect my API.
My infrastructure is currently using ASP.NET Core Web API in the back end and a separate React application in the front end. The React application makes HTTP calls to my API to retrieve it's data. There is no server side HTML rendering at all in the back end.
Everything works as I need it to for the most part. I can register users and retrieve tokens from the API. These tokens are included in my HTTP call in the Authorization header. My AuthorizationController uses this: https://github.com/openiddict/openiddict-samples/blob/dev/samples/PasswordFlow/AuthorizationServer/Controllers/AuthorizationController.cs with a few minor tweaks. My Startup.cs also uses almost exactly this https://github.com/openiddict/openiddict-samples/blob/dev/samples/PasswordFlow/AuthorizationServer/Startup.cs
In some instances, I need to make API calls to the endpoints that are specific to the user. For instance, if I need to know if a user has voted on a comment or not. Instead of passing along the users ID in a query string to get the user details, I would like to use the Bearer token I received that they use to make the API call for that endpoint. I am not sure how to do this though.
In some research I have done it looks like some samples use ASP.NET Core MVC as opposed to the API to retrieve the user with the User variable as seen here https://github.com/openiddict/openiddict-samples/blob/dev/samples/PasswordFlow/AuthorizationServer/Controllers/ResourceController.cs#L20-L31 however this seems not to apply to my infrastructure.
My question is how do I look up a user based on the Bearer token passed to the API to look up a users details from my database? I am assuming that all of the tokens passed out by the API are assigned to that specific user, right? If that's the case it should be easy to look them up based on the Bearer token.
The question is: How with Openiddict can you look up a user based on the token that was assigned to them for API calls? I need to get the user details before anything else can be done with the application first. Is there something baked internally or do I have to write my own support for this?
When you create an AuthenticationTicket in your authorization controller (which is later used by OpenIddict to generate an access token), you have to add a sub claim that corresponds to the subject/entity represented by the access token.
Assuming you use the user identifier as the sub claim, you can easily extract it from your API endpoints using User.FindFirst(OpenIdConnectConstants.Claims.Subject)?.Value and use it to make your DB lookup.
I've implemented an application using Moqui Framework. I provided url:http://localhost:8080/fvl-plus-runtime/rest/s1/example/examples
It is getting error like:
User [null] is not authorized for View on AT_REST_PATH [/example/loginexamples/{username}]
You can add ArtifactAuthz records for all users, like the ones already in place for admin users for the REST APIs. In general it is best to secure all API access, and that is how things are setup by default. There are various examples you can follow to see them in action, see the extensive comments in the rest.xml file (the XML Screen for the /rest path).
This feature as been added in commit #44272ba. You are now able to create a new REST service and set require-authentication=anonymous-view or anonymous-all.
See How to create a publicly accessible REST API in Moqui for more details.
Can anyone guide how to integrate with Silverpop, using OAuth(tokens)?
I referred this link
connecting to web api using c#
and I was able to get access token. After this I don't know how to proceed.
Thanks.
Take a look at my github repo:
https://github.com/marcelluseasley/IBM-Marketing-Cloud-XML-API-Wrapper
It isn't finished, but I started working on an XML API wrapper for the Silverpop API. First of all, if you are trying to integrate with the API, you should be able to contact client support and get a copy of the API PDF.
In any case, you should have a client id, client secret, and refresh token. You will need these three things along with a header value of "refresh_token" for the "grant_type" header key.
So you will first sent a post to https://api(pod number).silverpop.com/oauth/token . This will return an access token in a json dictionary ("access_token").
Any subsequent calls made to the API endpoint (https://api(pod number).silverpop.com/XMLAPI will require that you pass this access token in the header section of your request:
"Authorization:" would be the header key and
"Bearer: (access token)" would be the header value
Looking at my code will make it clearer if you are using Python. Your best bet is to get a copy of the API documentation. You have to be a Silverpop client to get a copy though.
Good luck.
Check the follwing:
http://www.codeproject.com/Articles/758362/SilverPop-Integration
Follow the step by step guide.
I'm using fusion tables with an android app that I'm developing in AppInventor, and I had a question about the SQL Query for updating a row.
Now, before I ask the question, I will let you know that I would have included some screenshots of my blocks-editor code, but my boss told me I had to keep the app 100% closed source, so I can't provide any. Hopefully I'm not being too vague.
Anyways, I set a FusionTablesControl query using the "make text" block and the Google API UPDATE query, but when I send the query on my test device (Samsung Galaxy Player 5), the overlaying "Fusion Tables" load screen pops up for only a split second (it normally shows for 2 or 3 seconds). When I check the tables, there has been no change.
I think syntax is still a potential problem because when I typed the encoded URL into google chrome's address bar, it still didn't update the table. Here is the basic syntax of what I typed into the address bar.
https://www.googleapis.com/fusiontables/v1/query?sql=UPDATE%20tableID%20SET%20(Column1%3Ddata1%2C%20Column2%3Ddata2%2C%20Column3%3Ddata3%2C%20Column4%3Ddata4)%20WHERE%20ROWID%20%3D%20%27rowID%27
The decoded URL after the "sql=" part is:
UPDATE tableID SET (Column1=data1, Column2=data2, Column3=data3, Column4=data4) WHERE ROWID = 'rowID'
Any help would be appreciated.
Also, is it possible to set Google's API response to CSV instead of JSON?
Thanks,
~T16626
This does not work like that, because you did not use authentication. More about that see here:
Identifying your application and authorizing requests
Every request your application sends to the Fusion Tables API needs to
identify your application to Google. There are two ways to identify
your application: using an OAuth 2.0 token (which also authorizes the
request) and/or using the application's API key. Here's how to
determine which of those options to use:
If the request requires authorization (such as a request for an
individual's private data), then the application must provide an OAuth
2.0 token with the request. The application may also provide the API key, but it doesn't have to. If the request doesn't require
authorization (such as a request for public data), then the
application must provide either the API key or an OAuth 2.0 token, or
both—whatever option is most convenient for you.
To access a fusion table with App Inventor, you have 2 possibilities:
use the built-in fusiontable control blocks, how to set up everything for App Inventor please see the Pizza Party tutorial
use the web component with authentication, for details see here