Apple Developer account - how can I automatically switch team? - app-store-connect

Is there a way to automatically (i.e. programatically, via a specified URL, or by some other means) switch team after logging into the Apple Developer portal, but without using Fastlane? I have the following scenario:
I have a user who is admin on 2 different Apple Developer accounts
I want to log into the Apple Developer portal as the user, and do the following:
Access the 'Certificates, IDs & Profiles' section, and switch to using the team that I specify
Access iTunes Connect using the team that I specify
The reason I need this is that I want to automate logging into the Apple Developer portal and perform some maintenance tasks against a specific team, and Fastlane isn't an option right now.
I've tried using the following URL for accessing the 'Certificates, IDs & Profiles' section:
https://developer.apple.com/account/ios/certificate/?teamId=MY_TEAM_ID
however it doesn't switch to the specified team. I've tried a similar thing for iTunes Connect using the 'switch' parameter on the URL, but that doesn't automatically switch either.

It's a little bit tricky:
For the account overview page, the different links are working:
https://developer.apple.com/account/#/overview/ABCDEFGHI
But for the actual certificates page, Apple saves the team ID in local storage. If you change it here, it will show/get you the page you want.
As iTunes Connect is a completely different site, the team selection seems to be based on cookie values, but them look to be encrypted or something.
It really depends on what kind of "Maintenance tasks" you want to do.

Related

Moodle - Any way to get Access logs without plugin or direct DB?

As an instructor, I want to be able to visualise a number of aspects of when my students are accessing my courses and materials. My institution refuses to give me DB access, and won't let me install a plugin. Is there any way I can pull this data? I could easily do it with a few lines of code in Canvas, so using moodle feels like stepping back in time. I've been exploring developing an LTI app as an option (I've got the demo LTIJS app working) Any ideas?
You can access user logs in a course by going to Participants then click on the user you want to track and you will be taken to their course profile. From there, you can choose any option in the "Reports" section. You will need to have the proper capabilities. The reports shown in the screenshot are from a site admin account.

Verification Google OAuth2 concert scren with the apps for personal use only

I recently asked this question and user's #DalmTo and #Sergio NH they gave me an exhaustive answer for which I thank them very much.
Moving forward to question, we started publishing the application, and its verification was not required, since no scope was added (here it is a little unclear why the requests worked in an application with a test mode in which these scope were not added (google drive, google sheet and google ads)).
However, this time the application in the "In Production" mode began to give us an "Unverified app screen" (see Unverified app screen). We decided that we still need to add scope to the list, and, of course, that the scope list (their list is described above) requires verification by Google.
We started filling in the necessary fields, while studying the Google documentation at the same time, and came across the following information (see block Verification process -> What are the requirements for verification?):
Apps not applicable for verification
Apps for internal use only
(single domain use) Apps for personal use only Apps that are Gmail
SMTP plugins for WordPress Apps that are in development or
staging/testing
Apps for personal use only
And this is just our case: we have already received permission from Google Ads and are just generating simple reports that we want to integrate with Google Sheet. I.e., this is an elementary script that works within this account (however, we still need to request the first concert screen, even for this developer account) and cannot be distributed to any other accounts.
But when adding our scope, Google requires us to pass verification, forcing us to fill in the required fields, in the form of domains and their verification via the Search Console (we have already done this and this stage does not cause difficulties) and links to Youtube videos - where we must show how scope is used.
And just this stage is not clear. We do not allow other people's accounts to connect to this application, and the software does not have any interface, it is just a script that receives data from Google Ads and saves it to Google Sheet (creating a file via Google Drive). We have described all this in the scope usage description field. But the link to the Youtube video is require field, and we sincerely do not understand why (considering our case) we should record something, and most importantly, what exactly we should record in this case. If the documentation itself says that in our case we do not even need a verification.
Maybe we did not understand something and now we are doing it wrong? We will be glad to receive any tips from experts working with Google Cloud Console and apologize in advance for broken English.
We also apologize in advance to the StackOverflow community that we have to publish such elementary (which we are absolutely sure of from our side) questions here. We come here from Google Cloud Console - > Support - > Community support, and we must first try to publish posts in the Google Groups specified there, but they simply do not answer us, apparently considering our questions too elementary and not worthy of attention (however, these same questions in Google Groups are moderated) (for example, the previous question). And we are no longer able to contact any other support. Once again, we apologize for having to ask about this here.
It is true that if your app is a single use app then you do not need to be verified.
However if you don't get your app verified then there will be some restrictions.
you will see the unverified app screen
your refresh tokens will probably only be good for two weeks.
In the case of the YouTube api uploaded videos will be suck private.
If you can live with those points then you don't need to verify your app and you can continue as is.
If on the other hand you don't want to see the unverified app screen and you want a refresh token that will last longer then two weeks. You will need to verify your app. Yes, Even if your app is a console application running as a job some where you still show the consent screen. This is the YouTube video you will need to show Google. Show the consent screen popping up show the URL bar and then show your script running. You also need to set up the homepage and privacy policy screens. Yes i 100% agree with you that this is silly.
When you go though the process. Explain to google that this is a single use script running as a job some where.
Unfortunately when Google changed it so that Refresh tokens expire for unverified apps they pretty much tied the hands of all developers who are running such single user scripts. We now have to get our apps verified if we don't want to have to request a new refresh token every two weeks.
If your program needs to access the requested scopes of the Google account privacy, even though the user is yourself, you also need to provide a youtube video to demonstrate how you use this program. The auditor cannot guarantee whether you will make this program public.

Azure API Management Developer Portal

I have a requirement to expose the APIM Developer Portal to external partners, I want the developer portal to be my one stop shop for these partners to access and learn everything they need to know about my APIs, in the main APIM Developer Portal satisfies that requirement but when I want to add new content e.g. specific design, architecture, user guide documentation etc about the API it starts to get very confusing, for a start it looks like the depreciated publisher portal (which still exists) is the only place that I can add new pages. The new pages seem very limited and clunky and cannot be amended in the new version of the portal. There is also very limited documentation outside the standard MS stuff and nearky all of that relates to amending the current pages and templates.
My site will go live at the end of the year and I don't want to find one day these new content pages missing from the portal and my supporting documentation removed.
Does anybody know where Microsoft is going with the developer portal for customizing outside outside the standard templates they offer or can anybody supply me with a link of documentation that addresses new content pages?
It looks like the depreciated publisher portal (which still exists) is the only place that I can add new pages
Yes, you need to use the publisher portal to add new pages.
The new pages seem very limited and clunky and cannot be amended in
the new version of the portal.
What do you mean by new version of the portal?
I am going live at the end of the year and I don't want to find one day these new content pages missing from the portal and my supporting documentation removed.
If your worry is that API Management will automatically remove your content because of publisher portal deprecation - you can rest assured this is not going to happen, especially without any previous notice.
Does anybody know where Microsoft is going with the developer portal for customizing outside the standard templates they offer?
There is some work planned to refresh the developer portal. Can you please elaborate more on what you are trying to achieve? What is your goal?
One can edit those pages in 2 places: Publisher Portal and Developer Portal.
In the Publisher portal you can add widgets to predefined areas on the page. For example you can add a HTML widget to the home page for authenticated and non-authenticated users. Rasmas Gude has a great article about that here.
In the Developer Portal you can change the information shown on each page by editing the template. There's a edit template icon available on the left for administrator. If you click that and then select the section you want to edit a split screen will appear below. The left have is DotLiquid markup and the right is the data model for that section. With that information you should be able to modify the page in the manner you wish.
If they are decommissioning the publisher portal, it will be enabled in the azure portal. Earlier we have the API, Products and users etc in the publisher portal. that are added in the other portal. The deprecation of the portal, dosnt mean the existing functionality will fail, which have the alternatives.

iTunes Connect demo account in existing live database for app submittal?

I'm submitting my first app through iTunes Connect. It is a social networking community so I have to provide a demo account for the submission. My app already has a live database of users as there is currently an active web version.
I'm new to this and confused as to how I should handle this. Should I be creating a demo account that will not show up in any other live user's search results? Are the testers going to be attempting to interact with other live users? I am assuming I will need to show the various functions of the app, like messaging and events. In that case should I be creating a few "demo" users for the testers to interact with?
Alternatively, should I be linking them to the development version and development database? If that's the case, then the build that I send them would only be a development build then?
I am confused on how this is supposed to work and can't seem to find any information to help?
In my experience, you'll need to give them the production version that will go into the store. So not the development build.
When we submit an app for approval, it seems to get installed and activated on a couple of devices, but nothing much ever happens. They barely use it, as far as we can tell. We can tell that it's installed and run. We have previously been rejected when the network connectivity wasn't working right, so we know that they do look at the app after it's installed.
I'd suggest you make them an account that looks relatively anonymous (or even "Test Account" which you real users are hardly likely to try to interact with). You could create another account and say "If you want to send a message, send it to account xxxx". We've never had them interact with our app enough to utilise the suggestions we've made.
If you have an active / inactive flag, you could think about making these accounts inactive once the app is approved, then re-activating it when you next want to submit your app.

Instagram api sandbox

I today get Instagram api and add my website live,
I see write:
Client Status: Sandbox Mode GO LIVE
I can't click on ''GO LIVE'' button why ?
You would need to start a submission for approval to go live, though:
Feeds for websites won't be approved; these will remain in sandbox mode and be limited to 500 requests per hour and 20 images. This doesn't sound like much especially for large clients, but if you cache your responses, it's not a problem.
The main confusion is because they have made it sound like every app/feed has to be approved and out of sandbox mode to work, where as the reality is that only fully functioning apps for phones, or a widget plugin really ever need to be.
You will no longer be able to display feeds based on hashtags, only a users own photo's. By getting a client to be a sandbox user, is how you can access their feed without their login information.
Older apps/feeds will need to be updated to use the new code before June or they may stop working.
It's mainly to stop apps hammering instagram's servers for unlimited requests on any hashtag/users they like.
Here is an example of how to fetch and cache images using WordPress's 'set_transient' - you will need to use a loop to output the data.
WordPress Instagram Gist
Here is the relevant piece of information in the dev docs:
Here are some examples of scenarios that will not be approved:
To display content for a personal website. If you are a developer and you want to showcase Instagram content on a website, then you do not need to submit your app for review. By using a client in sandbox mode, you will still be able to access the last 20 media of any sandbox user that grants you permission.
One-off projects. If you are an agency building websites or other integrations, note that we don't grant permissions to clients created for one-off projects. If you are interested in building a product, platform, or widget that will be used as a service across multiple projects, then you may submit a single client_id that you can use across multiple projects.
To use a widget. If you are installing a widget for your website, then you do not need to submit for review. Some widgets may ask you to create a new client id, but you do not need to submit it for review for the widget to work. Your client can remain in sandbox mode and the widget will have access to your last 20 media.
Hope that helps clear some confusion.