Confusion about authentication in Azure Logic Apps - authentication

I am building my own SaaS app and see Logic Apps as a nice way to extend it with functionality like getting files from other sources like Dropbox and Onedrive and also to save data directly to SalesForce or dynamics CRM.
All the examples I have seen so far just authenticate in the Logic Apps designer for these third party services but then it is specific accounts on Dropbox or Dynamics that are used.
What I need is for the currently logged in user in my app to be able to get files from his Dropbox account or push data to his Dynamics account. How would we achieve that? We can not hardcode that stuff anywhere.
Best regards

Related

API Integration Service

We want to integrate into many different APIs so that our users can import their data on other apps into our app or do actions on their other apps when triggered on our app.
Plain API integration.
However, integration process takes too long for many services and you have to fill lots of forms. You have to submit a request to that platform, they check it, then publish in a few weeks or months. Doing this with many different apps can take months.
I just want to delegate the authorization process to another service. For example, https://auth0.com/ can authenticate users on their platform. This way, you can just use Auth0 and users can sign up to your app from hundreds of different apps. I need something similar to that but I need the access token.
Whenever a user wants to integrate another app to our app, I will redirect the user to that intermediary service and it will handle authorization and return us the access token.
Is there a service that can do that? Is this allowed by services like Google or Microsoft?
One platform I found is apideck.com
Handles authorization process instead of you, your users can see which apps they integrated over their panel or widget.
Allows you to quickly connect to tens of api services.

Using Google Sheets in Saas Application

In our SAAS application, we decided to use Google Sheets API, to generate docs and to give permission for editing documents online in Google Docs web and mobile application.
Here, do we need all of our customers have to be Google Accounts? Is there a better way to create users at the backend of our customers to connect directly from our app?
Unless you're using a service account (which isn't ideal for scaling apps), you ought to use google login, which requires a google account.

Can I restrict access to podio app after downloaded by client

I have a niche market that would benefit from having access to some custom Podio applications. I believe this group of people would pay for this access and that I would enjoy working with them to continue customizing this platform for them. I need some compensation for this development work and am trying to determine the best way to ensure the clients would pay.
My question is whether there is any way to enable/disable access to a Podio app once downloaded by the client. I realize I could develop a custom website that logged into Podio to get data for the interface and could push the data back to Podio. This approach would severely limit what customization the end user could do to the application once deployed.
Is there any way to have the Podio App make an external call that would contact my web server API to determine if the logged in user has access?
Richard

Office365 - Application authentication with no user consent

We've been working with EWS Managed services for a while now, however we would like to transition over to using the RESTful API for Office 365.
Is it possible for an application to access all of our users data without their consent? We have an in-house application that we would like to get some O365/Sharepoint data to our users. Using SSO isn't really an option, as we don't want to keep asking our users to give consent (we assume they already give it). Specifically, we want access to calendars and mail.
Are these "service/application level" accounts available in O365 yet? I think I read a while ago that they are on the roadmap but I have not seen anything since.
Would it be best for us to continue using impersonation with EWS for now until it is ready? (For some reason, EWS is painfully slow when getting data, meanwhile our tests with O365 SSO are a great deal faster, but we do not want SSO).
Apologies if this does not meet the requirements for SA questions. Thanks.
EDIT. Daemon and Service Apps are now possible with Office365. Check out this link.
Building Daemon or Service Apps with Office 365 Mail, Calendar, and Contacts APIs (OAuth2 client credential flow)
App-level authentication is coming soon. Basically an organization administrator will have to consent to allow the application access to mailboxes in their organization, then you'll be able to authenticate as the app, rather than acting on individual users' behalf.
I'd say keep working on your prototype using the user consent model that's in place now, and keep an eye on our blog or my Twitter account (#JasonJohMSFT) for the announcement for app-level auth.

Single Signon between my Azure application and SharePoint Online

I am trying to evaluate a strategy where I can integrate our Azure based application to SharePoint Online.
The idea is to provide seamless UI so that they are able to use the best of the features from both these applications without having to navigate away from our application.
We would like to bundle the application with Sharepoint online so that if a user comes to our application they will see another tab for collaboration which will open SharePoint online in a seperate iFrame or something like that.
However the issue here is that we do not want the user to keep another set of user credentials for SharePoint online. Is there a way where we can provide some kind of single sign on here.
Our application uses forms based authentication.
I could verify that you sure can use ClaimBased SSO with Azure and SPOnline. Look for the following:
Claims-Based Single Sign-On for the Web and Windows Azure
Remote Authentication in SharePoint Online Using Claims-Based Authentication
So using Claim Based Authentication (Use Windows Azure ACS) you can merge SP online and Azure Web Role together.