soundcloud API - Application Registration During Early Dev - api

My team is experimenting with Soundcloud for the first time, and we would like to play with the API before making any strong decisions. So, we do not have an application URL or application name. From my interpretation of the registration process (https://docs.google.com/forms/d/e/1FAIpQLSfNxc82RJuzC0DnISat7n4H-G7IsPQIdaMpe202iiHZEoso9w/viewform), such information is required.
Is there a way for organizations in our position to experiment extensively with the API?

I believe I was able to leave those fields blank and/or put in placeholder fields and I was able to use the API normally.

Related

Getting started creating a web form in Microsoft Teams

I dont know where to begin. Do I need to create an app? Do I need to use bots? I have tried finding docs online but don't know where to start. Any help with be appreciated.
I am trying to create a small form in a teams channel that my users will fill out.
User enters #projects
Web server responds with
User clicks submit and data gets posted to my web server.
You're correct that there are a few different kinds of applications in Teams, so finding the one that suits your needs can be a little confusing at first. For what you're trying to do, I would recommend a Bot, and when it received a message (which it will do when it receives your #mention), it can respond with an Adaptive Cards. Adaptive Cards, if you've not used them, are like small embedded forms inside the chat. The user can complete the card and click a button, and it will send the payload back to your bot to do whatever it needs.
Bots, incidentally, are basically just web services, so your bot can do whatever it needs once it received the payload, such as calling another API in turn.
You haven't mentioned what language you might want to work in, but here are some good starting point nevertheless:
https://dev.botframework.com/
https://github.com/microsoft/BotBuilder-Samples/tree/main/samples
https://github.com/microsoft/BotBuilder-Samples/tree/main/samples/csharp_dotnetcore/57.teams-conversation-bot (I've linked the C# version - you should know that Teams bots use the same Microsoft framework as -all- bots build for the Microsoft world, such as web chat bot or a Skype bot. As a result, you have to ensure that anything you look at is applicable to Teams as some content/samples are not)
https://adaptivecards.io/ (as with Bots, Adaptive Cards have a life outside of Teams, so some articles/content/etc. might not be applicable to your scenario)

How to call Google NLP Api from a Google Chrome extension

My aim is to select some text from a web page, start a google chrome extension and give the text to a google cloud api (Natural Language API) in my case.
I want to do some sentimental analysis and then get back the result to mark/ highlight positive sentences in green and negative ones in red.
I am new to this and do not know how to start.
The extension consists of manifest, popup etc. How should I call an API from there that does Natural Language Processing?
Should I create a Google Cloud Application with an API_KEY to call? In that case I would have to upload my credentials right?
Sorry sounds a bit confusing I know but I just don't know how I can bring this 2 things together an would be more than happy about any help
The best way to authenticate your app will depend on the specific needs and use cases of your application. You can see an overview of all the different methods here.
If you are not planning on identifying users nor on using a back end server that handles authenticating (as I assume to be your case), the best option would indeed be to use API keys. They do not identify the user, but are enough for the Natural Language APIs.
To do this you will need to create an API key for the services you want and add the necessary restrictions to make the key as secure as possible. Detailed instructions on how to do this and how to use the key in a url can be found here.
The API call could be made from within the Chrome extension with any JavaScript method capable of performing POST requests. For example using XMLHttpRequest or the Fetch API. You can find an example of the parameters that need to be included in the request here.
You may run into CORS issues when making the request directly from the extension. I recommend reading this answer, where a couple of workarounds for these issues are suggested.

How to write Spotify API in processing?

For my project in college I have decided to make an interactive map where, when the user hovers over a country the title of the top song in that country is displayed. I wanted to get that title from Spotify charts.
I have read every single page of the Spotify API guide and I am still confused as to how should I write the query in processing. I have the authorisation code and the OAuth token, but I'm not sure how should I include it in the actual sketch.
I really need all the help I can get, I am very new to this and I will appreciate every bit of advice.
Use a Spotify API Java Wrapper such as this one to handle API requests to Spotify.
Wrappers are external libraries that simplify API interfacing by providing functions that you can call from your code to make API requests. See this webpage for information about including external libraries in Processing sketches if you haven't done this before.
The most-played track per country isn't likely to change during operation of your program so requesting (it seems you've identified the correct API endpoint for this) the top track for each country just once is sufficient. This process could be done in setup(), for example, since it runs once only.
Then it's a matter of storing the data from these requests in some sort of data structure to allow your program to retrieve the most played track of the country that is being hovered over. A HashMap of country name to top track is appropriate, but there are many viable approaches.

For Dropbox API is there a way to pull a list of users and see if MFA is enabled?

I am wanting to pull all users in my company dropbox and then check to see if their accounts have MFA enabled. I read over the documentation for Dropbox api but did not see anything stand out where this was possible.
It's very sad to realize that a popular platform such as Dropbox doesn't expose A LOT of basic features through its API (and the SDK itself is far from being OK, compared to G-Suite). Anyway, there are two hacky methods you can use in order to pull out that information (with some limitations).
First method:
By analyzing the team events using team_members_list() you can filter out tfa_change_status_details events. When new_value=TfaConfiguration('[sms|other]', None) is specified - 2FA is enabled.
The information I found out that can be retrieved using this method is:
has_2fa - whether 2FA was ever configured.
is_tfa_enabled - whether 2FA is currently enabled.
tfa_type - whether 2FA is by SMS or by app.
However, keep in mind that you have to track changes constantly and also keep in mind that Dropbox saves team events for only two years.
Second method:
Using the front-end dashboard API this information can be retrieved (I can't remember the API name, I think that it is /2/get_multifactor and inside you'd find some information about its status and the organizational policy regarding 2FA). However, to use the front-end dashboard API (which is totally undocumented) you'd need to simulate a successful login (and correctly use the lid and jar cookies) and you'd also need to bypass the random captcha that appears when you abuse the service with too many requests.
To be honest, Dropbox's API is weak, neglected, and ugly. I wish I never had to use it. Anyway, I would recommend using the first method and pray for a significant update to the API
No, unfortunately the Dropbox API doesn't expose this. We'll consider it a feature request.
There's a feature request open for this one (https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/MFA-status-for-users/m-p/468564#M23886). But I wouldn't hold your breath, as #Aviv mentioned the Dropbox API seems surprisingly neglected at the moment.

Can client side mess with my API?

I have a website that revolves around transactions between two users. Each user needs to agree to the same terms. If I want an API so other websites can implement this into their own website, then I want to make sure that the other websites cannot mess with the process by including more fields in between or things that are irrelevant to my application. Is this possible?
If I was to implement such a thing, I would allow other websites to use tokens/URLs/widgets that would link them to my website. So, for example, website X wants to use my service to agree user A and B on the same terms. Their page will have an embedded form/frame which would be generated from my website and user B will also receive an email with link to my website's page (or a page of website X with a form/frame generated from my server).
Consider how different sites use eBay to enable users to pay. You buy everything on the site but when you are paying, either you are taken to ebay page and come back after payment, or the website has a small form/frame that is directly linked to ebay.
But this is my solution, one way of doing it. Hope this helps.
It depends on how your API is implemented. It takes considerably more work, thought, and engineering to build an API that can literally take any kind of data or to build an API that can take additional, named, key/value pairs as fields.
If you have implemented your API in this manner, then it's quite possible that users of this API could use it to extend functionality or build something slightly different by passing in additional data.
However, if your API is built to where specific values must be passed and these fields are required, then it becomes much more difficult for your API to be used in a manner that differs from what you originally intended.
For example, Google has many different API's for different purposes, and each API has a very specific number of required parameters that a developer must use in order to make a successful HTTP request. While the goal of these API's are to allow developers to extend functionality, they do allow access to only very specific pieces of data.
Lastly, you can use authentication to prevent unauthorized access to your API. The specific implementation details depend largely on the platform you're working with as well as how the API will be used. For instance, if users must login to use services provided by your API, then a form of OAuth may suffice. However, if other servers will consume your API, then the authorization will have to take place in the HTTP headers.
For more information on API best practices, see 7 Rules of Thumb When You Build an API, and a slideshow from a Google Engineer titled How to Design a Good API and Why That Matters.