I've build a simple application to be able to create folder tokens using the Marketo REST API:
Marketo REST APIs: Get Tokens by Folder Id
From the Marketo Portal, I can see that inside a folder, tokens are grouped by type :
Local: tokens created inside the folder
Inherited: tokens that have been created in a parent folder.
Overridden: tokens that have been created in a parent folder but that the value has been overridden in the folder.
I would like to be able to group tokens in my application doing the same.
From Marketo documentation, I can't see any token type inside the Json result.
The only workaround I've found is to query both the folder and it parent folder so that I will be able to compare tokens and determine their types:
If the token doesn't exist in the parent folder, this is a local token.
If the token exists in the parent folder and has the same value, this is an inherited token.
If the token exists in the parent folder and has a different value, this is an overridden token.
I would like to know if there is any way to get the token type from the Json response without to query both folder and parent folder ?
Thanks in advance ^^
The token state can't be read from the response, so your best bet would be to to infer it in the manner you described.
Related
I have a problem with getting folder info by it's shared link / ID.
I have two users - the system user who calls the Dropbox API (ex. user A) and a regular user (ex. user B). I have a folder created by user B, user A is added to the members of this folder as owner. I have a link to this folder created by user B.
From user A through the Dropbox API calls I want to receive metadata of this folder, incl. its path, to be able to work with this folder (add / remove files, links, users, etc.).
To achieve this I:
Get folder link metadata (incl. folder ID like "id:a4ayc_80_OEAAAAAAAAAXz") using sharing/get_shared_link_metadata.
Get folder metadata using files/get_metadata with recieved folder ID as "path" parameter but in response I get the error "path/not_found/".
Why can't my system user A get information on the folder having its ID and being its member (owner)?
I'm new with the API and I want to get a custom field ScreenConnect form my connection with the OAuth2. I created my project in console.developers.google.com and I have authorized the Admin SDK. In my scope I put https://www.googleapis.com/auth/admin.directory.user.readonly.
But I can't get the variable back. If I try https://www.googleapis.com/admin/directory/v1/customer/my_customer/schemas to retrieve all custom schemas (https://developers.google.com/admin-sdk/directory/v1/guides/manage-schemas). I have the Insufficient Permission: Request had insufficient authentication scopes. But https://www.googleapis.com/admin/directory/v1/users/userKey work fine (https://developers.google.com/admin-sdk/directory/v1/reference/users/get). So the restriction isn't coming from the SDK. I think it's a url error, but I can't understand what's going on.
I solved the error the Insufficient Permission with the scope https://www.googleapis.com/auth/admin.directory.userschema I still can't find out how to get the value of the variable
The scope you are using is not the correct one since it only grants readonly access. In order to have access to what you want to achieve, you should be using this:
https://www.googleapis.com/auth/admin.directory.user;
Moreover, if you want to retrieve the value set for each custom schema for a user, you will have to make the below GET request, where userKey is the user's email address.
https://www.googleapis.com/admin/directory/v1/users/userKey
In addition to this, you also have to set the customFieldMask parameter with the name of your schema name/s and the projection parameter to custom.
Therefore, for a particular user, your request will look something like this:
GET https://www.googleapis.com/admin/directory/v1/users/THE_EMAIL_OF_THE_USER?customFieldMask=NAME_OF_THE_SCHEMA&projection=custom&key=[YOUR_API_KEY]
HTTP/1.1
Authorization: Bearer [YOUR_ACCESS_TOKEN]
Accept: application/json
Reference
Directory API Users:get;
is it possible to list all of the conversations in my slack organization using the API?
Or for the very least, within a workspace.
When I tried calling the "conversations.list" endpoint using a token with an enterprise token, I got an "enterprise_is_restricted" error.
When I invoked the same endpoint with a workspace token, I got a list of all of the public channels, and IM's that I'm a member of, but private conversations that my user (the primary owner) is not a member of were not retreived. Now it makes sense that I wouldn't be able to read them, but I'm looking for a way to list them, to get their name and members basically.
And than with files. I got the same "enterprise_is_restricted" error when I used my enterprise app token, and when I used a specific workspace token, I only got files that were shared with me. I want to be able to keep track of what files are being shared and with whom (for information security reasons), so this is very problemetic for me.
Yes it is possible. The following should give you at least permissions to all conversations within the workspace.
Generate an OAuth Access Token for your Slack app
Go to api.slack.com to set permissions for it. This particular method needs the following scopes: "channels:read,groups:read,mpim:read,im:read"
Install/reinstall the app and use that OAuth token to access your list of conversations
I am testing S3 calls using DHC REST client in Chrome. In these tests, the Authorization is all based on my root user credentials.
I can do a GET with //mybucket.s3.amazonws.com, and a list of the items in mybucket is returned.
If I add an item to retrieve (//mybucket.s3.amazonws.com/myitem), I always get 403 Forbidden.
I thought that the root user had automatic access to the objects, but am I wrong about that?
I took screen prints of both tests, which I'll supply if needed.
After some further monkeying around, I found my answer. Yes, the AWS root user can access individual items. But the Authorization header string changes. When you retrieve an object, that object's key participates in the calculation of the auth string. Thus, the same string used to retrieve the bucket list does not work when retrieving an object.
My goal is to be able to generate a special URL that would allow someone to view a normally "protected" view temporarily. In fact, if they leave the page, any temporary authentication that was granted should be taken away.
Basically the problem is that I have content on my website that I NORMALLY want to be protected by requiring a login. However, I'd like to be able to give temporary access to a specific asset and not require a login.
Should I somehow use a URL with a query string that automatically authenticates the user? Or should I instead generate a separate page with that asset that does not require authentication at all?
edit: I forgot to mention that the generated link should be accessable for more than one person. In other words, it can't limit by the number of times accessed, but rather a time period or until we manually force it to expire.
You can create a database table like tokens, where you store unique access tokens which are valid only for 1 single request. In your action, this token could be a URL parameter. If no token is present in URL or if the token was not found in the DB table, access is denied. If a token was found, you delete it from DB and perform the action.
Now whenever you want to give someone this kind of one-off access, you create such a token and store it to DB. The token could be a random MD5 hash, that you generate e.g. through md5(mt_rand().mt_rand()). Then you can create a URL with that token as parameter and hand it out to the user.
You can also enhance the system and add an expiration time to your tokens table. Then you'd only grant access if the expiration time is in the future.
vyce: "It should first be for a rendered view that also contains PDF files."
If you have PDF files (or any other files) accessible under your webroot, anyone can access them at any time. So even if you will only serve a view to your user once, he/she could still get to the PDF file if they have kept the PDF's URL. The user can also share that URL with others.
This problem can be resolved by:
Storing the PDF file under the document root (or in another location that is made inaccessible with .htaccess)
Once you have determined that your user is allowed a one-time peek at the PDF, you serve it as described here