I just created my second app, and I want to enable Authenticated Referrals as I made on my first app. But the "Authenticated Referrals" option has disappeared in Settings > Permissions, however that option is still in the Facebook app's documentation : http://i.stack.imgur.com/WC6A0.jpg
Can you help me to retrieve this option ? Thanks.
Authenticated Referrals are removed for new applications as described in this blog post
https://developers.facebook.com/blog/post/2012/10/10/growing-quality-apps-with-open-graph/
Authenticated referrals create an inconsistent experience for people by asking them to give permissions in order to access content with little context. You must migrate to use a standard Auth Dialog experience.
Related
I have made an api in laravel with socialite and github and I need to log out so that the application asks me with which github account I want to log in every time.
What you are asking is how to logout from your registered user (which used Github) and destroy the oAuth session of github?
Maybe have a look at this:
laravel socialite logout issue
OK.
If you are using socialite, do check the documentation of each provider you use. Probably you should make a GET or a POST request to their service in order to log out the user.
For example, Globus.org uses this link (documentation link) in order for you to log out your users:
GET https://auth.globus.org/v2/web/logout
Clicking it will log out your user from your service.
Do note that most provider might use similar techniques.
Use POSTMAN to make such requests and experiment (especially when you are trying to register users, making calls with POSTMAN might seem helpful)
Then you are faced with the following issue:
What type of data did you store on you database? (the next bullet might help you understand what I mean)
Did you store in some way, the provider name the user used to login to your system?
If so, each provider might use a different way to log out / register a user from your Laravel project.
GOAL: Create users in Azure Active Directory using our Global Admin account from an API.
PROBLEM: Every single way I try, I get "unauthorized".
WHAT I'VE TRIED:
I've been focusing mostly on this: https://graph.microsoft.com/v1.0/invitations
I've tried as outlined here
the "Authorization Bearer {token}" is problematic -- I can't seem to properly retrieve tokens, using any of the built URLs recommended (ie, combining ClientID & TenantID in the URL.)
I've tried the relevant portions of this, including creating the app, setting permissions on the app, trying both Web API and Native. I'm able to get a code back, but using it always comes back with Unauthorized.
As an aside, I am using Nintex to run this web service, as it is part of my workflow. Typically, web services don't give me issues. So, this sucks.
I'm missing something, here. Any thoughts or direction?
UPDATE: Removed the word "method" - bad choice of phrasing.
If you want to use Microsoft Graph explorer to create user as the global admin, you could use POST https://graph.microsoft.com/v1.0/users, and the required permission is:
Permissions
For the details, you could read Create user.
Global admin runs as a user by default. To grant access to Active Directory, you need to elevate permissions in the portal.
I'm not convinced you have the permissions to create the user, and that's why I think you're getting the error.
Also, try and avoid using Global Admin. Create a Service Principal and provide more granular permissions.
I'm having trouble to make this works:
API console
code error :
{
"code":22,
"response":"You do not have admin privileges on forum 'fabien-greard'"
}
I tried to change my app permission to :
Read, Write, Manage Forums (without any effect).
My app is using the same username than my forum (i'm the owner)
Any ideas ?
The easiest way to do that is by handling API request in Postman.
For it, we need the credentials from our site's Disqus api:
With this in mind, we go to postman and we use that credentials for sending request:
Two parameters more are required here: forum, the site where you want to create the categories, and the category's name as title.
Don't forget to use an admin user to have permissions for managing forums, the api will know you are admin by using also the access token.
I would like to understand something please.
I have an application based on oAuth2 with Google Accounts.
So, teh first time I connect to this website, I am redirected to the authentication page on Google domain. So I type my email and password and I dont check "trusted computer" (or "remember me", I dont remember the exact term).
The thing is if I reboot my computer or even delete my cookie (but not my history (tested with Chrome on Android phone), I am not prompted again for the authentication and I have directly access to the application.
I would like to understand why ?
If somebody can explain it to me that should be great !
Thank you
You can actually force re-authentication in the Google OAuth api by passing &max_auth_age=0 to the auth URL.
Source:
Use the PAPE extension for further control of user authentication (optional)
Use the max_auth_age parameter in the PAPE extension to ensure that the login session of the user at Google is recent. You may also specify max_auth_age=0 to force a password reprompt.
https://developers.google.com/accounts/docs/OpenID
It's a bit confusing because they talk about OpenID, but I'm doing this successfully with Google's provided OAuth2 libs.
The Google OAuth 2 API really doesn't give you a way to force re-authentication. Lots of people have asked for this capability though, and maybe we should provide it.
It's hard to say, since it depends on what the flow was that as being executed.
Generally (with oauth) you weren't being prompted for authentication. You were being prompted for authorisation. Once you've authorised, you won't be prompted again, provided of course that the browser/google have some sort of session in existence which identifies the user.
When you say "delete my cookie", which cookie?
Yo can try going to this page https://accounts.google.com/b/0/IssuedAuthSubTokens?hl=en_GB and revoke the permission. That should then cause a repeat prompt.
I'm using an external Node.js module, everyauth, to handle my LinkedIn API authentication. I'm not yet positive if this is a problem with the way my module handles their API, or some other API issue itself.
Basically, after a user has already granted access, LinkedIn nevertheless continues to ask whether to continue to grant access. I know this is not standard because I've seen a different user flow in other applications.
Here's an example of what happens:
You can see I granted access on Jan 11th, but this was taken on Jan 13th. Why must I re-auth!?
Do you have any idea what is causing this? I dove into the relevant LinkedIn module code for everyauth but nothing in that application flow caught my eye as the problem.
Modify the script to send them to https://www.linkedin.com/uas/oauth/authenticate instead of
https://www.linkedin.com/uas/oauth/authorize.
That will cause LinkedIn to automatically redirect them back to your site.
See more at https://developer.linkedin.com/documents/linkedins-oauth-details
If you are using the JavaScript API (which it looks like everyauth uses), then it is likely that the OAuth tokens that LinkedIn stores in the browser have become 'stale'. To ensure that the user is the correct user, the browser tokens expire after ~30 minutes.
That being said, if the session is still fresh and the authorize value is set to true, you should be able to bypass the screen you are seeing.
https://developer.linkedin.com/documents/overview