Looking into how to manage (in our case just list and get properties of) the SAML application that we have created via the "Web and Mobile Apps" section of the google console.
I don't see any reference to how to get this information from the https://developers.google.com/admin-sdk/directory/reference/rest documentation.
Is this API available somewhere else?
It is not possible. All you can use are the API methods listed in the documentation you shared, however you can only see the SAML apps from the Admin console web UI.
You can also request this as a feature using the "Missing features" option, to see if they have the chance to develop something like this.
Related
Recently I received this Alert in the Google Play Console
Your app contains exposed Google Cloud Platform (GCP) API keys
I am using the YouTubeApi Player, and I believe the only why you can initialize it is using this line of code
youTubePlayer.initialize(DEVELOPER_KEY, this);
So beside added restrictions to my API key, is there any other way to remove the API Key from the code?
I tried using the GCP service accounts as suggested by Google, but I do not see how I can still use the YouTube Player without the initialize line of code.
I have same problem, and fixed this by using string R.string.google_api_key generated by google_services.json
change your code to:
youTubePlayer.initialize(getString(R.string.google_api_key), this);
how to get google_services.json:
create firebase project https://firebase.google.com/docs/android/setup?hl=id
get your google_services.json https://support.google.com/firebase/answer/7015592?hl=id
There are some tips on how to secure your API keys at Using API Keys documentation.
It is stated that embedding API keys directly in the code should be avoided, which is the way you are having it right now, therefore you are getting the warning message.
Follow the tips on that page and you should properly secure your API key. As soon as you do so, the warning will go away.
UPDATE
To avoid having a long discussion in comments, allow me to elaborate further providing this update.
Google provides different ways of authentications to give you more options for securing your apps based on your needs. The warnings are helpful tips to make your apps more secure when going in production or exposing to public. So in your case, it would be better to use a different way of authentication.
API keys can be used in server side. e.g. If you are using an API key to authenticate a 3rd party service from an App Engine app, you can use this key as you already have it, since it is impossible for the key to get exposed. (Avoid using API keys in JavaScript since inspecting the page in the browser will expose the API key as well)
In your case, since you are developing an Android app and/or an iOS app, having the API key in the code is dangerous. Because, anyone can use the .apk or the .ipa file and find a way to access it. Therefore, for developing Android apps and iOS apps it is suggested going with different authentication method. The other authentication method supported in YouTube player API is using OAuth 2.0. For more information you can check the Registering your application documentation.
I have been using https://www.google.com/m8/feeds/ to list all users of a domain when the admin installed my web application.
This api has been deprecated for a while and is now disabled. We are advised to use the new directory api.
However, in order to use the directory api, the admin of the domain must have enabled the api access with a checkbox in a deep menu item. It goes without saying that many of them will have the admin api access disabled.
1) On this question Arun Nagarajan said "We are looking into improving this flow" in 2013. Is there any update about this?
2) In another question, jonathanberi seems to say that the admin api is automatically enabled when the user installs the app. But I wasn't able to reproduce this feature, and I can't find any documentation stating this. Is there any (preferably official) documentation that confirms such behaviour?
is there any other route other than the route mentioned in another post (pasted the post details below), where need to look into a bunch of files and understand the api's exposed.
=====
Yes its possible. All the functions in EMM are exposed as APIs. You better look at the scripts at wso2emm-1.1.0\repository\deployment\server\jaggeryapps\emm\api to get an idea on the APIs in EMM. You can find the endpoints inside those js filese. Also please note that this app is written using JaggeryJS. For the authentication you may look at SAML sso which has been used in EMM. For this you could use a modal dialog to load the SSO page or else you may modify it to support OAuth as follows.
WSO2 EMM does not expose any APIs, that supports registering a device other than Android or iOS as they are the supported platforms. The quoted text is from a question related to iOS.
My team is trying to develop a product for the google apps marketplace and I am having issues with the workflow in the new ADMIN SDK.
With the now deprecated Provisioning API we simply ask for a username and password from the account we are trying to manage.
With the ADMIN SDK it seems as though they would need to go enable the API, create a key and do a lot of manual work for this to happen. This really is a tough option for us as the technical level of our clients is not likely to be able to make this transition.
Is there something like the work flow for the provisioning API where they can enable management from a third party or a recommended workflow for a developer to build an application that can access any number of google apps accounts?
A use case for this is say I want to develop a different option for a console, I want to build a console web app and simply ask for credentials or easy setup routine and allow our users to manage their google apps account in a different way.
Thanks in advance,
Steve
The Admin SDK Directory and Reports APIs work correctly with 2-legged OAuth 1.0a which is what the Google Apps Marketplace currently supports and automates. You do need to turn the Admin SDK on under "Register for additional APIs" from your Vendor Profile page on the marketplace. Also, the Administrative APIs for the domain must be turned on. You'll get a generic error that the domain cannot use the APIs if it's off in which case you can direct the client to the exact CPanel page where they can turn it on.
Hi Guys
I am trying to create a web app to share docs with all editor features (just like google docs).
My main requirements for this app are as follows:
1. Should have all editor features (can be done using open office api, google docs api, Microsoft office web apps api)
2. Should be shared between multiple users and can be edited by multiple users and other sync features (can be done using google docs api, Microsoft office web apps)
3. Can save the document created and edited on my own/ custom server addr. (Which api can support this??? I know open office can support this)
Guys can you please suggest me one api which can be used to do all the above. Also please suggest if I am underestimating any API above regarding any functionality that i thing is not supported.
Thanks
King
What you are asking for is so complex it takes a Google to make a "in progress" version!
Can't you just use Google API? Its is free. Your only issue would be logging users via OAuth, 1 simple API