I am trying to integrate salesforce Rest API with Django, so for hours I have been trying to figure out the endpoint which it exposes, I have learned to create records but how do I access those records as the URL mentioned in docs is https://yourInstance.salesforce.com/services/data/v52.0/query/?q=SELECT+name+from+Account,
what is "yourinstance" here, any help will be appreciated, thanks in advance
when i tried to access above URL in thunder client it gave me this error
Couldn't resolve the hostname to an IP address, Verify Url: https://trial65.salesforce.com/services/data/v52.0/query/?q=SELECT+name+from+Account
Assuming that you have created a Connected App, generated the client id/secret, to get the Bearer Token.
In the response where you get your bearer token from Salesforce API refer this , it also provides you with instance URL as part of response.
{"id":"https://login.salesforce.com/id/00Dx0000000BV7z/005x00000012Q9P",
"issued_at":"1278448832702",
"instance_url":"https://yourInstance.salesforce.com/",
"signature":"0CmxinZir53Yex7nE0TD+zMpvIWYGb/bdJh6XfOH6EQ=",
"access_token":"00Dx0000000BV7z!AR8AQAxo9UfVkh8AlV0Gomt9Czx9LjHnSSpwBMmbRcgKFmxOtvxjTrKW19ye6PE3Ds1eQz3z8jr3W7_VbWmEu4Q8TVGSTHxs",
"token_type":"Bearer"}
Goto Set Up > MyDomain There you'll find the My Instance URL for your salesforce org.
Screen shot of MyDomain page for reference
Related
Hope you are doing good. i am new to Django so basically i want an idea of how we can access page that required login but i want one time login not every time.or just by pass this authentication by any mean i don't know?
i-e: i have chat bot i want to give that page specific url to some client and that client add that url in his website so his clients just use my chatbot by click my chatbot url that are present in my client website.but i want that by clicking that url does not require to login first but i want the secure access only that client domain only access my url . not other domain or from chrome brower.
if you give any idea it will be very kindness of you thanks alot.
my-sloution:
i used django-cors but i dont know that using cors will restrict access to other domain accept the allowed one?
i experence from cors-test websites i just send post request but cannot access my site when i allowed that domain in cors then they can get post response .
so basically when i search that url from chrome on same LAN ( by using ngrok to make local server global ) we can access pages but cannot make post request. i had added ngrok url in not allowed domain in cors. so this confused me.
the chatbot url page has login so how we by pass the login required by any method for every client that click from my client website so they can easly access my chatbot??
So I am trying trying to execute a PutItem request from my AWS API Gateway. I am trying to do this by using the path /storeid/{username}/{password}. I have done the mapping as json and the test within the API works perfectly and I see my data show up in my DynamoDB table but when I deploy the API and try to invoke this request I receive the following response: {"message":"Missing Authentication Token"}. This request does not have any authorization or API key requirement. Why does the test work but not the url when invoked.
ps-yes I entered the correct url
Please help!
A few things to check
Verify that Authorization is set to None (i.e. not IAM) in your Method request settings.
Verify that you deployed your API changes to your stage. Using the console, click Actions -> Deploy API.
Once deployed the URL to use should be displayed when you select the Stage that you deployed to. Verify you are using the correct URL.
Also, side note, it is a really bad idea to be putting passwords in your URL path or query parameters. Consider doing sending the data in the request body as a POST and doing something like HTTPS and hashing to protect the password.
I'm trying to make a request from my reactjs app existing on "localhost:3000" to my django living in "localhost:8000"
I was expecting some authentication token in header to passed along with the request, but it's not the case. The request seems to be stripped and the token is nowhere to be found. Unless I pass the token in the url as a parameter (which exposes the token that can be decoded. I don't like it), I can't seem to be able to get the token in any way.
so my questions:
is this CORS issue? My understanding is that CORS usually deals with javascripts only, and Django already has the middleware to deal with this.
I'm currently using a GET as method. Does using a POST help in this case? How would the reactjs script be written? Currently it's just a href attached to a NavItem
and ultimately:
How do I pass the token from reactjs to django?
We can perform the implicit grant on the front-end and then configure the Django API in Auth0 and specify its identifier in the audience parameter. This would grant you an access token which you could then use against your API. Your API would then verify the token and check the audience is correct. (This has a good overview of the process https://auth0.com/docs/api-auth/grant/implicit and then with the API https://auth0.com/docs/architecture-scenarios/spa-api)
Basically what we can do is when Auth0 authenticates the user it redirects the user to the app with an access token, and optionally an id token, in the hash fragment of the URI. We can extract that and use the token to call the API on behalf of the user.
So, after we have [created the API in Auth0][3, [defined the endpoints]3, and secured the endpoints we can call the API (by sending the access token in an Authorization header using the Bearer scheme).
If you have any Auth0 specific question please feel free to join over in community.auth0.com you may have better luck finding help/solutions.
The 403 error is telling you that the request is not being processed because something is stopping from process that request 403: The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated
As you said probably because the CORS, try to follow the guide bellow of how to install Django-cors
https://github.com/mbrochh/django-graphql-apollo-react-demo#add-jwt-authentication-to-django
How can I setup PAW to work with Facebook locally for development? Or even at all for that matter?
I have a node.js backend that I'm setting up with Facebook Auth. Every one of my routes needs the user to be logged in. I have two endpoints related to FB Auth. localhost:3000/api/v1/loginFB and localhost:3000/api/v1/callbackFB. Both of these work great in a web browser.
loginFB simply returns this string... https://www.facebook.com/dialog/oauth?client_id=523534457345&redirect_uri=https://localhost:3000/api/v1/callbackFB&scope=email,public_profile,user_friends.
When I call that URI in a browser, it returns a code=blahblah which my callbackFB endpoint uses to fire off another request to get the access token. All good.
So now in PAW I'm confused by the difference between the request URI and the Authorization URL text field? Should I use the loginFB URI for my request URI? And then https://www.facebook.com/dialog/oauth in the Authorization URL textfield?
Basically what's happening is that when I click Get Access Token, it returns the code but my callbackFB endpoint 500's by saying "This authorization code has been used." The code that it's getting returned is definitely different each time I Get Access Token.
This is where I'm at with this thing (Client ID and Client Secret are actually my App ID and App Secret from fb's dev management site, and the Access Token URL is actually set to https://graph.facebook.com/v2.3/oauth/access_token which I'm 99% sure is the correct URI):
This is the error I get when I click Get Access Token button:
It would be awesome to get some advice from anyone with experience with this issue. Thanks.
Re: #MichaMazaheri
tl;dr Fixed in version 2.2.2
Sorry for the super late follow-up. We actually fix this exact issue in Paw 2.2.2, which is already released on our website, and pending review for the Mac App Store. (It was some JSON vs. Form URL-Encoded parsing issue). Thanks for reporting.
I am trying to set up a REST web service in Drupal using Services 3.x module. The service allows me to upload a file with an apikey. I have tried the following methods to check valid apikey to permit upload request.
1)check the apikey in the POST data during create process and upload happens.
2)tried the Services API Key Authentication Module which implements the
hook_services_authentication_info() which checks for the apikey.
3)implemented hook_services_request_preprocess_alter($controller, &$args, $options) to check for apikey both in POST headers as well as in the POST payload and it works.
However, in all the above method the file is uploaded to the server (/tmp) regardless of right or wrong apikey. The request is denied once the apikey check happens in all three methods above. This is concerning as it opens the server for easy ddos . Is there a way to intercept the and check apikey before the file is uploaded to the server and deny the request when apikey is not valid?
All my communication is over https so I would not like to go via session authentication mechanism.
Could this be because of apache server settings? If so, how to restrict uploads to authenticated users?
Please advise.