Is it possible to download all (or subset of) XACML policies/entitlements through REST API?
Your question is very vague. You have to clarify.
XACML is a policy-based authorization solution. It does not maintain user entitlements directly per se. Instead of saying that Alice is a doctor and can do "viewMedicalRecord", a XACML policy states that
Doctors can view medical records
You then ask a Yes / No question e.g.
Can Alice view medical record #123?
Axiomatics provides 2 APIs (SOAP and REST) for that.
Reverse Querying
In addition to the binary approach, it is also possible to do a reverse query of the authorization policies. Rather than asking for a Yes/No question, you can ask:
What can Alice do?
This API would let you generate and download entitlements from a XACML API.
Here you can find the /entitlements-all REST API details
https://is.docs.wso2.com/en/latest/develop/entitlement-with-rest-apis/#get-all-entitlements
Related
Currently, the Google Vault API does not provide a way to get a report of all users in a G-Suite tenant or domain who are on hold in one or more matters. This information is currently available only via the admin interface for Google Vault under Reports/User Holds. It would be great to be able to obtain this report via an API call in JSON format rather than only via the admin UI. Am I missing something or is this functionality already available?
Respectfully, please keep in mind that suggesting that I perform API operations to search all matters and iterate through the users on hold in each matter to obtain this information is not the answer I am looking for. There should be a quicker, more efficient way to get this information since such a report is already available via the UI. I am simply asking if there is a way to get this same information programmatically via the APIs/automation. Thank you in advance.
Unfortunately, Vault API does not have a method for that. The only way to retrieve this information is to list all matters and iterate through them, as you already mentioned.
File a feature request:
It's not uncommon for a feature to be present only in the UI. If you want to see this implemented on the API, I'd suggest you to report it on Issue Tracker's Vault component.
I looked through the issues of this component, and it looks like this hasn't been requested yet. There's currently a somewhat related feature request, but not exactly what you're looking for:
Audit reporting functionality
Update:
The original poster filed a feature request in Issue Tracker. I'm add this to the answer in order to give it more visibility.
To anyone who would like to see this feature implemented in the future, I'd suggest starring the issue (star on the top-left) in order to help prioritizing it:
Vault API: Need API method to return list of all users who have active holds as available in Vault UI
I am trying to create a new interface for wso2is for my specific requirement. I only need some specific functionalities (add user, add roles etc) from wso2, I go through several documentation in wso2 website and find:
this document
this post
but never got a complete documentation.
Is it possible to get the postman collections for the same?
The documentation you have referred to is relevant to the admin services for user and role management. They are implemented using SOAP. But since you have some basic requirements as add user delete user add roles you can use the SCIM2 REST API's[1][2]
[1].https://docs.wso2.com/display/IS570/Using+the+SCIM+2.0+REST+APIs
[2].https://medium.com/#vindulajayawardana/scim-2-0-api-for-wso2-identity-server-5-3-0-fc5dcaad9e44
I would like to access other users public data to show in my website when they configure the page by their username/id.
It means I will create an app on FB/Instagram side and with the help of this app's access token I would like to fetch public data of other user.
Is this scenario valid now? Earlier it was possible but I am not sure now with changes in policies. Even the documents are not clear enough which can say it's possible or not?
Has anyone tried this out recently?
Users: Only data of users who specifically authorized your App is available, depending on the authorized permissions. It does not matter if data of user profiles is public or not, you have to get permission from each user separately.
Pages: If you want to get data of pages you don´t own, you have to go through a review process with your App to get access to "Page Public Content": https://developers.facebook.com/docs/apps/review/feature/#reference-PAGES_ACCESS
That´s for Facebook, about Instagram you can just hit the docs (as well): https://developers.facebook.com/docs/instagram-api/business-discovery
My number one recommendation, in this case, is Facebook API or Instagram API from Data365. I may be considered biased since it is the tool I work for, but it is really a reliable tool you can get public profile data by users ID or username.
Of course, you can use the official Facebook/Instagram APIs for searching all public objects (post, user, page, event, group, place, check-in). But note, the official API has a number of restrictions. Andyrandy has already described them in his answer. Compared with official APIs, we do not have such restrictions.
Besides, our APIs provide such unique features as gender and age recognition (via face photos) along with identification of post reactions that give a competitive advantage in obtained analytics. Data365 APIs also enable developers to create monitoring tasks for a one-time or auto data update. And above all, we do not break the law but only provide web scraping within the legal framework.
I am new to this but I will try my best to explain what I am trying to do.
I have a catalog of products and various private information that my users want to be able to access via their website.
For example:
User-a has an e-commerce site and they want to sell my merchandise. They will be able to access a certain products details via a web service. They will also be able to see the negotiated rate that I've given them along with some other private details.
How should the API handle authenticating the request that comes from User-a's website?
I've been reading all day about different authentication methods but they all seem to revolve around the idea of a third party accessing specific user information. An example is if you let http://randomtwitterapp.com access your twitter profile. In that case, the third party site must manage multiple different users and auth tokens. In our case, my users website is interacting on behalf of the user. I hope this makes sense.
Let's call user A "Alice" because calling her User-A is cumbersome.
Treat Alice's web site as if it were Alice herself. The special pricing and such IS specific to the web site in question, so have it log into your site. Issue credentials that the person developing that site would use to authenticate with, and then use those credentials to determine the pricing and products you show.
As for actual authentication mechanisms, it really depends on your needs. If all you need to do is serve different data to different people, you could do something as simple as an API token passed in the query string: http://api.example.com/products?key=9af4d8381781baccb0f915e554f8798d
Or if Alice already has a username and password for your site, you could have her use those in her API requests with Basic Auth.
If Alice is going to need to enter her account information on various sites that she doesn't control, then oAuth comes in very handy. With that, you can essentially give her an API key for every site she needs to access your API from. And you give her the ability to delete those API keys and deny those sites access.
I skimmed through their documentation and found it a bit overwhelming at first. I know you can search for items by entering a UPC (the number below a 1D barcode), but I couldn't find a word about it in the API.
What I want to do is perform a product lookup by doing a UPC search after scanning a barcode.
Here is a page from the https://webservices.amazon.com/paapi5/documentation/use-cases/search-with-external-identifiers.html which shows how you can use the ItemLookup method to find a specific product by UPC.
Note that default IdType for the ItemLookup is ASIN, but you can change it to something else like UPC if you need to
Be carefull if you want to use the Amazon web services API on a mobile device !
We've found this in the Amazon.com Product Advertising API License Agreement:
4) Usage Requirements
(e) You will not, without our express prior written approval, use
any Product Advertising Content on or in connection with any site or
application designed or intended for use with a mobile phone or
other handheld device, or any television set-top box ....
Link to Amazon.com Product Advertising API License Agreement
Any Ideas for an alternative ItemLookup method to find a specific product by UPC/Barcode ?
Yes sure, the Amazon web service APIs does support barcode/UPC queries. Any information / documentation are to be found here.
If you want to generate barcodes, maybe this helps?
Cheers, Tim
With IdType request parameters ( see documentation here ) not only for upc, but also support ean and isbn query