Is there any endpoint to get all the licenses assigned to an specific user? like this one:
GET https://www.googleapis.com/apps/licensing/v1/product/productId/sku/skuId/user/userId
but without {productId} and {skuId}, to receive the licenses actives for the user.
Related
We have the WSO2 API Manager deployed and working, although we are unable to figure out an issue about users addition. We want to add the users via the management console (Carbon) and after being added we want the user to receive an email saying that his/her account was successfully created.
Although there is documentation for a workflow extension when the user signs up, we were unable to find any documentation regarding the matter we've pointed out, is this possible to achieve via the API Manager or with some kind workflow extension?
Thanks in advance!
EDIT: We are using WSO2 API Manager 1.10.0.
If your requirement is to create a user through the management console and allow the created user to define a password, you can configure APIM server to support 'Ask password from user' feature. (In this feature, APIM server administration can create a user through the management console and provide the email address of the user, so that user can set the password through the redirection URL provided in the email). To configure 'Ask password from user' feature follow the instructions given in https://docs.wso2.com/display/IS510/Creating+Users+Using+the+Ask+Password+Option.
If you want the APIM server administrator to set the username and password through the APIM management console and only send a notification to the user that his/her account is created successfully, then you have to write a custom component, because this is not supported by default.
I am using Facebook Ad Api to create ads. How ever when i grant a user Administrator Role (1001) with the following api call:
https://graph.facebook.com/v2.5/<AD_ACCOUNT_ID>/users?role=1001&uid=xxxxx
it successfully creates the user, and when i get all the users using the following request:
https://graph.facebook.com/v2.5/<AD_ACCOUNT_ID>/users
it successfully returns the array as:
"{"data":[{"name":"firstname lastname","permissions":[1,2,3,4,5,7],"role":1001,"id":"101xxxxxxxxxx352"}}"
but when i try to create an Ad campaign or Adset with the newly added user the following exception is thrown:
[FacebookAds\Http\Exception\AuthorizationException]
(#272) This Ads API call requires the user to be admin of the application. User 16xxxxx351 not admin or developer for application 109xxxxxxxx0403.
And when i go to my app and assign the user with an Administrator or Developer Role, I can make requests successfully.
Why is facebook not allowing a user created with administrator role from the api not make api calls to its Ad Api ? And why does it allow when the user is granted Administrator/Developer role make requests ?
This is because the objects you can promote are not based upon an adaccount but are based upon your user.
You can see the connection objects a user has access to by make the following request:
<API_VERSION>/act_<AD_ACCOUNT_ID>/connectionobjects?access_token=<ACCESS_TOKEN>
The documentation states:
this call returns the IDs of all objects for which the current session
user is an administrator, and the IDs of apps for which the user is
listed as a developer or advertiser.
If you don't want to make additional administrators for your app, you can create system user in Facebook Business Manager, grant him administrator (or even advertiser) rights for Ad Account.
https://developers.facebook.com/docs/marketing-api/business-manager-api
And use his token to manage ads. In my case I used it to retrieve targeting of ads, to find where leads came to lead form from.
https://www.facebook.com/marketingdevelopers/videos/vb.606699326111137/883648801749520/
In some previous WSO2IS versions, there was a default self sign-up feature.
However, I could not find it in the 5.0 version.
Reading the WSO2IS 5.0 documentation, what I have found is 2 APIs used for this feature:
getUserIdentitySupportedClaims() - Set of claims to which the user profile details should be saved in the Identity Server.
registerUser() - This registers a user in the system. You need to pass values like user name, password, claim attributes and values returned from the previous call and the tenant domain. The confirmation code is sent by email to the given email address.
So, the self sign-up feature is hidden somewhere OR do I need to implement it by myself?
And is there any example of using APIs for this feature?
Thank you.
This is available in the dashboard:
https://<url>:9443/dashboard/
You can use the following service for signing up users:
https://<url>:9443/services/UserInformationRecoveryService?wsdl
Note that in WSO2 products, admin services WSDL's are hidden by default. You can expose them by setting HideAdminServiceWSDLs parameter to 'false' in <IS>/repository/conf/carbon.xml.
I am trying to use the Google Contacts API and the Python / GDATA client handlers to access Contacts via OAuth 2.0 for users in the domain. I'm ultimately wanting to create a web service to add contacts for users, but the first step is getting this test working.
I can access my own Contacts just fine if I use the default URI. However, when I pass in the email address to construct the URI for another user, I can't seem to access the other user's Contacts. Here is the code that I'm using:
client.GetContacts(uri=client.GetFeedUri(contact_list=userEmail))
A 403 error is returned when I execute this.
gdata.client.RequestError: Server responded with: 403
Your client does not have permission to get URL /m8/feeds/contacts/<userEmail>/full from this server.
Mostly just trying to understand if what I'm attempting here is even possible. In the Email Settings API, for example, you can get authenticated to the domain and pass in a user's email to list their labels, add filters, etc. So, I would anticipate that the Contacts API would work the same, though handled slightly differently, i.e. modifying the URI, instead of just passing in an argument to the client handler. Please let me know if I am wrong in that presumption.
For authorization, I'm getting the details using flow_from_clientsecrets, then getting the token to authorize the ContactsClient for the domain. Again, I can access my own contacts fine, so authorization seems OK, but I can't access other users' contacts.
client = token.authorize(ContactsClient(domain=domain))
Seems like I'm missing something with respect to accessing other users. Is anybody able to assist me over this hump? Here are some things that I've checked / confirmed:
Contacts API is enabled for the project
Scopes have been authorized for the Client ID in the control panel > Manage 3rd party access
I am a Super Admin in the domain.
Thanks for your time!
I figured out the answer here from another post with exceptional detail:
Domain-Wide Access to Google GDATA APIs
You need to use "Service Account" authentication. For some reason, I was thinking that would only work with the newer discovery-based APIs. But, service account access also works for GDATA APIs. I can access all the Contacts for users in the domain now.
I really surprise when use http://www.friend.ly site. I'm login Facebook and after go to http://www.friend.ly. I'm surprise because I don't confirm extended permission but this site can get email, address... Any ideas?
My Information
Information get from friend.ly site
They are using the Facebook Registration Plugin which basically renders an iframe from Facebook's server. Due to cross-domain browser restrictions, they can't actually access any of that data until you submit the form by clicking the register button.
If you read the section on the Graph API documentation about authorization you'll see that if they're using an OAuth 2.0 access token then they can retrieve any information that you have publicly available without your authorization. You can see the examples below.
The Graph API as such allows you to easily access all public information about an object. For example, https://graph.facebook.com/btaylor (Bret Taylor) returns all the public information about Bret. For example a user's first name, last name and profile picture are publicly available.
To get additional information about a user, you must first get their permission. At a high level, you need to get an access token for the Facebook user. After you obtain the access token for the user, you can perform authorized requests on behalf of that user by including the access token in your Graph API requests:
https://graph.facebook.com/220439?access_token=...
For example https://graph.facebook.com/btaylor?access_token=... (Bret Taylor) returns additional information about Bret Taylor.
The Graph API uses OAuth 2.0 for authorization. Please read the authentication guide which provides details of Facebook's OAuth 2.0 implementation, how to request permissions from a user and obtain an access token.
Getting an access token for a user with no extended permissions allows you to access the information that the user has made available to everyone on Facebook. If you need specific information about a user, like their email address or work history, you must ask for the specific extended permissions. The reference documentation for each Graph API object contains details about the permissions you need to access each connection and property on that object.
This quote is from the facebook documentation located here:
https://developers.facebook.com/docs/reference/api/