From the Google Admin panel there is a nice password strength meter and password length feature. From the admin panel go to Security >> Password Monitoring.
Is there a programatic way of getting this info exported in a report?
There is not. The Admin SDK Directory and Reports APIs do not return any information on password complexity / strength.
Related
Is there any option for RingCentral Admin to log out their extension users from their logged in RC apps.
Example: if there are 3 extension users logged into their RC apps mobile or desktop, Admin wants one of the user to log out from all the app he or she is logged in, how can admin do that for the user?
Can it be done from RingCentral Admin portal?
This feature is still not there in RingCentral as of now.
I can see the same requirement is requested as a feature request here in their Idea portal:
https://ideas.ringcentral.com/ideas/CUSTCOM-I-2858
They will review this Idea request and their product team may implement this in next version.
Situation:
I have a developed a webapp using django which uses the default authentication middleware.All the views are login_required. Now client wants when he will login into CRM then webapp will open in an iframe and he should be auto logged inside django webapp as well.
Issues:
Opening webapp inside an iframe in CRM can be done. But how can django webapp create a session for the user logged in inside CRM? Django uses its own authentication, CRM uses its own. Even If i link Django authentication with azure active directory , still username and password has to be entered in the iframe.I cannot figure out how auto login will be done.
Update
I don't have CRM screenshot with me but i have the same use case in microsoft teams.
Now in this image my webapp is opened in teams tab and what i know tabs use iframe to open the page.The username and password which is being asked in the screenshot are validated by Django Authentication Backend. Once username and password are entered and verified, dashboard will open.
Requirement:
I don't want this login page to be opened , i want that dashboard will open directly. In simple words, authenticating in teams should authenticate my Django app as well.
In ROPC , username(userPrinicpalName) and password are required, how will django webapp opened in iframe will access username and password? I don't think that client can simply store password in browser's local storage as passwords are encrypted.
Second approach:
Right now dashboard opens at www.example.com. I can create a url like www.example.com/<id_token>/ and when this url will hit my server , i can validate this id_token and authenticate the user. But question here is does CRM has the ability to provide id_token in iframe src?
P.S: I don't have Microsoft Dynamics screenshot with me but i quickly implemented this in teams as i think use case is same.
Newest
Or you can use Microsoft identity platform and the OAuth 2.0 client credentials flow.
Post
1. 401- Unauthorized authentication using REST API Dynamics CRM with Azure AD
You can use ROPC flow to achieve this requirement.
I believe that any page opened by your iframe should have a parameter to record user information, right, suppose it is an id token. When you open the page in your iframe, when the page is initialized, that is, use ROPC flow in $(documnet).ready(function(){}) to log in silently. There will be no pop-up window prompting you to log in, wait for success After that, the callback method will get the id token so you can achieve your needs.
The above is just an idea, the specific implementation can be coded according to the needs of the project.
For more details, you can refer my answer in below posts.
1. Could I sign into embedded PowerApp via Microsoft LiveID Account “quietly”?
2. Is there a way to improve the performance of MSAL-browser js login?
3. How to tell if a user has an active Azure session, in html page, before SSO?
Rulerr.com is a permissions management and threat intelligence system which aggregates many sources of information into a single application for Enterprise.
I can see that we can pull activity reports on admin activities and user login info from the API, but we are looking to pull other risk profiling/threat intelligence data from GSuite API such as:
password strength per user (not the password itself)
when the password was last changed
elements in the system that have been accessed by a user, and associated data (timestamps etc)
Does anyone know if it is possible to pull this data from the admin SDK API?
password strength per user (not the password itself)
No. See Listing Password complexity Google Admin SDK.
when the password was last changed
You have to track this yourself. I guess every Users: update.
elements in the system that have been accessed by a user, and associated data (timestamps etc)
Usage details that the user has can be retrieved through the Reports API. However, there are only specific parameters that you can retrieve. AFAIK, other details that are not available (like when the last password was changed) should be monitored by the developer themselves.
If you feel like this would be really useful, I would suggest that you File a Feature Request.
I'm trying to figure out how to use the externalIDs fields for all of our organization's users.
Right now, no user has an externalID. Is it possible to update a user's externalID information from the admin console, and give new users that same information when they are created individually through the admin console (using these procedures)?
Thank you!
The external Ids and other custom user fields do not appear in the Google Workspace admin, but they can be found in 'Manage your Google Account' for each user (admins would have to login as the user to see them).
Follow this path
Manage your Google Account
Data and privacy
Under Info you can share with others
Profile Your info and who can see it
Organization info, See organization info
Contact info (the external IDs and other custom fields are found here)
It appears that these can only be edited via script
Hope this helps
I have been trying to use django-allauth to provide Social registration, but I am having trouble configuring the profiles for the user. There is no documentation of django-allauth which tells
how a django user account is created when a user logs in via a third party such as facebook
What username is assigned to that user and what password is used.
Certain third party providers such as Facebook provide a lot of information about the user such as their name, email etc. so how can we get them and save in the user account/profile
If anybody has used allauth in their projects and can provide some details then it would be really helpful.
I am using django_allauth in my project.
(1) How a django user account is created when a user logs in via a third party such as facebook ?
You should take a look at :
your admin panel and see what happens when somebody logs in.
allauth.facebook.views.login and try to track the login process
It is something like this (in a few words):
When a user logs in your site via his Facebook credentials he is given an access token
This token is saved in the FACEBOOK_ACCESS_TOKENS table (you can see it in the admin panel)
With this access token and with the help of Facebook GraphApi we know his social_id
When we know his social_id - we can have his Facebook account from our database
If we haven't saved it in the db already - we save the Facebook account in the FACEBOOK_ACCOUNTS table (Facebook Accounts in the admin panel)
Then we create a user in the USERS table with the data present in the Facebook account. (you can see the new user in the Users section in the admin panel)
(2) What username is assigned to that user and what password is used ?
As I mentioned before with the help of Facebook GraphApi we get the username of the Facebook user and it is assigned to the User profile as User.username
(3) Certain third party providers such as Facebook provide a lot of information about the user such as their name, email etc. so how can we get them and save in the user account/profile?
Again - the Facebook GraphApi - it gets you the info you need.
I have integrated django_allauth in my site and it is working properly. I will be happy to answer(if I can) if you have more questions.
EDIT - For the avatar support...
I think you have to take a look at the django_allauth settings and particularly in:
SOCIALACCOUNT_AVATAR_SUPPORT (= 'avatar' in settings.INSTALLED_APPS)
Enable support for django-avatar. When enabled, the profile image of
the user is copied locally into django-avatar at signup.