is there any other route other than the route mentioned in another post (pasted the post details below), where need to look into a bunch of files and understand the api's exposed.
=====
Yes its possible. All the functions in EMM are exposed as APIs. You better look at the scripts at wso2emm-1.1.0\repository\deployment\server\jaggeryapps\emm\api to get an idea on the APIs in EMM. You can find the endpoints inside those js filese. Also please note that this app is written using JaggeryJS. For the authentication you may look at SAML sso which has been used in EMM. For this you could use a modal dialog to load the SSO page or else you may modify it to support OAuth as follows.
WSO2 EMM does not expose any APIs, that supports registering a device other than Android or iOS as they are the supported platforms. The quoted text is from a question related to iOS.
Related
Looking into how to manage (in our case just list and get properties of) the SAML application that we have created via the "Web and Mobile Apps" section of the google console.
I don't see any reference to how to get this information from the https://developers.google.com/admin-sdk/directory/reference/rest documentation.
Is this API available somewhere else?
It is not possible. All you can use are the API methods listed in the documentation you shared, however you can only see the SAML apps from the Admin console web UI.
You can also request this as a feature using the "Missing features" option, to see if they have the chance to develop something like this.
I would like to implement automatic rules of API Goverment in a WSO2 API Manager platform like, for example, validating context with a regular expresion, or version numbering or API name or API resources endpoint naming or parameters, etc.
I checked in version 2.6.0 (and previous versions of major 2) that it can be done in jaggery apps of publisher, but this is a mix of data and presentation (view structure with js and html) and it is not a clear and right way to implement it.
Is there any rules engine or other dedicated mechanism to do it? If not, is it in the roadmap of WSO2 AM to add this kind of features? It would be great.
APIM 3.x onwards UIs are implemented using react and backend services are exposed via REST APIs. SO from this version onwards, this is clearly separated. UI level validations can be changed in the React and if there are any additional validations required, REST API interceptors or workflow interceptors can be used to enforce any validations.
Recently I received this Alert in the Google Play Console
Your app contains exposed Google Cloud Platform (GCP) API keys
I am using the YouTubeApi Player, and I believe the only why you can initialize it is using this line of code
youTubePlayer.initialize(DEVELOPER_KEY, this);
So beside added restrictions to my API key, is there any other way to remove the API Key from the code?
I tried using the GCP service accounts as suggested by Google, but I do not see how I can still use the YouTube Player without the initialize line of code.
I have same problem, and fixed this by using string R.string.google_api_key generated by google_services.json
change your code to:
youTubePlayer.initialize(getString(R.string.google_api_key), this);
how to get google_services.json:
create firebase project https://firebase.google.com/docs/android/setup?hl=id
get your google_services.json https://support.google.com/firebase/answer/7015592?hl=id
There are some tips on how to secure your API keys at Using API Keys documentation.
It is stated that embedding API keys directly in the code should be avoided, which is the way you are having it right now, therefore you are getting the warning message.
Follow the tips on that page and you should properly secure your API key. As soon as you do so, the warning will go away.
UPDATE
To avoid having a long discussion in comments, allow me to elaborate further providing this update.
Google provides different ways of authentications to give you more options for securing your apps based on your needs. The warnings are helpful tips to make your apps more secure when going in production or exposing to public. So in your case, it would be better to use a different way of authentication.
API keys can be used in server side. e.g. If you are using an API key to authenticate a 3rd party service from an App Engine app, you can use this key as you already have it, since it is impossible for the key to get exposed. (Avoid using API keys in JavaScript since inspecting the page in the browser will expose the API key as well)
In your case, since you are developing an Android app and/or an iOS app, having the API key in the code is dangerous. Because, anyone can use the .apk or the .ipa file and find a way to access it. Therefore, for developing Android apps and iOS apps it is suggested going with different authentication method. The other authentication method supported in YouTube player API is using OAuth 2.0. For more information you can check the Registering your application documentation.
WSO2 reached out to me in Twitter and told me to put a question here if I had one.
My client wants to customize (for now it only means changing the layout of things) the API Publisher and API Store from a WSO2 API Manager 2.0.0.
Since I know that inevitably we will get to the point where the changes are going to be profound and require external libraries for new functionality (we have a library of AngularJS code which I know they will want to use), I want to know:
What is the official, recommended way to customize and extend the web applications for the API Store and the API Publisher? I need to have version control, unit testing, etc.
Is there a way to move these web apps out of the APIM server and into their own server? All our UI applications are hosted in a specific server.
Realistically, how much change can I introduce before make making an awful mess?
Thank you.
You can create new themes and subthemes for API publisher and store UIs. You can refer docs here.
Please note that publisher and store apps are written in Jaggery. You need a Jaggery server to host Jaggery apps.
If you want to add more functionality to the UI, you can either write jaggery, or you'll have to write your own web application (maybe with AngularJS or any other). In that case, you can use APIM REST APIs to talk to APIM backend.
I am looking into WSO2 EMM and can't figure one thing: is there a way to expose its API to build a native application store for iPhone? Somewhat a set of basic functions will do:
Authentication
List of applications
Search for application
Install & Uninstall an application
Yes its possible. All the functions in EMM are exposed as APIs. You better look at the scripts at wso2emm-1.1.0\repository\deployment\server\jaggeryapps\emm\api to get an idea on the APIs in EMM. You can find the endpoints inside those js filese. Also please note that this app is written using JaggeryJS. For the authentication you may look at SAML sso which has been used in EMM. For this you could use a modal dialog to load the SSO page or else you may modify it to support OAuth as follows.