I want to use GitHub REST API to retrieve information about users, repositories, and organizations. In my service I need to store a unique key for each of those entities. I was thinking of the user handle, repository and org names, but then read about the possibility of renaming each of them. Seems the numeric id field is immutable, so I want to store that one. And for each of these three entities there are two endpoints - one for retrieving by the names, another by id:
Entity
API endpoint by name
API endpoint by id
user
/users/{username}
/user/{user_id}
org
/orgs/{org_name}
/orgs/{org_id} and /organizations/{org_id}
repo
/repos/{owner}/{repo}
/repositories/{repo_id}
Everything works as expected. The only issue is that the APIs that accept id are not publicly/officially documented in their REST API documentation. Now I wonder if I can take dependency on those, or they are deprecated, or will be deprecated soon. Would appreciate if someone with insider knowledge can respond.
Related
The task is as follows:
There is a list of users from Binance exchange, each user can create an order on the Binance exchange. It is necessary to implement a mechanism for tracking user orders on the Binance exchange through a single connection.
There are a lot of users. A lot of tokens and secret keys. One connection.
I use the node js library "binance-api-node".
But I am ready to hear any solutions to the problem.
Orders sent through the POST /api/v3/order endpoint (client.order() in the library) return a unique newClientOrderId (or you can specify your own and send it with the request payload). You can store it in your app in relation with the order and the user.
Orders that have been created using a different way (e.g. the Binance UI) are a little more complicated. You can receive the list of orders per API key, for example with the GET /api/v3/allOrders endpoint. Each order again contains a unique clientOrderId, and since you know the API key that you used to query these orders, you can make a relation between the clientOrderId and your user.
Note that each Binance account can have multiple API keys and there is no easy way to determine whether two API keys belong to the same Binance account or not. See this answer for more info.
Because each authenticated REST endpoint requires exactly one API key (and some endpoints also require exactly one corresponding secret key to sign the payload), it is not possible to communicate with the API on behalf of multiple API keys in a single connection.
You'll need to make a separate request for each of the API keys.
I am successful of fetching my own data using Instagram Graph Api but unable to find a way to get other person's data.
Official document clearly state that metadata of basic data for other Instagram businesses and creators are obtainable but not been able to find any code or document about it.
If anybody know how to do it I would love to know.
Even providing me a link to document or web page that have said information is hugely appriciated.
official document
https://developers.facebook.com/docs/instagram-api
This is described in the Business Discovery documentation. See also the API reference.
The tricky part is that you need to provide your account ID in the URL. (Basically, your account's node is used to access the business_discovery edge.)
You provide the target account's username in the field parameter, for example:
https://graph.facebook.com/v3.2/YOUR_ACCOUNT_ID?fields=business_discovery.username(bluebottle){followers_count,media_count}&access_token={access-token}
Where bluebottle is the username of the account you want data for.
Mind that this really works with business and creators accounts, so you won't obtain data for any random account this way.
I'm trying to build flutter e-commerce application backend node.js which has PayPal integration and I'm using the V2 version since v1 is deprecated and I don't know where to insert a unique identifier like its DB id for the user when I create the order then I will identify which user pay the payment when I capture the order
I'm using the #paypal/checkout-server-SDK package to handle the backend.
sorry for my English
If you need the information to be stored as part of the PayPal order record, you can specify a custom_id when creating the order.
If you just need to keep track of the ID between creation and capture steps, there are many ways to store information temporarily in node, including in a web session, for instance using express-session. There are many tutorials.
Throughout my career, I've relied on and used various API services in my project. I saw multiple mechanisms of how these APIs are secured, but most common one seems to be via API Keys.
I am now planning to build out my own API service and being unfamiliar with security part of this I had few questions:
So far, what I gathered is to do the following: Create API key, store it's hash in db, only show api key to user 1 time, check for api key in requests and rate-limit based on it.
But above raises one concern, if someone was to inspect customer website they could easily get this api key (if customer is calling api directly from their front end) and abuse it, correct? This can be done in form of constantly hitting rate-limits or sending bad data to customers dashboard.
I feel like I am missing few key parts here and would appreciate if someone could outline best practices of how this is done nowadays in NodeJS. Thank you.
EDIT: Users of such service would be developers utalizing this API in their product
I am using Instagram's User Endpoint in an attempt to retrieve media from people who I'm following.
I have a sandbox working with other members of my team, with each of us following the others.
I have authenticated myself through the server-side flow as indicated here and retrieved a list of ids of the people I follow (namely the members of my team) via the Relationship Endpoint.
In trying to get user media for those ids, however, I receive:
{"meta":{"error_type":"APINotAllowedError","code":400,"error_message":"you cannot view this resource"}}
Indicating an error because they have private profiles.
Is there anyway getting around this, seeing as I am actually an approved follower?
Thanks in advance.