Hi I have one question App registration certification part, how can we upload, update and even remove certifications by REST API?
I had found one api named "addKey" in graph API, but not sure whether it is what I need since I had tried to use postman to send request, but response replied invalid audience, but my token had included it... any idea?
postman details for addKey
access token request details.
Hi I have already found the solution.
the key is to invoke the rest API by patch, and the URL is:
https://graph.microsoft.com/v1.0/applications/{your object id}
This one needs one token, and the token generator needs to contains the resource 00000003-0000-0000-c000-000000000000 that represents graph API.
and dont forget to make configuration in APP registration.
Here is my current API permission list. It works for me.
Related
My users using AAM API endpoint for a third-party service that requires a webhook - and I need to show usage of this endpoint in User Reports
Third-party API does not support headers and I can't pass Ocp-Apim-Subscription-Key user subscription key to it, and the request will be called anonymously.
As far as I understand that will not allow counting that request in User Reports.
But I can use a token URI parameter to manually get subscription-id and keys for it, with send-request policy.
If I do this is there a way to add the Ocp-Apim-Subscription-Key header to (running?) request in order to perform it on behalf of user subscription?
So far, I can only think about wrapping the required request in another AAM request which will use send-request and set-header policies like that
> POST /endpoint/telegram/public/token123
>> <send-request>GET /token123/keys/primary</send-request>
> POST /endpoint/telegram/token123 +H 'Ocp-Apim-Subscription-Key:key123'
I returned to this question after a couple of days and feel extremely embarrassing now.
To perform a request on behalf of the User I can use the API key in the query instead of the header, there are literally separate setting for that
That solves everything.
You may try to integrate with Application insight to monitor details : How to integrate Azure API Management with Azure Application Insights
Also, you can leverage the metrices to analyze the request pattern.
Based on any condition you may create alert to notify you as well : https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-use-azure-monitor
I'm attempting to use the new Constant Contact V3 API to add a new email contact. I've been reading the docs: https://v3.developer.constantcontact.com/api_guide/client_flow.html, and trying it out and it seems like the only way to do this now is to make an authentication request, approve the request and then retrieve and access token that is valid for only 2 hours.
I need to have access from my server only and just send an add contact request to Constant Contact. I don't understand why I require to have a redirect uri now and an access token to use the V3 api instead of just using the api key.
With the V2 api I was able to make these types of requests directly from the server without hassle and that's exactly what I need now. The V2 documentation seems to be taken down so I can no longer do that so I'm stuck.
Any help is appreciated.
Based on this link: https://community.constantcontact.com/t5/Developer-Support-ask-questions/v2-or-v3-API-for-very-basic-integration/m-p/324777#M11434, it seems like server-to-server auth is not available still. For those of you who have the same issue, use Mail Chimp or another service that has basic api requirements.
You can get INITIAL Access Token without any code - just use your browser and curl. The Access Token is valid for 24 h, but you can automatically renew it using Refresh Token. You can renew it automatically every time it expires and never need to proceed through INITIAL flow over again. You can read about it here. If you are using C#, I have templates and instructions exactly for your scenario here: https://github.com/mikeks/constantcontact-v3.
I've looked at various approaches to this but I'm yet to find one that is perfect for my set up.
I have a UI that calls the api to present data to a user - the UI doesn't require someone to login and i don't want to authenticate every user. What i'm trying to do is simply protect the api because with the url to the api, anyone will be able to access the data.
In my mind, i can create a password/ apikey of some sort and store that as an environment variable that is sent from the UI to the API whenever a request is made. On the API, that apikey/password is validated before allowing access to the api.
Does this sound wise? Would you suggest something else? Have i missed anything. All thoughts are welcome.
The solution sounds good to me. You can do something like this:
back-end: create a new REST endpoint (something like /api/get-token) in your Node.JS application which generates a token (or ID), saves it locally (maybe into a DBMS) and returns it as response. Then, in every endpoint you need to protect, you extract the token from the request and, before sending any "private" data, you check if the supplied token is valid, or not.
front-end: as soon as your application is loaded, you send a request to the newly created REST endpoint and store the given token locally (localStorage should be fine). Then, every time the UI needs to access "private" data, you simply supply the claim within the request.
The implementation should be pretty straight forward.
I'm looking at the Logic Apps Yammer connector.
When we put a message on Yammer we want to find out who has read it. Is there a way to find a list of people in a Yammer group who have not read a Yammer message?
If it can't be done in Logic Apps, is there another way to do it?
As a workaround, I'm trying to do this on the basis of who has liked a message and have done this in Logic apps. It gives a message that the response is not in JSON format. Also, it gives me the number of likes rather than a list of people who have liked it.
This is what I put into the HTTP request
After our chat I tried this
and this
and got this error message.
"error": "invalid_request",
"error_description": "AADSTS900144: The request body must contain the following parameter: 'grant_type'.\r\nTrace ID: d41c78c7-afa5-405f-8f52-8b587ecf1a00\r\nCorrelation ID: 9ffd2247-78ca-4be2-8111-c17a95a830d6\r\nTimestamp: 2020-01-23 10:09:55Z",
"error_codes": [
900144
]
I also tried putting in my Azure directory id in place of tenant id. It failed with and without the directory id.
It seems there isn't an action in logic app Yammer connector which can get the list of users in a group who haven't read a message. And I checked all of the rest api in Yammer api document. Just find a rest api which can get the users in a group:
https://www.yammer.com/api/v1/users/in_group/:Group_Id.json
So I think neither yammer rest api nor logic app can not implement this requirement of get the list of users in a group who haven't read a message.
Update:
For your question about how to implement the workaround in logic app, as I don't have yammer app and account, so I can just provide some suggestions for your reference.
Since the yammer actions in logic app are very limited, so we can just use yammer Apis in logic according to HTTP action.
First we need to get access token from yammer, you can refer to this tutorial and refer to the C. App Authentication title in it. Put this post url in HTTP action in logic app and get the response body. Parse the response body and get the token property under the access_token property. Then we can use this token in the apis which we will call in the next HTTP actions.
Then, call this api in HTTP action(choose "Get" as the method) with the token which we got above to get the users who like the message, the url should be like this:
https://www.yammer.com/api/v1/users/liked_message/:Message_id.json?access_token=<<ACCESSTOKEN>>
Get the response body(and parse it in json type in array) from the api above and then call the other api in HTTP action(with access token) to get the users in one group. Also get the response body from it and parse it in json type and store in array.
After that, use two nested "For each" actions in logic app to loop the two array and compare them. Then we can get the result which you want.
Update 2:
Today I have created one account and made it as sandbox users list now I made a request (https://api.instagram.com/v1/users/self/media/recent/?access_token=ACCESS-TOKEN) now I am unable to get comment data from instagram api response.
I am able to get number of comments count but not able to get the comment data.
Am I missing while making authentication or do we need any particular access permissions required?