I am trying setup Keycloak email with gmail.
setup is easy, sample in this tutorial:
https://dev.to/rounakcodes/keycloak-configure-realm-email-settings-gmail-3dfn/
problem is with google settings, from May 30, 2022 google turn off Less secure apps what is necessary to connect gmail account with Keycloak (Keycloack is using only username and password to authorize gmail)
Maybe someone have idea how to workaround this problem?
Same problem is with google workspace, right now it's working but They Are going to turn it off.
Since the less secure app feature is removed we have to follow these below steps to use Gmail via third party software that is App password
Step 1: setup 2-Step Verification:- Google Account -> Security -> 2-Step Verification -> Input password as asked -> Turn ON (you could use SMS to get Gmail code to activate 2-Step Verification)
Step 2: Generate app secret:- Google Account -> Security -> App password -> Input password as asked -> Select the app and device... -> e.g. Other(keycloak example) -> Input app name e.g. MyApp -> Generate
Step 3: Use generated app secret:- Copy a 16-character password
Use a 16-character password (instead of actual password) with Gmail username in your application
This worked for me
try to generate App password https://myaccount.google.com/apppasswords and use it as SMTP password in "Email" configuration. It works for me on local build
I've found an answer here - https://groups.google.com/g/keycloak-user/c/PPtjMHJKwG0
Related
I have configured a bot in azure portal and added Slack as a channel. And, I have configured the slack channel details such as Client ID, Secret, Signing Secret, Scopes and the various URLs. Please see the picture below.
Now when I use the link (Add to slack), after giving the permission to access my slack workspace, I am taken to https://dev.botframework.com/. I would rather expect to be taken to either the slack web app or the slack desktop app. What am I missing to configure/do? Please help.
In interactive components we need to give a "Request URL"
Check whether it was mentioned as:
https://slack.botframework.com/api/Actions
If this doesn't work as per requirement. Kindly re-generate Secret ID and Verification Token and check with the landing URL.
There is no restriction to use either Slack web app or desktop app. It can work on both if the landing page and app setup was done perfectly. Once regenerate the Client secret ID and Verification Token.
I was reading the Outlook mails through EWS using python exchangelib module
credentials I was using for authentication: email & app password
Due to some security reasons the platform team have disabled the App password feature and I ended up accessing the mail box as am not sure how to access mail box without App password ???
If there is any alternative to App password please suggest me..
Note: My python script was running in Linux VM
When you use an email & app password this is using Basic Authentication which is why your platform team has disabled it. You need to move to using oAuth https://ecederstrand.github.io/exchangelib/#oauth-authentication and make use of the client_credentials flow https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow. So you then use a client secret or certificate rather then username & pword. When using this flow you need to make sure you impersonate the Mailbox your trying to access and also don't use Autodiscover because that will fail with that flow. By default this will give you access to all mailboxes in a tenant so if this is a problem you can scope it down to just the mailboxes you need to access https://techcommunity.microsoft.com/t5/exchange-team-blog/application-access-policy-support-in-ews/ba-p/2110361
I would like to build a very simple Angular 4 app with a WepApi Service as backend.
I would also like to have users register with my app (the basic "create user" - "validate email" - "log in" workflow).
The user/passwords should be stored with my own app (SQL database).
Where would I go for this very basic information? I am highly frustrated with all the "look it's so easy, you can use ANY social media account! Facebook, Twitter, Google, Microsoft! Just three clicks and all is super-secure with OAuth" talk.
Please point me in the right direction - finding this very basic information seems impossible to me.
what i have done is :
Step 1 : call facebook auth from client it returns me id,
profile etc,
Step 2 : then I send fb id to the server (deployed on azure), where it
checks if this fb id already exists in database it redirects to login,
otherwise it creates a new user
you can also authenticate fb token on server side also for more security.
for login with facebook scenario this question might help you.
I would recommend you to use Azure App Service along with Easy Authentication as it allows you to configure your app along with Facebook/Twitter/Google/MSA.
For Starters see this:
How authentication works in App Service
How authorization works in App Service
The following tutorials show how to configure App Service to use different authentication providers:
How to configure your app to use Azure Active Directory login
How to configure your app to use Facebook login
How to configure your app to use Google login
How to configure your app to use Microsoft Account login
How to configure your app to use Twitter login
The above steps do not require you to write any code. However if you need to authorize then you need to handle that in your application.
The above should get you started. Also see this thread where I shared insights on how you can query Facebook: Correct Facebook Graph Api Video Insitghts Request PHP SDK
I also have a blogpost on this here:
Azure App Service: Using Easy Auth to query Facebook information via Graph API
I ran Google Cloud Security Scanner against my Google App Engine app. I asked it to authenticate against a "Non-Google Account" -- in other words, user-name/password fields in my webapp. However, I get back the message "Could not sign in using the provided username and password" each time.
(I tried it several times, specifying different user-agents and credentials and against two variants of my login page; and of course confirming that the credentials work when typed in manually. I have the necessary Editor-level permissions on the Google Cloud project.)
What do I need to do to get the Scanner to authenticate?
Here's what the docs say about Non-Google account authentication:
Note that support for login forms is still in development, and may not
work out-of-the-box with your system. If you have confirmed your test
account is able to login manually, but not in Cloud Security Scanner,
use the feedback option within the tools to request support.
One possible workaround is to create a simplified alternative login form for the purposes of using the scanner if it's unable to work with the current one.
I simply added the following SMTP details:
What's wrong with my configuration then?
Why is that I can't receive any new emails on my gmail account.
Please help me with these. Thank you.
I recently came across this issue. Specifically for Gmail I had go to my Google Account Settings and first enable 2-Step Verification. Once that was enabled I could create 'App Passwords'.
This creates a custom password for login and bypasses the 2-step verification. Copy and paste that in your password for login.
The reason this did not work for me even without 2-Step verification enabled is because it was presenting the application originally with a Captcha to solve.