I created a web-application that agencies can use via white-label so my brand is 100% removed and replaced with theirs. I have a completely irrelevant primary domain they can use and they get a subdomain on that primary domain... we'll call it defaulturl.com. So their custom URL would be something like "agency.defaulturl.com"
I have everything working except I am trying to make emails coming from the application come from their custom domain. So I need to create some sort of "wildcard" verified identity in Amazon SES so these subdomains works.
I was able to get *#defaulturl.com to work, but this isn't their domain. I instead need something like *#*.defaulturl.com.
I've tried with no avail, is this possible?
Related
We have an app that let our users use their own domain to access our platform.
For example, if our website domain is "abc.com", we allow our user to use their own domain (for example "external.net") by setting this domain to point to our server.
To achieve it, we need to set their domain each time in our "Google Console"(/Microsoft) so that the authentication (we do have a login of course) will work with their domain as well...
The thing is that we think maybe we could accomplish such a result by just forcing all our users to use our main domain (abc.com) and just after they log in, we will redirect them to their domain.
It will save us the time to add each time their domain to "Google Console"(/Microsoft).
The question is if it's something that we really can do, or google will disallow such auth if which user comes from A domain, and will use B domain with the token he got from A domain.
*If such a thing is not allowed, is it allowed by using my subdomains? like user1.abc.com / user2.abc.com etc... without having to fill those subdomains in the provider console (Google/Microsoft).
I hope the question is clear enough,
Thanks!
A note about verification of your applicaiton.
In order to have this application verified you are going to to Verify your site ownership for every domain listed as a redirect Uri or a JavaScript origin.
So the only way that is going to work is if you can prove you own those domains. By registering them in google search console.
How can we automatically add the redirect URI in the Quickbooks auth using some API?
Edit:- In my case, my website has functionality of creating sub-domain on the basis of some random keywords. Suppose if my website is facebook.com and someone creates his own company inside it
Company name Website
1. tata tata.facebook.com
2. tesla tesla.facebook.com
So I want to add the website url name to the redirect URI as soon as company is created. I don't want to add it like manually.
How can we automatically add the redirect URI in the Quickbooks auth using some API?
You can't.
In my case, my website has functionality of creating sub-domain on the basis of some random keywords.
You won't be able to do this.
A better way to handle this is to have a single domain dedicated to the OAuth handshake for new connections, and always use that domain. You can use the state parameter of OAuth to track who is connecting so you know the correct subdomain to bounce them back to after OAuth redirect.
Intuit (and most other cloud providers) do not allow wildcards or dynamic domains because there are some significant security risks to doing so:
https://www.rfc-editor.org/rfc/rfc6819#section-5.2.3.5
http://technotes.iangreenleaf.com/posts/closing-another-nasty-security-hole-in-oauth.html
https://security.stackexchange.com/questions/180505/why-is-a-wildcard-subdomain-callback-url-in-oauth-considered-unsafe
I want to create a subdomain per user, eg: "bumpy.example.com". How do I do this? I'm using express, Heroku, Cloudflare, and Namecheap (domain provider, but Cloudflare is my nameserver). If you could provide steps that would be great.
So a few steps:
You need a custom domain name (ie: example.com).
Then you need a wildcard SSL for that domain name: (ie: *.example.com).
Then you need to setup your routing system to make use of that domain name, sadly not familiar with express, so this is as much as I can help you, but the gist is that you store the subdomain value for each user.
Also searching online for things like Express <name of the database you use> Multi-tenancy might help in terms of finding libraries to handle the backend logic.
I am trying to create a saas and for that, I need to create an API and I am not sure how can I create an endpoint like this https://api.karix.io/message/ here domain is https://api.karix.io and endpoint is the message. I know how to create an API using nodejs but not sure how can I create for the domain-specific.can anyone help me with this problem?
A domain is basically a link to an ip-adress. There are DNS-Servers who transate between the human readable form and the ip.
If you want to run your app on a specific domain you need to purchase that domain (which can be quite costly) and the dns Server will create a link between the domain name and ip adress.
So basically you dont need to do anything in order to create the rest-api for your domain.
Later the request are similiar to this:
https://api.karix.io/message/
http://192.168.111.111:80/message <- The ip obviously differs in production
The name of the domain should be accessible in your request-Object atleast in the express framework.
I have registered a domain (though there is no hosting yet, just name registration) and I am trying to set up google apps so that I can have email, but I cannot figure it out. Is there something I am missing? I feel like it should be easier than it is right now.
You need to correctly set the MX records at your registrar.
Have you proved domain ownership including a CNAME record in your DNS server? Just follow the instructions.
If you don't have access to your DNS server for adding records, and don't have a webserver where you can put a verification file I think you wont be able do setup e-mail.
If you already have the domain, you just need to follow the registration process, you will be taken through all the steps. If you got to the Admin Console you should have a message bar Top of the page with Verify Domain.
the best way to do it is to try the new Learning Center, http://learn.googleapps.com/.