-Been trying to get into binance oauth. The doc didn't mention where can i get my client id.
From the docs that you linked:
To begin, your application should identify the needed permissions (scope) firstly. Setup and register your application with Binance Accounts, and get your client_id . For now, please contact us.
So according to the docs, there's currently no automated process and you'll need to contact Binance to get the OAuth2 client_id for your app.
Related
We have done one CRM integration where we as an CRM have our own docusign pro account.
We completed the GoLive process successfully and have all required data like Integration key, Account Id, Client Id and Secret Key for App.
Now this CRM integration will be used as an mediator for our clients who will have their own purchased docusign accounts.
So till now we have 2 accounts,
CRM Integration docusign account with GoLive status.
Client account to send their own documents for eSign through our CRM integration.
What we have achieved till now?
We completed the consent flow where we redirect our clients to docusign consent page where they provide consent to our app by login into their docusign account. In this flow we use CRM integration account id in URL which takes our client for consent page. On confirm the client will be redirected back to CRM with auth code attached in redirect URL.
We use this auth code to get access token for this client. We use CRMs account id, Integration App secret key and clients auth code to get the access token. We are successful in this too. We get clients access token. No Issues.
Now when our client is trying to send a document for eSign using the access token received in step 2 above, the docusign throws an error saying INVALID_USER.
I have referred to this post Simillar Issue it kind of approves of what we are trying to achieve but it is failing with error.
Let me try to explain and make sure it's clear.
The IK (Integration Key) is global for the entire environment. By environment I mean either the developer environment, or the production environment. When you went live and completed the process using a production environment - you made your IK available for any account and any user in the production environment.
Now, when you get an access token to make API calls, this token is for a specific userId. The userId can be a member of one ore more accounts as showed in this diagram:
The userId is provided by the user logging in when given the option to consent. So when you doing your consent flow, there's a web browser and user that logs in, that is the userId that consent.
Separately, when you request a token using JWT grant, you provide a userId, that userId is a GUID for a unique user in the system.
This GUID must be for the same exact production user that gave consent. That's first thing to confirm.
Now, if you already have an access token to make API calls, when you make a specific API call, you need to provide an accountID. That's another GUID representing an account, not a user. The userId that was provided to the JWT Grant flow must represent a user that has a membership (it is a member of) in the account for which you provided a GUID (a user can be a member of more than one account). That is the second thing to check.
Lastly, there's a baseURI that is used to make API calls and it can be different for different accounts. You need to also confirm you are using the correct one.
I have an secured API student API which I am able to access via OAuth2.0 client credentials flow which creates an access token using IConfidentialClientApplication app and accesses secured app.
Now comes to access the secured API using OAuth 2.0 Resource Owner Password credentials. I have mostly used the code in microsoft github page.
https://github.com/azure-samples/active-directory-dotnetcore-console-up-v2
I am able to sign in using username and password, able to generate access token as well. But this access token is not able to access my secured student API. Though the sample code is able to access the Microsoft graph API, it is not able to access my secured API.
I tried to allow public client flow for my secured student API as well and decrypted both the access tokens to see the difference. There is a lot of difference. What I noticed here is in ROPC flow are using IPublicClientApplication where I am not able to give the ResourceId while acquiring token. So "aud" is different in ROPC token and other fields as well.
Can anyone tell where I may be going wrong or how to fix the above scenario?
I think you may need to perform these 2 steps to get a token valid for your own API:
Expose an API scope in your Azure AD API Configuration
Add an API permission in your Azure AD Password Client Configuration
See step 6 of my Azure AD Blog Post for how this looks. The article also explains some token differences.
I've been searching for a couple days, and I can't seem to find a straightforward guide on how to set up Authorization (AuthZ) between an AAD App and my AAD Web API set up in App Service. I've tried things like this official guide, but I can't seem to get calls with a Bearer token from the client app to work.
Has anyone done this successfully? Is there a step by step guide out there that could help?
Please let me know if there are any questions!
To implement your requirements, you need to expose an api in your AAD Web API first.
Then go to your AAD App which used to request the token, add the permission to it.
Click "Grant admin consent for *" button.
After that, we can request the access token successfully (below I provide a sample use password flow for your reference)
In your Web API app, you need to parse the access token and get the scope permission from the access token. And then determine whether the request has permission.
I have a webapp that wants to access a user's posts via the new Instagram Basic Display API. Everything works and I now want to go live, but I find the App Review process really hard to understand!
The App Review documentation states that you have to demonstrate in a screencast how the reviewer can log in to your app, request authentication from Instagram and then make use of the Basic Display API. I have created a test account in my webapp and provided those credentials to the app reviewers. The question is what Instagram account they are meant to connect to.
I would assume that they have their own special Instagram accounts that are pre-approved to all in-development applications. But just in case that wasn't the case, I created an Instagram Account just for this purpose and gave its test credentials to the app reviewers.
My review was just rejected, with the screenshot below given as a reason. Turns out that the reviewers did in fact try to use my test instagram account, but Instagram thought their login attempt was suspicious and wanted to confirm that they really own the account.
What am I meant to do with this? Facebook owns Instagram, and I am trying to get access to Instagram's API, but their Facebook app reviewers don't seem able to test their own Instagram Basic Display API!
The only thing I can think of is giving them access to the test account's webmail so they can unlock their own suspicious login attempt.
Is it really meant to be this difficult?]1
I tried to test the translate api. Adm.py on Microsoft git-hub (https://github.com/MicrosoftTranslator/Python-Speech-Translate) requires a client_id and a client_secret. I only have a subscription ID and 2 keys. I have tried every combination but nothing works. Where do I get a client_id and client_secret?
Here's the link to the Microsoft Cognitive Services API, you need to register there and obtain an API key.
You need to set up Service Principal for API to API authentication. You can visit this link to configure the same. Keys in the article is the client secret that you require. More information about this can be found here