Using your API for an fun app I am developing and I just started using your eendpoints, This particular endpoint gives me this responseError:
body: '{"errors":[{"status":500,"code":141,"title":"SYSTEM ERROR HAS OCCURRED","detail":"ORIGIN AND DESTINATION NOT ALLOWED FOR AMA4DEV EXTREME SEARCH REQUESTS ON ENVIRONMENT"}]}',
The endpoint I am hitting is:
amadeus.shopping.flightDates.get({
origin : 'PHX',
destination : 'MEX'
}).then(function(response){
console.log(response.data);
}).catch(function(responseError){
console.log(responseError.response);
});
To make sure it was not something with the auth token/secret I made sure to make a test call using your example on github that works which was:
amadeus.shopping.flightDates.get({
origin : 'MUC',
destination : 'MAD'
}).then(function(response){
console.log(response.data);
}).catch(function(responseError){
console.log(responseError.response);
});
No problem in hitting that endpoint. Thank you again for looking into this
If you use the test environment: it is free of charge but limited (limited number of API calls you can do per month and limited set of data (a subset of production data)). For each API you can find the data collection available here.
For Flight Cheapest Date Search API, the test environment doesn't have data for PHX as origin.
I tried in production and it does return data. Please note that Flight Inspiration Search and Flight Cheapest Date Search are built on top of a pre-computed cache (in production). As they are inspirational APIs we do not offer all pairs of origin-destination but only the most searched all over the world. If you want to get the full list of origin-destination pairs (even smaller cities), you need to use the Flight Offers Search API.
Related
Years ago I built a temperature sensor that would push (http post) readings to a server / dashboard system I had written. In lieu of expanding requirements, I've decided to switch to Home Assistant as my backend. Though it is possible to send the data to HA, the documentation is spotty. Namely I'm looking for the full JSON for the post body (an OpenAPI spec would be nice) and more details around how sensors function, and things "like can I set a unique_id so that they are editable in HA?", etc.
So far I've been working off the little bits of information around the API, some examples, and inferences from other documents for the python api (internal server code).
REST API
https://developers.home-assistant.io/docs/api/rest/
Sensor post info from HTTP integration
https://www.home-assistant.io/integrations/http/#sensor
General Sensor Docs
https://www.home-assistant.io/integrations/sensor#device-class
Perhaps what you're looking for is value_json?
Here's how I'm fetching value out of a simple webserver which returns this basic json object { key: value }, although one difference is that I'm polling and using GET.
rest:
- resource: http://192.168.0.122/status
sensor:
- name: "Data from my server"
value_template: "{{ value_json.key }}"
Tip: Go to Developer Tools -> Template for a sandbox-like environment where you can rapidly prototype your value_template
We have a GraphQL api that runs on .Net Core. Since all queries are made to the /graphql endpoint we only get one operation "POST /graphql" on the performance page of Azure Application Insights while a REST API would have allowed Aplication Insights to automatically give us the performance per endpoint (ex. GET /users, POST /events, etc...).
To still get performance indicators I added custom Telemetry to our code. When the code to retrieve the users is called I do this:
RequestTelemetry requestTelemetry = new RequestTelemetry
{
Name = "UsersRequest"
};
var operation = _telemetryClient.StartOperation(requestTelemetry);
And when it is all done I do this:
operation.Telemetry.Success = true;
_telemetryClient.StopOperation(operation);
return result;
Then I can see the dependency calls wrapped up inside a "UsersRequest" when I open a "POST /graphql" operation like the screenshot below (imagine that "CustomMiddleware" says "UsersRequest"):
That's already a great help, it's much more clear than having all DB requests under each other without structure.
The only thing missing it's that I can't see the "UsersRequest" or "CustomMiddleware" on the performance page as an operation itself. That would be a massive help, the performance page gives amazing insights. It would be super helpful to be able to see that "UsersRequest" has been called 500 times in the last 24h, that the performance has been degrading in the last 7 days or that the average duration is 50ms.
Thank you!
I'm trying to build a nodejs app that runs and if statement to query multiple api's to return a result. Example, running yelps api first, if it finds then break, else continue query another api such as google places or white pages api until it finds a result.
I am passing in either a name of a business, address to return a telephone number. the results expected are in json. I am drawing a blank.
ideas?
so the way to achieve this is you should be able to make http req from your server side and when a result comes with a response then you should check that response. If your requested answer is not in it then you should keep on trying other API end points untill u come across with a suitable response..
so here are some npm packages to achieve this simply
http - node js built in package
Axios - here
request - here
try using one of these packages .. I would use axios .. read their doc and try to do it .. It should clear somethings out for you
I was not able to get the linked defects from the test, Is there a way to get it through REST API ?
You have to use the Cross-Relations and approach it from the defects side:
.../defects?query={test.id[>=1 And NOT = 5]}
This one will give you all the defects that are connected to the tests with id 1-4.
More info on Cross-Filters here
I use multiple query params to get the defects only for relevant test cycle with following request (otherwise I was fetching too many defects):
.../defects?query={test.id[12345];test-instance.id[6789012]}
I have been reading the documentation at https://docs.truevault.com/ but I am a little confused. I read this on the true vault site:
If you plan on using any of the server-side libraries, please ensure
any hosting environment you use is HIPAA compliant.
I took this to mean that TrueValut could support a standalone (client side only) mobile application architecture. Where the TrueVault API was the only server side interaction.
However my understanding of the documentation is that:
An API_KEY is required to register a new user.
Any API_KEY provides full access to all data vaults and JSON documents stored in TrueVault.
If both of these assumptions are correct that would mean it would be impossible to register new users directly from the client side app, forcing me to use a costly and resource intensive HIPPA compliment web server. The only way to get around this would be top hard code the API_KEY into the app, an obvious no go if that API_KEY can access all of my TrueVault data.
For my use case I have the following requirements for TrueVault for me to be able to consider using it (I would imagine these requirements are the same for anyone looking to develop a client side only healthcare application):
A user can sign up via the API directly from my client side app without requiring any sensitive keys or root auth data.
A user can authenticate using only the data they provided to sign up (username/email/password). My app is multi platform I cant ask them to remember their API keys to log in.
A user can Read/Write/Update/Delete data linked to their profile. They can not access any data from another user using their credentials.
Is TrueVault able to deliver these three basic requirements?
If the answer to this is "No" I would recommend you update this text on your website as there are not going to me any viable HIPPA compliment applications that can be supported by TrueVault without an independent server side interface.
I'm currently using AWS Lambda as a solution. Lambda is HIPPA compliant, more info here. Lambda is also a low cost solution.
Here is an example of the code I'm running on Lambda using Node.js.
var request = require('request-promise');
var _ = require('lodash');
function encodeBase64(str) {
return (new Buffer(str)).toString('base64');
}
var baseUrl = 'https://api.truevault.com/v1/';
var headers = {
'Content-Type': 'application/x-www-form-urlencoded;charset=utf-8'
};
var req = request.defaults({
baseUrl: baseUrl,
headers: _.extend({
Authorization: 'Basic ' + encodeBase64('your api key:')
}, headers),
transform: function(body) {
return JSON.parse(body);
}
});
exports.handler = function(event, context) {
req.post('users', {
form: {
username: event.email,
password: event.password,
attributes: encodeBase64(JSON.stringify({
name: event.name
}))
}
}).then(function() {
context.succeed({user: user});
}).catch(context.fail);
}
In general, you are correct - if you include zero server-side processing between user and TrueVault, then the API keys will be public. At least, I don't know of any way to avoid this.
That being said, it is incorrect to jump to "any API_KEY provides full access to all data vaults and JSON documents stored in TrueVault." - that's not the case if setup properly.
TrueVault API keys are able to be narrowed in scope quite a lot. Limiting a key to only Write permission on {Vault#1}, a second key to only Read permission on {Vault#2}, a third key to allow uploading Blogs in {Vault#1}, quite a few variations, a forth for deleting information from {Vault#2}, and on as needed. You can also limit permissions specifically to content "owned" by the API key (e.g. user-specific keys) Full documentation here.
There are also limited scope keys (set expiry time, usage count, limit to any of the prior permission scopes). Docs here.
TrueVault also offers user logins separate from API keys which may be better suited if your user are using login credentials. Docs here.
I'm still rather figuring out TrueVault myself (at time of writing at least) so be sure to research and review more for your needs. I'm still torn if the limited scoping is "good enough" for my needs - I'm leaning towards using AWS Lambda (or similar) to be a HIPAA compliant middle man, if only to better hide my access token generation and hide that my data is going to TrueVault and add some "serverless-server-side" data validation of sorts.