From this summer amazon have a new rule. You can't just get a new MWS key and they ask you to fill a special form. After 35 days of waiting they declined.
But I need this key to create my app to replenish FBA inventory. I already create a whole system (based on Laravel) but the main module is not possible to create without keys :(
No. It's a violation to share MWS developer credentials. Did you follow the steps to register as a developer?
Source: https://docs.developer.amazonservices.com/en_US/dev_guide/DG_Registering.html
Related
I want to make a donation system for a twitch-like platform.
And I want to use Stripe.
I already make lot of searches. And I know that I need to add an external account for every streamer who want to be paid (by donation).
But I can't add External account, I have this message :
The provided key 'rk_live_********************2TSc' does not have the
required permissions for this endpoint on account
'acct_***************d'. This is a restricted API key, but the
required permissions are not available for use by restricted keys.
Am I good with using "External Account" ?
Can you help me with this message please ?
You cannot create external accounts with restricted keys (ie. the keys that start with rk_live_) that only have a subset of permissions. You need to use your secret keys (ie. the key that starts with sk_live_). You can get this from your dashboard here:
https://dashboard.stripe.com/account/apikeys
I am a beginner web designer and I am struggling to find relevant information online as to how I should go about managing my API keys for clients! I would really appreciate any tips or insights on how I should go about this!
I hold my own google account and already have my own API key (Javascript API) for my own website. Although, when creating websites for clients, is it okay to use the same API Key? Or should i create a new API Key for each client in my own account (creating new "projects")? Or should i be creating a google account for each client and then creating each client an API Key through their own account?
I also know that there are usage limits on API Keys so I want to ensure I dont exceed these if using one API for multiple sites. How can I monitor this?
Looking for any advice on the best and most efficient way to go about this. I do not know too much on how API Keys work!
Much appreciated :)
I will be using Google API as an example. Yes, you should always Create a new project for each client there are a multitude of reasons why you should do this and you already mentioned some of this
API query usage limit.
Separated client billing & usage breakdown for each project.
Security and revocation of compromised APIs.
Restricted security profiles, domain whitelisting, IP address, device usage etc..
Access management and role management.
Traffic and analytical reasons.
Creating credentials
Depending on your organisation needs and project scale, for us, we Create credentials (API key/ OAuth ID/ Service Account Key) for every platform the key will be used. For example, if we are developing an e-commerce website that comes with an app, we would issue 3 keys. (1 for web, 1 for Android apk, 1 for iOS app). This allows us to fine tune the access permissions and let us track usage.
What works for you?
If you are a freelancer or work in a small enterprise, the least you should do is separate every client by projects. There is no need to create a new Google account for each project. (You can always transfer ownership of projects to another account if your client requests at a later time)
The above screenshot is how we categorize items in our account, for each project we are contracted for (could be the same client) we will create a separate project entry.
I'm trying to use the Computer Vision API from Microsoft's Cognitive Services. However, my keys don't seem to be working. I created an account using the free trial of that API and got the two keys from it. Trying to use the key with the ProjectOxford.Vision SDK always yields:
Access denied due to invalid subscription key. Make sure to provide a valid key for an active subscription.
I tried the API console, however I get the same error with my key in the Ocp-Apim-Subscription-Key field. I tried both keys and neither of them work. I even got the free version of Face API and tried its console, but encountered the same issue with its keys. I even tried different datacenters, but they all seem to return the same error.
This would need to be some problem with the key then right? This can't be a problem with my C# code, since the console doesn't work either. And since it's failing in the API console, there's nothing more I can do to rule out any other possibilities is there? I'm not sure what else I can do to debug this. I'd like to regenerate my keys (I saw a tutorial video which showed an older UI of getting the API keys and they used to have a "regenerate" link) but I don't see a way of doing that anymore.
I only just made the account and registered for the APIs, so there's no way I'd be over quota. Is there something else I need to do to enable these keys or something?
I managed to skirt around the issue of 'Access Denied' by performing the following actions:
I created a free Azure account
I set up an instance of the Cognitive Services Api (this generated a pair of new keys for me to use)
Utilizing the new key, I had to use the following link:
https://westus.api.cognitive.microsoft.com/vision/v1.0/ocr
Instead of
https://westus.api.cognitive.microsoft.com/vision/v1.0/recognizeText
(I obtained this link from the Cognitive Services Test Dashboard).
Look at the request pattern on the test dashboard and you should be able to tell how to use the api.
Even when #Xuan Hu response states correctly to the solution, I scratched my head some time trying to figure out how to change the end point. Here are my 2 cents:
Go to portal.azure.com, in the dashboard of your subscription to the Cognitive Services > General Information > End Point take note of the URL. You need it.
Find in the code of your VisionAPI samples where the VisionServiceClient is instantiated:
VisionServiceClient VisionServiceCliente = new VisionServiceClient(SubscriptionKey);
and change including the URL that you found in Azure:
VisionServiceClient VisionServiceCliente = new VisionServiceClient(SubscriptionKey, StringOfMyURLTakedFromPortal);
That worked for me.
If you are using the free trial keys got from azure.microsoft.com. You need to change the API endpoint region to westcentralus. The previous default region is westus and I think that is the reason of the invalid key problem.
FYI, there is a blog post that covers all of the 401 Access Denied scenarios, including this one regarding the free API keys and region specific API endpoint. Adding it here for folks in the future who find this SO post - https://blogs.msdn.microsoft.com/kwill/2017/05/17/http-401-access-denied-when-calling-azure-cognitive-services-apis/.
Using the incorrect regional endpoint
Most of the Cognitive Services APIs are region specific, which means that during API account creation you select which region you want to create the account in. These APIs have region specific endpoints such as westus.api.cognitive.microsoft.com or eastus2.api.cognitive.microsoft.com, and an API key for an account created in one region will only work using the endpoint for that specific region. This means that if you create an API account in West US you will not be able to call the eastus2.api.cognitive.microsoft.com API endpoint.
You can verify the region and endpoint in the Azure management portal.
Trial API Keys
The free trial API keys have 30 day expiration dates, and the same restrictions for region and version. If you are using the trial keys you can go to https://azure.microsoft.com/en-us/try/cognitive-services/my-apis/ to manage your API keys (if you are not already logged in then just click one of the ‘Create’ buttons and you can go through the wizard to login and see your existing API keys), and you will also see the expiration date and endpoint.
One thing to remember if using Postman to get the results is to use GET and put your keys in the Header.
Trying to access my personal calendar data using a service account.
I've gone through the setup for creating a service account (with owner permissions). Using NodeJS, I've successfully made requests to my public calendar, but not my private calendars. ( the same result using googleapis and google-OAuth-jwt packages)
Everything that I've searched shows that I need to give "domain-wide authority", BUT, I do not have a G Suite account, so I don't believe this applies to me.
So the question is, can one access their own personal calendar data using a service account? What might I be missing?
You may refer with this SO post. It stated that the service account has its on Google calendar account so if you are trying to read one of your personal calendars, you are going to share it with the service account. You can check the example given using the Json service account key file.
Answer in comments, thanks to abielita. Link to answer.
Remember service accounts are not you. The service account has its own Google calendar account so if you are trying to read one of your personal calendars you are going to have to share it with the service account.
Shared the calendar with my service account.
I am a part of a group trying to create an Amazon Mechanical Turk Requester task. We'd like to either have a group account or have multiple accounts with access to the same project. I've been looking around and cannot find a way to do this. Is it possible to make this happen without sharing a single account?
This may not be perfect, but if you're an MTurk API customer, you can use Identity and Access Management (IAM) to have a single account (with a credit card on file) but provide multiple sets of API credentials (AWS Access Keys and Secret Keys) that you can provide to reach person/group that wants to use the account. This isn't a perfect solution because:
It is only applicable to the MTurk Application Programming Interface (API)
There aren't quotas or controls to limit spending on one person vs. another
Each account can still access each other's HITs (it isn't separate accounts)
You can learn more about IAM support in MTurk here: https://blog.mturk.com/introducing-mechanical-turk-api-support-for-iam-credentials-8f2de8cd6afb
There is not currently a way to do something similar in the Requester Website (requester.mturk.com).
Hope that helps a little.