How can I call API which requires token?
Suppose I have an API which returns a list of students but to get a list, I have to send authorization token. how can I call such API on dialogflow?
You can provide an authorization token in the headers that are send to your webhook.
These settings can be found under the Fulfillment settings in Dialogflow. Here you should provide a key and value. In this case value is the token you identify with and the key value depends on the configuration of the API.
More info on webhook configuration can be found here.
Related
I am try to approve the prividedge identity management (PIM) request through graph api but when i try to approve it the api is return forbidden. See the below screenshots
The pending request should be approved.
First, I want to know what API permission you consented for using this graph API, because to be honest, I didn't find this graph API, I only found this document which contained the API request you used.
According to the error message, I'm afraid you gave the wrong api permission or you used client credential flow to generate the access token to call the API. So it's better to provide the request you used to generate access token.
Finally, I found an answer here which successfully call the API but with Powershell script. According to this sample, we should give PrivilegedAccess.Read.AzureAD,RoleAssignmentSchedule.ReadWrite.Directory,PrivilegedAccess.ReadWrite.AzureAD delegated API permission and use it to generate access token. We need to use auth code flow/ROPC flow so that the token generated should contain scp claim with API permissions as value. Then using that token to call the API.
You may try request below to generate the access token for a test:
POST https://login.microsoftonline.com/{TenantId}/oauth2/v2.0/token
Content-Type: application/x-www-form-urlencoded
client_id=azure_ad_app_id_consented_api_permission
&scope=PrivilegedAccess.Read.AzureAD RoleAssignmentSchedule.ReadWrite.Directory PrivilegedAccess.ReadWrite.AzureAD
&username=user_name_better_to_use_account_with_Global_Administrator_role
&password=password
&grant_type=password
I am new to api gateway development and trying to integrate lambda authorizer to secure the api gateway. I already gone through different documents as mentioned below, but still didn't understand how client have bearer token generated already in the request and how lambda-authorizer validate this token?
https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-use-lambda-authorizer.html
https://github.com/awslabs/aws-apigateway-lambda-authorizer-blueprints/blob/master/blueprints/python/api-gateway-authorizer-python.py
so far i have created the lambda-authorizer with below code found in the github and have attached the key from the autho account. Then i have attached the authorizer in the api gateway and enabled the same in the 'Method Request'.
After i deployed, i invoked the api via postman, which return: "message": "Unauthorized'
https://github.com/serverless/examples/blob/master/aws-python-auth0-custom-authorizers-api/lambda_handlers.py
Now i confused on what needs to be provided in the request in order to get the response from the Lambda?
Appreciate if anybody can help on this with proper example in order to integrate and test it?
Thanks
Implement JWT Token approach.You will need an authentication provider that will return you the token. Example of authentication provider is Auth0 or you can roll out your own.
The flow would be:
Your client will perform user authentication with this provider. The provider will return the token to your client. The client need to pass the token via Authorization header in your request payload to API Gateway.
API Gateway will call Lambda Authorizer to authorize / validate the token. The Lambda Authorizer code must verify the token with the authentication provider and once authorized will return a policy that allows the API call to be made.
We are looking at the DocuSign API integration using .NET.
I've managed to send an email from this correctly and added fields to the form programmatically however I could do with knowing how to use the Send On Behalf feature.
It looks like in the APILogin() function I need to add a default header called X-DocuSign-Act-As-User and then the email address (SOB is enabled on the API account). But then it says I need something to do with a token for this user? But not sure where I get this from?
Thanks,
Alex
X-DocuSign-Act-As-User header is only applicable when using OAuth tokens. For non-token usage, add the X-DocuSign-Authentication header.
Example from the GUIDE:
X-DocuSign-Authentication:<DocuSignCredentials><SendOnBehalfOf>bob.smith#gmail.com</SendOnBehalfOf><Username>{name}</Username><Password>{password}</Password><IntegratorKey>{integrator_key}</IntegratorKey></DocuSignCredentials>
Where {name} is the email address of your API Initiator and {password} is the password of your API Initiator. Those credentials are used to authenticate the API call, but the envelope will be created and owned by "bob.smith#gmail.com" as the Sender.
Note 1: "bob.smith#gmail.com", i.e. the on-behalf user, must be an account member with "send envelopes" permissions.
Note 2: API Initiator credentials - recommendation is to use API Name (the User's GUID) rather than email address, and use the "encrypted password" instead of the plain-text password. This is retrievable via the login_information API call. These forms of the credentials are not useful for logging into DocuSign via the Web interface.
Trying to call the Docusign REST API to Delete/Close User. Passing XML as the documentation in Docusign accepts XML or JSON. But getting 400 status code. I can login using REST API fine. Have had several eyes look at Docusign documentation on the Delete in relation to what I'm passing in XML, but nothing has popped out as to why we are getting 400. Typically, that would mean your XML ... your request is not correct format. Is anyone having this issue with Delete/Close User? Any advice?
Please don't use legacy authentication as it's old and insecure.
You should be using OAuth and if you don't want to have to authenticate each user you can use JWT (JSON Web Token) which would require that you obtain consent for the app to impersonate the user (or any user) that they make API calls on their behalf.
You can find more information about how to use JWT Auth in this article on the DocuSign developer center.
Deleting a user using the REST API is done using this endpoint:
DEL
/restapi/v2.1/accounts/{accountId}/users
The body is a JSON with an array of one or more users to delete. The userId (GUID) is sufficient information to provide to delete a user.
Given an auth token, originally received from Spotify Android/iOS SDK, I want to check with Spotify that the token I am holding is valid. Is there a minimal endpoint for doing this?
Ideally something not data-intensive, as I just want to know if the token is valid. This must be done with Web API and not SDK.
There is no API endpoint for checking whether the access token is still valid. Usually you would store it along with the expires_in value that tells you until when it is valid.
An alternative is making a request to any endpoint from the Web API passing the access token. You will get a 401 Unauthorized status code back if the token has expired.