I am developing a webapp and one of the functionalities is the way how linkedin connections work.
For a given 2 users, we show the path of connections for 3 levels.Is there a way this could be achieved using Facebook API.
I am allowing user to login using facebook credentails and saving the tokens in MongoDB.I used node js for server side processing.
Any help is appreciated.
No, this is not possible via the Graph API. You can only get those friends which are also using your app, not all friends (if your app is >=v2.0).
Related
This might be a duplicate of Google Oauth - Where to sign in users, backend/frontend, but I would like this discussion to be more elaborate. I am developing both the backend and the frontend of an application and I would like to know where to integrate with Google.
According to some answers to the question, using the login on the frontend (React Native) is less secure, is this really valid? According to the most voted comment, it is a recommended alternative when you only want to use the login and nothing else.
When using some applications that make use of the login with Google I noticed that there are two possible "screens" of login. The first is similar to opening a page in the browser and when you want to add a new account on your Android device. That screen also shows the name of app as LINK, similar to google login using Firebase Auth.
The second shows the accounts that already exist on the device in the form of a popup. Some even show the application icon.
Thinking about "screens", what makes them different is the google login on the frontend or the backend? If not, how do I get my application to login in the form of a popup?
I am creating two application :
1. Chrome extension for gmail.
2. It's IOS version
Now, since both the applications have same behavior and uses same google apis extensively, i decided to create a single project in google cloud platform for both. Now, when creating credentials, what will be my application type? I see both 'IOS' and 'Chrome App' under application type. Should i generate two Client IDs for chrome app and ios app?
To use single Client ID, i also tried creating a Node REST API (created a new project and set application type to 'web application' in google cloud platform) that will be used by both of my application to make request to google apis? But the authorization process includes, setting a callback url to get the authorization code and later use this code to get the access token. I guess this is not feasible for a REST API. Where should i keep the authorization part? In the application itself and later send the access token to my rest api? Is it possible?
I am very much confused about how should i start. Please could anyone suggest a better way to do this?
I generated two client ids, one for ios and for the web. Isolating both applications is a good way to start. Both the apps generate their own token id, pass the id to Node Rest API and later the use that token to make a request to Google APIs.
I'm faced with the current dilemma. My application flow is as follows:
Admin logs in
Has to select a list of clients
The selected Client data is then loaded in
Admin should now be able to Link Facebook, for example, to that
client's account with their credentials on a click of a button. Same
would apply for other social media accounts that the user has. The
reason that's important is the app then goes and fetches data from
their social media, such as Facebook Insights.
Is there a way I could achieve is ? I was thinking maybe Auth0 but I had a look on their documentation and it seems I could do it but only if Admin was the one linking his own social media account to his account. Can't really see a way where he could link other accounts to the Client's account currently selected.
I'm working with a React-Redux, Express and MongoDB app.
Even a push in the direct direction would be greatly appreciated.
This is certainly achievable using Auth0 - take a look at the Link Accounts API (User) - you want to use the second option using an API v2 token
See sample here that illustrates how this might work using Node.js.
You could possibly rework this to your technology stack pretty easily. Since you are using a Management Token you'd want that to remain server side (Express) and the react/redux app could make ajax calls via the Express Server side component - which in turn calls out to the Auth0 endpoint to perform the user search / linking actions.
I'm trying to call one of Magento REST APIs (say products api) from a NodeJS application using a regular HTTP Request. I know that Magento APIs requires OAuth to authenticate the user/application, and this is where I'm a bit lost.
With Magento or any OAuth application, the end-user who is using the app has to click "Authorize" in order for that application to receive the token, and then the application will be able to communicate directly with Mangento APIs.
In my case, we are talking about 2 servers, Magento and NodeJS, that will talk to each other. So There is no user involve to sort of "Click" the authorize button and validate the auth request.
The point of what I'm trying to achieve is grab product data from Magento, store it in a DB, then make some changes, after that make it accessible via NodeJS REST APIs. (That is a hard requirement and I can't change it).
My question is, Do we have to write custom Magento REST APIs that doesn't require OAuth, or maybe require the regular basic HTTP Authentication (username/password). Or there is a way to use OAuth and authenticate my Node application directly?
I hope my question is clear, if not please let me know and I will try to fix it. Thanks!
After wrestling with a similar situation, I decided to use Magento's SOAP API. All you have to do as far as authentication goes is to set up an API user in the Magento backend and then use the username/password in your API calls (I think, it's been awhile). Not sure if this fits your use case but it saved me a lot of OAuth headache.
I am making an API in NodeJS that 'll be used by a website and iPhone native app at the same time.
There is a chance that API URL will be exposed to user when used in javascript for website. I only want authorized access to the API. Don't want anyone call API via console. like user/delete/[user-id], anyone can use this URL to delete a user.
Check out http://passportjs.org/
There are plenty of authentication strategies to use. Don't reinvent the wheel here. ;)