I am uploading photos to Flickr in .NET project using Flickr.NET API Library (Flickr.NET CodePlex Link). Its working perfect. But for every request, Flickr asks my permission to authorize the app (check screenshot below):
My question: is there any way I authorize the app once for my whole life rather it asks for my permission for each photo to upload?
Once you have exchanged your request token for an access token, you can store the access token in your application's persistent memory and use the access token to make subsequent requests.
Related
I am working on a PHP web app that needs to make HTTP requests to the Sharepoint API with Sites.Selected permission to a specific SharePoint site. It is NOT viable for me to provide a user sign-in experience so I need to treat it as a non-user/daemon application.
I've read the docs and looked at many different forums for the solution but as of yet I've been unsuccessfull in obtaining a SPO specific access token, although I think I'm close.
I am using this StackOverflow answer as a guide: https://stackoverflow.com/a/63386756/19038862
This is what I've done:
Registered an Azure App: (Image of my Azure App Overview)
Created a client secret in the App dashboard: (Image of the client secret page)
Successfully sent a request to https://login.microsoftonline.com/{{app_tenant_id}}/oauth2/v2.0/token using the client secret in Postman: (Image of Postman request)
The request made in step 3 returns an access token (I assume a MS Graph access token?), but it DOES NOT return a refresh token, which is what the afforementioned StackOverflow answer suggests you need to "swap" for an SPO specific access token.
How do I obtain this refresh token so that I can swap it for a SPO access token? Or what better way is there to get my hands on a SPO specific access token from a non-user app?
I wrote this gist to guide you into getting Sites.Selected access to the desired site:
https://gist.github.com/ruanswanepoel/14fd1c97972cabf9ca3d6c0d9c5fc542
This guide shows you how to configure this as Application permissions, and via the Graph API.
I've found going through the Graph API is the best way to go.
Also strangely it's not possible to get delegated Sites.Selected permissions. You must set it up as an Application permission.
In the guide is described that you have to get a delegated auth token from graph but you are getting an application auth token. The token response of this flow does not contain a refresh_token. See here.
But you already wrote that you are not able to provide a user sign-in experience. One workaround would be to once manually get the access_token and refresh_token of a user with the delegated flow and then periodically get a new access_token with the refresh_token on your server. You could store these values in your database and update them when you fetch a new one.
First, the daemon-based client credential flow does not return a refresh token for you. You also can't redeem the refresh token of the graph API for an access token for SPO, which are two completely different API resources.
To get an access token for SPO you just need to set scope to: https://{tenant-name}.sharepoint.com/.default.
I've checked many resources, and most of them claim the only way to fetch users media using an token is to create facebook app, add instagram, generate user token for yourself and fetch graph api. https://graph.instagram.com/me endpoint. Is there no other way to simply fetch user's media via official api by using access token and username?
Also, when I use /me endpoint, everything works. If I change it to /*myusername*, where I obviously put my username instead, it says that said object does not exist, cannot be loaded due to missing permissions, or does not support this operation.
So, no. If you want to use Instagram API to fetch regular( ie not business ) users' feed, you need to use Instagram Basic API.
I would like to upload a given file to Sharepoint. I'm using the Microsoft Graph API.
The documentation follows this workflow:
1. If no token, redirect the user to the Microsoft signin page.
2. The user is then redirected to the application, with an access token
3. Use access token to have an authorization bearer
4. Do what you gotta do...
My problem is the sign-in part. I don't want my users to be redirected to the Microsoft signin page. I want my application to connect and get the access token in the background (with cURL or whatever).
How can I do that? Why is the "open in browser" necessary?
I tried to replicate the sign-in process, but all I get back is the HTML response from the signin page.
Thanks in advance.
Your application act as a single-tenant service or daemon app.
The documentation about this scenario is here : https://developer.microsoft.com/en-us/graph/docs/authorization/app_only
The application must be registered in the AzureAD directory corresponding to the Office365 tenant
A first request is made by passing the application unique identifier and secret key as registered in the directory. This request returns an access token
The access token can now be used in the Authorization header of the following request to the Microsoft Graph API.
This method (of using Client ID and Secret) works well but there are other ways which may be better suited for similar scenarios.
The one major thing which is missing in access token generated this way is a user, meaning the token only contains the identity of the OAuth application (client) which called it but is not associated with any user for the request.
This could have a couple of implications:
Since the token is not associated with a specific user you will not know who performed the operation. In your example, you would not know who uploaded the file (and other similar information may be missing).
Access token without users will not work at all for some methods. For those, you need a delegated token.
Creating a delegated token requires some effort, if you are interested you can find the details in my article:
Getting Access Token for Microsoft Graph Using OAuth REST API
I need to check if I can use the Live Video API from my local runtime (like nodejs for example) to post live videos on my page, using a long-lived access token to my page.
Whether I generate a user or page token, with Graph Explorer App ID or my own App ID, and required permissions (publish_action for my personal profile, publish_pages and manage_pages for my page), all my calls are rejected with an error:
"(#100) No permission to perform current operation."
I thought I had to create my own App and submit it for review with required items (publish_pages, manage_pages, Live Video API) but someone from the Developper Community told me that as my app is not public-facing, I couldn't get it reviewed and I shouldn't even create an App.
I also read somewhere that my page had to be whitelisted but I didn't find how to do it.
How can I use the Live Video API from a local application?
Thanks.
Best regards,
Nicolas
Using the Graph Explorer App to generate the token will make my API calls fail because I'm not the admin or a developer of the app.
So I need my own app to use the Live Video API but I don't have to submit it for review as long as I make API calls on behalf of an admin, developer, testers.
Following this documentation: Graph API Reference, using the API, I was able to post live videos on my user ID, with a (admin) user access token.
But on my page ID, using a (admin) page access token, I'm getting this error:
"(#100) No permission to perform current operation."
I just wanted to use webapi to play with the metadata like playlist, artists on my own account. Is it possible to do that by REST API without using /callback to web application which receives authorization code then can get the oauth token ?
I have researched here:
https://developer.spotify.com/web-api/authorization-guide/
Then I found:
https://developer.spotify.com/web-api/authorization-guide/#client-credentials-flow
That's it! You just need to get oauth token by giving your regular login and password credentials.