I have successfully registered a REST API app wth Paypal but I am not sure if this is what I need or I need to create a CLASSIC API app from the same screen.
So far I have been testing in the sandbox, and the credentials I have been using follow this pattern:
{
"user" : "a#a.com",
"host" : "api.paypal.com",
"port": "",
"client_id" : "ID",
"client_secret": "SECRET",
"classicAPI": {
"username" : "paypal_api1.domain.com",
"password" : "PWD",
"signature" : "SIGNATURE",
"environment" : "production"
}
};
What my code is trying to do is to create a subscription, calling the "SetExpressCheckout" and "CreateRecurringPaymentsProfile", but I get a "PaypalMissing token"error.
Am I doing it the right way, ie REST API and those credentials? Looks like since I'm using the ClassicAPI parameters shouldn't I be registering a CLASSIC app?
For clarification, I'm using NodeJs and this plugin https://www.npmjs.org/package/paypal-recurring
Thank you in advance
Express Checkout specifically would be using the classic API. I'd recommend sticking with that for now as the REST API is still very young and doesn't have all of the features tied in yet that the classic API provides.
Related
We are trying to setup user provisioning via custom JSON schemas in Onelogin for Druva, to move users to profiles based on department.
The issues we are facing might be down to our Onelogin account not being an enterprise account. However, we found a workaround which did work, basing the mapping off company instead, as per this setup where the company field is used for "department".
While this works it doesn't seem the best option long term.
Any reason this shouldn't work?
{
"schemas": [
"urn:scim:schemas:core:2.0",
"urn:scim:schemas:extension:enterprise:1.0"
],
"userName": "{$user.email}",
"displayName": "{$user.firstname} {$user.lastname}",
"company": "{$user.company}",
"urn:scim:schemas:extension:enterprise:1.0": {
"department": "{$parameters.department}",
}
}
Any other suggestions?
Hi I want to check the permissions of a user in a specific Azure Devops Project. Is there a possible way to get it? As far as I know project level permission is different than organization level permissions. Thanks.
Already test some several rest apis but still I can't have the project level permission.
There is currently no out-of-the-box rest api to get the user's permission in project.
To achieve this demand, you can use this rest api :
https://dev.azure.com/{org}/_apis/Contribution/HierarchyQuery?api-version=5.0-preview.1
Request body:
{
"contributionIds": ["ms.vss-admin-web.org-admin-permissions-pivot-data-provider"],
"dataProviderContext": {
"properties": {
"subjectDescriptor": "msa.ZjE1ZTk0NmMtOTI4OS03Mjg5LTljMGUtMDIwMTdlYmM2Nzhj",
"sourcePage": {
"url": "https://dev.azure.com/xxx/xxxx/_settings/permissions",
"routeId": "ms.vss-admin-web.project-admin-hub-route",
"routeValues": {
"action": "Execute",
"adminPivot": "permissions",
"controller": "ContributedPage",
"project": "XXX",
"serviceHost": "0933e8b2-f504-4b7e-9e9e-xxxxx (xxx)"
}
}
}
}
}
You can track this rest api by press F12 in browser then select Network .Then looking for the record that response body included returned permission. From this record you can get the rest api and request body.
I tested with postman , with this api ,I can successful get user's permission in project. As shown below:
I'm able to create app id using Graph API but app secret/password is not generated with it. I need a way to generate/set a password using APIs.
Am I missing something?
You could create the password via Azure AD Graph API, you can test it in the AAD Graph Explorer.
My test sample:
Request URL:
PATCH https://graph.windows.net/{tenant id}/applications/{application object id}?api-version=1.6
Request body:
{
"passwordCredentials": [{
"endDate": "2020-08-12T02:54:44.2530506Z",
"keyId": "77fe4bf5-5d04-4a62-abc2-f064a9213d3f",
"startDate": "2019-08-12T02:54:44.2530506Z",
"customKeyIdentifier": "dGVzdA==",
"value": "XnkNIsT+cScOYeYJayQ4WNmp9tgAqw5z773uI9WQtAw="
}]
}
For more details about the request body, refer to this link - PasswordCredential.
Note: In the AAD Graph Explorer, when you send the request, the progress bar will never finish, but actually it works, you could check the result in the portal -> Azure Active Directory after a while.
Besides, there is also a Beta api in Microsoft Graph - Update application, I have not tested it, so I am not sure if it works. It is a Beta version, even if it works, I don't recommend you to use it in the production environment.
Are you following the correct API link?
Create User
It is easy to create Azure AD users using the Microsoft Graph REST. Here is a code sample for your reference:
POST https://graph.microsoft.com/v1.0/users
Authorization: Bearer {token}
Content-type: application/json
{
"accountEnabled": true,
"displayName": "Sajee",
"mailNickname": "Sinna",
"userPrincipalName": "upn-value#tenant-value.onmicrosoft.com",
"passwordProfile" : {
"forceChangePasswordNextSignIn": true,
"password": "password-value"
}
}
Following the blog post here, there is support for securing App Services from Azure with AAD security groups (via Easy auth + authorization.json) but there is no documentation/sample around how do to so.
Does anyone know if that functionality is GA ready and if there's any way to enable it (even if not GA)?
Using the example authorization.json from the post it does enable auto-redirect to a login page based on the rules:
{
"routes":[{
"path_prefix" : "/",
"policies" : { "unauthenticated_action" : "AllowAnonymous" }
},{
"path_prefix" : "/_admin",
"policies": { "unauthenticated_action" : "RedirectToLoginPage" }
}]
}
But I don't know how to specify which users should be allowed after they login
Introduction
I have a hyperledger env running in secure mode by following this link https://hyperledger.github.io/composer/integrating/enabling-rest-authentication.html
and it works fine if I authenticate as specified in the document (hitting http://mydomain:3000/auth/github directly from the browser) and then access the Rest API from the http://mydomain:3000/explorer and could authorize as various participants (i.e, issuing identity and adding them to the wallet and setting one as default at a time) and could see the assets as per the .acl file.
Issue
But I started facing problems when I started integrating the Rest API's from my web application rather directly from the browser. As a first step from my web app, I called the http://mydomain:3000/auth/github to authenticate and then started calling the other APIs (transaction/list, etc.) but I do always get
Error 401: 'Authorization Required'
What i have tried
Gave my web application URL as the 'Redirect URL' in the env variable for the hyperledger. And upon successful authentication (calling http://mydomain:3000/auth/github) it successfully redirected to my webapp home page but afterwards accessing the Rest API's (from web app) again throws 'Authorization Required' error.
Environment variaable as below:
export COMPOSER_PROVIDERS='{
"github": {
"provider": "github",
"module": "passport-github",
"clientID": "CLIENT_ID",
"clientSecret": "CLIENT_SECRET",
"authPath": "/auth/github",
"callbackURL": "/auth/github/callback",
"successRedirect": "http://localhost:8080/home.html",
"failureRedirect": "/"
}
}'
Incorporated passport-github2 mechanism in my web application (i.e, registered my app with the oauth of github) and upon successful login to my web application; called the http://mydomain:3000/auth/github to authenticate to the blockchain and it did not work out as well.
I have a few questions:
Is it feasible to call the secured hyperledger Rest API's from another web application?
If Yes, how to do it? I don't find that information in the hyperledger composer documentation.
Have been trying this for a week now and have no answers. Any help would be greatly appreciated. Please let me know if anything is unclear. Thanks.
I commented about this problem on one of the existing hyperledger github issues(below link) & I want to share the solution that solved this problem for me.
https://github.com/hyperledger/composer/issues/142
Solution: as mentioned by user sstone1
Since the REST server is on a different port number to your web application, you need to specify an additional option to your HTTP client to pass the cookies to the REST server. Using the Angular HTTP client, you add the withCredentials flag, for example:
via Angular:
this.http.get('http://mydomain:3000/api/MyAsset', { withCredentials: true })
via JQuery AJAX:
$.ajax({
url: 'http://mydomain:3000/api/MyAsset',
xhrFields: {
withCredentials: true
},
headers: {
...
}
})