I am using GitLab API v3 to do some operations on my private installation. Using private_token in GET URL is working fine. e.g.
GET http://git.example.com/api/v3/projects?=private_token=xyz123
But in order to make this possible, you need a private_token. There is one sure way to get it - from your account settings. But I want my users to use their email id/ login id and password to retrieve the private key and use it from there for rest of the operations.
I used following GET url and it is doing nothing for me:
GET http://git.example.com/api/v3/session?login=xyzuser&password=xyzpassword
Ideally as per GitLab documentation, I should get a JSON as follows -
{
"id": 1,
"username": "john_smith",
"email": "john#example.com",
"name": "John Smith",
"private_token": "dd34asd13as",
"blocked": false,
"created_at": "2012-05-23T08:00:58Z",
"bio": null,
"skype": "",
"linkedin": "",
"twitter": "",
"dark_scheme": false,
"theme_id": 1,
"is_admin": false,
"can_create_group" : true,
"can_create_team" : true,
"can_create_project" : true
}
If I get this, I can get private_token and work from there.
What am I doing wrong?
You need to POST the data as stated in the api (http://api.gitlab.org/session.html).
Be aware that if you do this action on a http port (instead of using https) that the password is send in plain text to the server.
Related
The OneLogin OpenID Connect Scopes Documentation for the profile scope shows that there is a picture available but with this disclaimer:
Note, these claims are returned if OneLogin has the information available.
In testing, I never get picture back when testing with a user that has a profile photo set. What I get has these attributes only:
{
"id_token": "",
"token_type": "Bearer",
"scope": "openid profile",
"profile": {
"sub": "",
"email": "",
"preferred_username": "",
"name": "",
"updated_at": 1614904145,
"given_name": "",
"family_name": "",
"sid": ""
},
"expires_at": 1615761073
}
Any tips on how to get the additional fields from OneLogin would be appreciated. Thx!
I reached out to OneLogin's dev support and I got a response in a few hours. I have verified that this works, here it is:
You should add a parameter to your OIDC app and map it to the field "Profile Picture" and then include the params scope in your ODIC call. (fro more details on scopes see https://developers.onelogin.com/openid-connect/scopes)
Note - what you get back is the URL of an image and it is not a binary blob of the actual photo.
The getClickwrapAgreements call is not returning a list of documents associated with that agreement. According to the API documentation, this call should return a documents array of objects containing e.g. documentBase64, documentName, fileExtension, but that array is always empty.
Example request:
https://demo.docusign.net/clickapi/v1/accounts/<accountid>/clickwraps/<clickwrapId>/users?client_user_id=<userId>
Example response:
{
"userAgreements": [
{
"accountId": "<accountId>",
"clickwrapId": "<clickwrapId>",
"clientUserId": "<userId>",
"agreementId": "<agreementId>",
"documents": [],
"createdOn": "2020-09-25T11:30:26.8230097Z",
"agreedOn": "2020-09-25T11:30:34.5580771Z",
"status": "agreed",
"versionId": "e90d4cb6-868b-48a3-9b1c-5a7f2083102d",
"versionNumber": 8,
"settings": {
"hasDeclineButton": false,
"actionButtonAlignment": "left",
"mustRead": false,
"mustView": false,
"requireAccept": false,
"downloadable": true,
"sendToEmail": false,
"brandId": "68cbc4b1-a78f-4e72-889e-0554141da176",
"format": "inline",
"documentDisplay": "document"
}
}
],
"beginCreatedOn": "2019-01-01T00:00:00Z",
"page": 0,
"pageSize": 40,
"minimumPagesRemaining": 0
}
When I navigate to the Manage Clickwraps page in the Docusign website, I'm able to download the certificate associated with the agreement. If I enabled the recipient to download the agreement, they are also able to download it after agreeing.
For context, I need to store a copy of every user's agreement certificate in the back end.
Thank you for reporting this. This appears to be a bug with Clickwraps -- which I will report internally to have addressed. In the meantime, I was able to reproduce this issue, and can confirm that the document nodes are indeed coming back blank if hitting the user agreement in any form.
However, I was able to find this: In the call you're already making, you can see in the response there's parameter for agreementId. I did some tinkering and found that if I hit this URI:
"https://demo.docusign.net/clickapi/v1/accounts/{ACCOUNTID}/clickwraps/{clickwrapID}/agreements/{agreementId}/download?include_coc=true", I was able to download the PDF associated with that agreement. The url parameter for include coc determines if the additional certificate of completion is added onto the PDF.
From the WebHook documentation for a store/customer/address/updated/store/customer/address/created events should have following payload:
{
"scope": "store/customer/address/created",
"store_id": "1025646",
"data": {
"type": "customer",
"id": 60,
"address": {
"customer_id": 32
}
},
"hash": "416ca9c01779515de91824aa1cac9012ee691e7a",
"created_at": 1561481620,
"producer": "stores/{store_hash}"
}
However, in the logs we don't see the "address" part. The payload is always coming as:
{
created_at: 1573847377
data: {
id: 2246136
type: "customer"
}
hash: "%hash%"
producer: "%producer%"
scope: "store/customer/address/updated"
store_id: "%storeid%"
}
And the payload.data.id is not the customer id, as fetching customer by given ID always results in 404.
Fetching address with given id is also impossible, as the resource url should include customer_id which is absent in the response.
Contacted BigCommerce support already, but maybe someone had solved this issue already?
Saw relevant question in the BigCommerce's community, but it was also unanswered.
I have encountered a similar problem, and believe I have isolated the conditions under which it occurs.
I am building an app with MEAN stack that uses bigcommerce API/webhooks.
When I tried to create a customer address in-app, it makes an API request to BigCommerce and creates customer addresses in BigCommerce. Via the webhooks, I have implemented the store_customer_address_created hook event.
So there are two cases when the address webhook event is being triggered:
When the customer address is created in-app and it sends an address creation request via the API to BigCommerce.
When the customer address is directly created in the BigCommerce admin.
Here are the responses from those:
"scope": "store/customer/address/created",
"store_id": "1025646",
"data": {
"type": "customer",
"id": 60,
},
"hash": "416ca9c01779515de91824aa1cac9012ee691e7a",
"created_at": 1561481620,
"producer": "stores/{store_hash}"
}
{
"scope": "store/customer/address/created",
"store_id": "1025646",
"data": {
"type": "customer",
"id": 60,
"address": {
"customer_id": 32
}
},
"hash": "416ca9c01779515de91824aa1cac9012ee691e7a",
"created_at": 1561481620,
"producer": "stores/{store_hash}"
}
As you can see, the address field is not included when the customer address is being created by the API. I’m not sure if it is designed by the BigCommerce team, or a special case. But I think we can identify if the customer address is being created by the BigCommerce admin directly or via the API myself based on this distinction.
I believe you are encountering the first case on your end.
I hope this helps and please update me if you have any other opinions.
It is fairly strange to see this webhook response without the address field, and I haven't had any luck replicating this with scope for store/customer/address/updated. Are you working with any other code beyond this webhook or testing the webhook event specifically?
I'm using the Microsoft Graph Users API to validate a list of user names or email addresses against our ActiveDirectory. The name search:
https://graph.microsoft.com/v1.0/me/people/?$search=john.smith
returns additional data such as officeLocation and jobTitle. But if I use the email search:
https://graph.microsoft.com/v1.0/users/john.smith#company.com
these additional fields are empty. I've enabled these API permissions in Azure:
People.Read
User.Read
User.ReadBasic.All
email
Do I need additional permissions to get the same data?
Update: I tried this in https://developer.microsoft.com/en-us/graph/graph-explorer as suggested below and it works, but Graph Explorer comes with these permissions by default which can't be disabled:
Calendars.ReadWrite
Contacts.ReadWrite
Directory.Read.All
Files.ReadWrite.All
Mail.ReadWrite
Notes.ReadWrite.All
openid
People.Read
Sites.ReadWrite.All
Tasks.ReadWrite
User.ReadBasic.All
User.ReadWrite
Update 2: I'm using Python 3.7 so I borrowed device_flow_session() from https://github.com/microsoftgraph/python-sample-console-app/blob/master/helpers.py#L25. The data I get back from https://graph.microsoft.com/me/people/?$search=John.Smith looks like:
{
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#users("XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX")/people",
"value": [{
"id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
"displayName": "John Smith",
"givenName": "John",
"surname": "Smith",
"birthday": "",
"personNotes": "",
"isFavorite": False,
"jobTitle": "Software Engineer",
"companyName": "Company",
"yomiCompany": "",
"department": "Fish",
"officeLocation": "London",
"profession": "",
"userPrincipalName": "John.Smith#company.com",
"imAddress": "sip:John.Smith#company.com",
"scoredEmailAddresses": [{
"address": "John.Smith#company.com",
"relevanceScore": -6.0991198031917175,
"selectionLikelihood": "notSpecified"
}
],
"phones": [],
"postalAddresses": [],
"websites": [],
"personType": {
"class": "Person",
"subclass": "OrganizationUser"
}
}
]
}
Whereas the data from https://graph.microsoft.com/users/John.Smith#company.com is:
{
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#users/$entity",
"businessPhones": [],
"displayName": "John Smith",
"givenName": "John",
"jobTitle": None,
"mail": "John.Smith#company.com",
"mobilePhone": None,
"officeLocation": None,
"preferredLanguage": None,
"surname": "Smith",
"userPrincipalName": "John.Smith#company.com",
"id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
}
Based on my test, I found that the information obtained by these two APIs came from different places.
"officeLocation" returned from /me/people seems to be maintained in SharePoint. You can sign in https://apc.delve.office.com/?u=3df5295a-e4b1-46fe-8969-e715ccd11077&v=editprofile to check it.
"officeLocation" returned from /me or /users/{id | userPrincipalName} is maintained in Azure AD. So you can check it in Azure AD -> Users.
After I update the "Office" in Azure AD, I query with the two endpoints. But they gave me two different result. One (/me/people) is old and the other one (/users/{id | userPrincipalName}) is new. Maybe this will take some time to synchronize. Or maybe they won't sync.
I also test it in Microsoft Graph Explorer. And the "officeLocation"s are different as well. So I'm not sure why Microsoft Graph Explorer works fine for you. But you can dig it along with my ideas.
I hope my findings will be helpful to you.
Each "service" in the Graph (Active Directory, Exchange, SharePoint, etc.) make decisions on the data to return by default in calls. These decisions are made to best suit Microsoft in running the service, not necessarily what callers need. ;) I suggest adding the $select parameter to specify the attributes you require.
From https://learn.microsoft.com/en-us/graph/query-parameters#select-parameter:
Important: In general, we recommend that you use $select to limit the
properties returned by a query to those needed by your app. This is
especially true of queries that might potentially return a large
result set. Limiting the properties returned in each row will reduce
network load and help improve your app's performance.
In v1.0, some Azure AD resources that derive from directoryObject,
like user and group, return a limited, default subset of properties on
reads. For these resources, you must use $select to return properties
outside of the default set.
During the creation of a batch of users in Azure AD by using the Graph API version 1.0 I receive the followiing error message:
Property has an invalid value
As you can see, there is not property name in the message, so I can't understand the real problem. What I can say is that those users have no particular conditions among the all others successfully created.
Any ideas?
Update 1:
As people asked, below are the post data. Since there is sensitive data, I have to changed names and som other personal data:
POST https://graph.microsoft.com/v1.0/users
And the JSON payload:
{
"accountEnabled": false,
"country": "BR",
"displayName": "Jane Sagan",
"givenName": "Jane",
"mailNickname": "jane.sagan",
"otherMails": [
"jane.sagan.#gmail.com"
],
"passwordProfile": {
"forceChangePasswordNextSignIn": false,
"password": "J#n3Sa8aN"
},
"surname": "Sagan",
"usageLocation": "BR",
"userPrincipalName": "jane.sagan#university.br",
"userType": "Member"
}
The property "otherMails" doesn't support the format "jane.sagan.#gmail.com".
Username cannot end with '.' in O365. You can have a try (create a user whose username ends with '.') in O365 portal to verify it.