I have provisioned a number of accounts to users for my domain.
I need to send out some reminders to inactive users, as information is being delivered to their accounts online, and if they are not logging in, they could be missing the information.
Is there any way for me to retrieve the last logged in time for a user or group of users within a Google App Script framework?
There is no way to get that information for now, you could raise an enhancement request on the issue tracker, the only thing you can get to know is whether or not a domain user has logged in once and agreed the terms of usage
Related
I need to get list of attendees of a MSTeams meeting call, and their times by an Azure Application.
For now, i've tried 3 different approaches without success:
Registering a Bot
Retrieve the attendee report of an event
callRecord subscription
In more detail:
Registering a Bot
MembersAdded event works as described in the documentation for v4.7 of the Bots SDK, ie. when a new user is added to a chat or a team, webhook is called, which does not work for online meetings. However for v3 of the Bots SDK there is a mention:
The conversationUpdate event with the membersAdded object in the
payload is sent when a user is added to a private scheduled meeting.
The event details will be sent even when anonymous users join the
meeting.
I've not tried this version of SDK, but i think it has the same behaviour as v4.7 because i don't see any request comming to my bot's webhook when an user joins a meeting.
Moreover, when i request Members of a meeting on message event to a bot by invoking:
var members = await TeamsInfo.GetMembersAsync(turnContext);
i get a list of team/chat members where a meeting is created but not the list of attendees of a meeting for the current time.
Retrieve the attendee report of an event
By this request, I can get the list of attenees, but only for live events.
However Teams clients (in preview mode now) can get this report for ordinary meeting with the full history of who/when entered/leaved a meeting with even guest names(!).
Anyway, this method has the following disadvantages:
As mentioned in the Get onlineMeeting and according to the Allow applications to access online meetings on behalf of a user, a Tenant administrator have to invoke PS command Grant-CsApplicationAccessPolicy for each meeting organiser, to grand my app permision to download this report
Administrators must create an application access policy and grant it to a user, authorizing the
app configured in the policy to retrieve an
online meeting on behalf of that user (user ID specified in the
request path).
Uses Beta version of the GraphAPI, so it can't be used in production
callRecord subscription
According to the Create subscription, i can subscribe to create and update events of a callRecord, and everything works well - when a meeting call is finished, my notification URL is called in 5-20 minutes, so i can find original meeting by callRecord.joinWebUrl and Get onlineMeeting:Example 3. Seems it's most suitable method for me, but has the following disadvantages:
Guests cannot be identified, their names as them passed in MSTeams clients are not reported to callRecord ie. callRecord.Participants[].AddtionalData["guest"].displayName == "Guest user" for any guest (seems like a bug), however entered/leaved information can be found by searching callRecord.Participants[].AddtionalData["guest"].id in callRecord.Sessions[].Segments[].Caller.Identity.AddtionalData["guest"].id
External users cannot be also indentified, callRecord.Participants[].User.DisplayName == "External user" for any external user, however i can retrive tenantId and userId, but still cannot get user's profile because my app has to have Directory.Read.All permision in that tenant, and it's not possible for every tenant.
PS. I can setup MSTeams to do not allow guests or external users, then it works partially well, because each user has to have Teams license assigned, and there is NO login page appears during joining a meeting, just an error page saying that meeting does not allow guest or external users, so the user should find a link to login to a tenant, which is not obvious in MSTeams Web Client, but possible.
PSS. In the Microsoft Teams admin center, i've checked the calling history of an organiser for a meeting with 1 guest, 1 tenant and 1 external and here it is:
Seems for guests, displayName is not stored at all, however for an external user there AAD email is stored (this is AAD guest user ie has '#EXT#' in his principal name, and has the same email as on the picture), however i'm not sure from where it resolved from by Azure - either from external tenant AAD or my tenant AAD for external user, because Azure has access to both.
So, maybe you know a method to get attendees and their times in a meeting call ?
Thank you for your suggestion/advice/reply !
Thanks for reaching us!
Teams by default generate attendees report and meeting report after completion of meeting call. We can able to see the list of attendees and the report. But at present we don't have any API to fetch list of attendees and their timings.
As this feature is not available at present, could you please raise an UserVoice if this needs to be consider as a future request.
I am prototyping an automated messaging system with a few pilot companies and about 10 users. They want my system to send status emails on their behalf, from their gmail accounts. This can easily be accomplished when they enter their gmail usn/pwd into my system (it is AES 256-bit encrypted before being stored in the DB). The problem is that the first time my system tries to send a status email on their behalf, using their account, the message is blocked until "Allow less secure apps" is enabled. When they try again, it's blocked again, along with scary warnings being emailed to them by google saying that someone has their google password. Only after they click through that and verify that my system has permission to do this, all is good, no more warnings, and everything works.
I have been researching this and I have found 2 potential approaches for smoothing this process and avoiding the scary warnings to the users:
Enable 2-factor authentication in the google account, and use an app-specific password (per user I think??) to send the emails without any warnings.
Have my system use oauth2 with the gmail accounts so that google no longer considers my app "less secure".
My question is, what is the best approach, and how do I set this up? If my gmail users enable 2-factor authentication, can they store their code into my system, and my system uses that code for future auto-emails? Does it even work that way? My experience with 2-factor auth is that a code is sent to the user's phone each and every time. Is that not the case? Would a stored code on my server (1 per user) work over and over? Does it expire after a certain amount of time?
And my understanding with oauth2 is that my users would need to be actively logged in with their google account and somehow exchange tokens with my server, but I really don't know. Is there some way for my web server (PHP) to implement oauth2 in connection with gmail accounts?
In summary, what is the simplest way to send auto-generated gmails for my users who are paying for this service without triggering scary warnings from google? The volume of emails is low -- this isn't spam -- it's a status follow-up system for the workplace.
You are right on your second point; that is an easy way to accomplish your objectives. You'll first have to authorize your app with Gmail to work with OAuth. You can follow these links to learn how to implement authorization in your server, but you can also enter here to appreciate some examples. When you develop the authorization protocol, you can read the Gmail API to start working with your customer accounts.
Simply looking for some direction, whether it's a link to the docs or an example:
I want to use Passport to authenticate users using Slack/Passport but only if they belong to my company. So, for example,
olaf#mycompany can log in and view protected assets
ishtar#anotherco cannot do either, despite having an account with slack
A cursory search found this issue but I couldn't find anything in the docs.
Thanks!
Slack Passport is using the Sign in with Slack feature. It requires users to already have an existing Slack account for your Slack workspace.
So to ensure that only users belonging to your company get access to your web site all you need to do is verify that you receive an access token for the right Slack workspace, e.g. the one of your company. You can check that by comparing the team_id in the access token.
Apparently you can pass a team parameter during the oauth flow as described here. This allows slack to do the id comparison on their end, but it does require the developer to know what their team's id is ahead of time.
We are using the EnvelopeView: CreateSender endpoint on the server side and are authenticated under a service account we have dedicated for this process. Ultimately, we send a URL such as https://demo.docusign.net/Member/StartInSession.aspx?StartConsole=1&t=<GUID>&DocuEnvelope=<ENVELOPEID>&send=1 back to the end user to pick the signers, and populate tags.
All works fantastically, however, we were hoping to make it so the user can only see and populate the information for this single document. Currently, once the user clicks the link they are essentially authenticated as our backend service account and if they open another tab in their browser and go to (https://demo.docusign.net) they can see all documents and even change the password of the account if they wanted.
Is there a way to restrict this in any way? Would the experience be different if purchased an “API” account not tried to use an actual user account on the backend? Yes, we know about OAuth, but we don’t really want to impersonate the sender and prefer to keep a dedicated service account.
An "API" account would give you the same issues as dedicating one of your current users as a "Services Account," so I don't think that's a solution.
Instead, I suggest that you move all of the functionality that's needed upstream into your app. That way you will not need to present the Sender view to your users.
Your app can enable your users to:
choose who the envelope will be sent to
choose/edit the email messages, etc
choose the documents that will be sent
etc
If you have preset templates that include the document tabs/fields for the signers then there is no reason for the sender to deal with the sending screen for picking the tab/field locations on the documents.
This type of app will also give a smoother user experience to your users since they'll stay in your app rather than bouncing over to DocuSign for part of the task.
Using Instagram's API, is there any way to request a list or count of an application's registered users?
Instagram's real-time subscriptions can send notifications whenever a registered user posts to their feed, but I haven't found a way to get a list of those users, or even a count. This is easy enough to store server-side, but seems like something which should be discoverable.
Your Question
Using Instagram's API, is there any way to request a list of an application's registered users?
A quick search yielded no results for such a functionality. This make sense, though, since Instagram wouldn't want to open up all its users to any app designer.
Your App
If you want the number of users using your app, then you can easily track this yourself.
Instagram App
As mentioned before, Instagram probably won't provide even basic count information about its registered users. Presumably, this is valuable information.
Your Example
Instagram's real-time subscriptions can send notifications whenever a registered user posts to their feed...
This is true, but with very limited scope. The subscriptions below are based on users who are using your app or other simple criteria such as tags or geographic data.
Users: receive notifications when users who have registered with your application post new photos.
Tags: receive notifications when a new photo is tagged with tags of your choosing
Locations: receive notifications when new photos are posted and tagged with a specific location
Geographies: receive notifications when a new photos are posted in an arbitrary geographical location as defined by a center point
and radius
As far as I have found this far there is no IG API, however as already indicated you can keep track on your app. HOWEVER, what has not been pointed out is that you won't be made aware if users terminate their account or revoke your app so the count's might be a little off. (or worse if you didnt start keeping track since the public launch of your app)
You could test on a periodic basis if you still have access, but that would require additional code, and a lot of API calls if you app has a lot of users. I hope that IG will add this function at some point.