Was wondering, once I submit a concept and it is approved, whether I am able to test my app with real Spotify users before submitting it for general availability. If so, how would I do that? I'd expect I could have a page that people can accept the conditions and click to accept, then it would install the app in their installation but it would not be visible in the general app store. Is this possible?
Currently there is no managed test environment available. If you want to test the app, you have to distribute the app bundle manually and ask the Spotify user to get app developer permissions on developer.spotify.com
Related
I am trying to implement the clickwrap process and am using the php SDK.
When going through Auth via the Authorization Code Grant method and as part of the process it is asking for a login before completing the process. I've used my dev account details however why is this step needed as we are already passing through various keys/id?
Is this specific to the development environment or will this also happen in prod?
What will be presented to the end-user who does not have a Docusign Account?
I understand the 'obtain user consent' and can work that into the workflow but this is confusing.
I have worked through the Quickstart app as well and that has the same process. Have I misunderstood something?
If you want a page on your application to include a DocuSign clickwrap agreement, then you do not need to use the Click api. (It really should be named the Click Management API.)
What you do: follow the instructions for adding a clickwrap agreement shown in the Click User Guide.
The Click Q & A page is also helpful.
The "Click API" is only needed if you want to programmatically look up the Click agreements, modify the Click configuration, etc.
If you're just building an app that would ask for user to agree to a clickwrap using DocuSign Click, you won't need the end-user to authenticate.
I suggest you look at https://myclickwrap.sampleapps.docusign.com/myclickwrap/ and the code in GitHub.
Your app needs the creds to make API calls, but you could use JWT for example with one-time consent and your APP will not make these API calls on behalf of anyone, but just for the one user that the account uses.
All of this is the same in the developer env or production.
I'm working on 3 apps simultaneously. When I login in:
"https://dev.buildfire.com",
only one of the app's ID appears.
How can I login with another app ID?
The website dev.buildfire.com, aka the "developer portal", is used to manage your custom developed plugins. Alternatively app.buildfire.com, aka the "control panel", is what you use to manage your apps. If you want to manage your apps just login into the control panel and select which ever app you like.
It might help if you describe what specifically you are trying to do.
I'm building a Windows 8.1 store app and need to incorporate authentication. This is an enterprise app used in house. We load the app onto a tablet and a team may check that tablet out for weeks at a time, go out to the field to collect data and then we put in on a shelf until another team needs to use it. Now different teams may work for difference clients so when we authenticate users not only do they get access to the app but we also check what groups they are in to determine what clients they can work on or what previous records they can search for.
I've followed various ADAL tutorials and am able to setup everything in Azure and in my app I am able to authenticate a user successfully and get their groups. This relies on ADAL handling the username/password. What happens when the app shuts down and the user in a place where there is no internet (or even a reliable cell connection)? Specifically how can I have the user type a username/password to re-authenticate and get the same groups they were in when they can't access Azure services?
It appears they isn't available as the guidance always points to that is a risky proposition to have the app handle username/passwords. I understand that stance and can appreciate the caution behind it. However, in all of the ADAL documentation that I find that says this, none of them tell me how to handle an offline authentication scenario.
I have found links such as ADAL v3: How to authenticate using UserPasswordCredential? that tell me how to bypass the ADAL login page. I may have to move to that route and handle all of the username/passwords securely within the app, but first I would like to reach out and see how others tackle this scenario. Is it really as simple as avoiding best practices and just handle the username/password within the app?
If anyone has some guidance, ADAL (or other oauth providers) documentation, or other articles/advice I can follow up on to help achieve offline authentication I would greatly appreciate it!
Additional Information:
My scenario that I'm trying to cover is what happens when I have 1 device, 1 app, and many different users? These users will be in different groups that will determine how data fields get populated (filter data in combo boxes) and what previously submitted forms they can query for. All users would need to login when online to cache their information (say on Day 0) before they can ever use the app. On Day 1 user 1 uses the app and doesn't log out. I would expect the app to have a timeout timer to log that user out after 2 hours of no activity. On Day 2, user 2 just grabs the device off the shelf and takes it out into the field. He has no internet and needs to log in to determine who they are and what group they are in. I would expect since he has logged in once and verified his credentials already that we can enable this sort of scenario.
What I'm looking for is guidance if ADAL as a library can handle this or is it truly up to me the app developer to handle this sort of scenario. As I see it currently I need to store all user credentials, but at the same time it seems like everyone advises against that. I feel like I'm in a situation where I need to create a custom login screen and store the user data, SECURELY of course, even though its not recommended. It seems like all articles on how to use ADAL are written from a consumer app standpoint (or a BYOD) and don't take into account how a mobile app would be written for the enterprise.
That depends on your app design, if the first time(app online) , user login and app store all groups ,user information .After that user doesn't need to use token to get related information again(send request to server to acquire groups/user info). If app is offline , user doesn't need to re-authenticate(app controls the user session) , just get group/user information from cache . When using resource owner flow , you still need to send authenticate request to Azure AD server which need internet.
I want to access full features of Instagram API before go live. I am in the last phase of testing and if I submit a permission request will it be accepted? My website url will not be the same as live one as I have not migrated yet.
You cannot get full API access without getting permission review, You will be approved in sandbox mode as long as you show video screencast of ALL API usage in app.
All apps currently approved were reviewed with limited sandbox mode access, you may be able to get away without migrating to actual website, your video screencast should show all login flow and app fuctionality for all APIs and must be clear as to what your app is trying to achieve
Is there a way to determine if the currently running app was installed via Facebook ad?
I am currently calling [FBAppEvent activateApp] in my app delegate's applicationDidBecomeActive selector. I'm not using any other Facebook SDK features.
I would like to distinguish users that arrived via a Facebook ad. Is there any way on the phone to determine that an app installation came from a Facebook ad?
Here is the response I got from Facebook developer support on this issue.
Unfortunately this is not currently possible using the SDK. As per the docs, we only send information on when someone installs the app.
https://developers.facebook.com/docs/ads-for-apps/mobile-app-ads
"After installing the SDK, include the following code to be executed when your app is in the foreground. This will allow the app to ping back the install event to Facebook when the user opens up the app for the first time, and again in the future if there is a network error. Our client code will stop sending installs once it acquires a success code from the server, and our back-end will only count the install a single time if it receives multiple hits for the same device"
I hope this helps.
Thanks
Yes, there is. It isn't as easy as you would hope, but this is what you do.
Look in your logs on your server to see when someone's clicked through an ad
Find the IP address connected to that request I.E 8.8.8.8 (Google OpenDNS, if you're wondering).
look for the same IP address of someone who accesses the page after they've installed the app. If you find a match, your ad worked.
write a python script or have me write a python script to do this automatically.