We have a react app using auth code with pkce . When user is not assigned to an App they are getting an endless loop to /login/callback and /authorize endpoint with error “User is not assigned to an app” . I don’t understand why I’m getting the loop . This is causing Okta rate violation limit .
Click here to see the code
Assign the Everyone group to your app and it should solve the problem.
Related
I’m in the early stages of learning front end development. I have an idea for a project that will interstate the Spotify api but the Spotify access tokens only last for one hour. I wanted to know is there a way I can circumvent this and avoid having to update the token every time I want to use the api. I am aware of the authorization flow but I’m having trouble understanding how to follow it in order to get a refresh token.
I only need to make 2 GET request for getting a track ID then to get the song from that ID
As stated in the official API documentation, an access token lasts one hour but can be refreshed using a refresh token. By using a refresh token you can get a new access token that will be valid for another hour.
Docs: Spotify guides: token swap and refresh
I am using this sample (Botframework V4) [https://github.com/microsoft/BotBuilder-Samples/blob/master/samples/javascript_nodejs/18.bot-authentication][1] for performing authentication in my bot. I need few thoughts to implement this authentication functionality for my bot.
Currently in the sample. They are using Oauth prompt in the main dialog file which in deal case will repeat every time when we chat with the bot. The things which i am trying to achieve is listed below.
When the user Chats with the bot first time . He should login using the prompt . From next time the bot should not ask for the login . if he runs any dialog.
How can we keep this authentication away from dialog's. I mean it should not happen in main dailog which is not a recommended way to do it .
In some cases if i keep this bot in SSO enabled environment. How can these bot fetch the user info without asking for login.
If there is any best practice to follow . Could you highlight the same.
Let me know if you need more inputs.
Configuring an OAuth/AAD provider to enable end user sign in.
Capability:Automatic provisioning of AAD apps, and bot-optimized service for performing AAD user sign-in and SSO.
https://learn.microsoft.com/en-us/azure/bot-service/bot-builder-authentication?view=azure-bot-service-4.0&tabs=aadv2%2Ccsharp#register-the-azure-ad-oauth-application-with-the-bot
while i try to setup dream factory in laravel.It gives error as:
Could not find service for user
Also in browser console it shows error as:
XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience
.Please some body help me.
Looks like you have two issues going on. I might be able to help with the DreamFactory one.
Try making sure (in your admin console) that your authorized user has a default role assigned. (Tap your application in the "apps" tab and there is a drop down for default role on the right).
Then ensure that user role has access to your services (In the roles tab, tap the role and then go to the access tab).
This "cannot find service" error can happen when the user role making the request does not have the needed permission for the service.
The second error is about the way you are making the request. It looks like you need to execute XMLHttpRequest on a background thread. Seems the second error is not actually preventing the DreamFactory API request. Just warning that it's not the ideal way to make it.
Hope this info helps.
I am using j meter to run the concurrent users.After login the application, I searched the files and finally logout from the application.I don't know to handle the logout process.Currently I created the 100 users.
100 users are logged into the application.
100 users are searched something.
100 users are needed to sign out.
How to do the third step. When I was recording the logout,there is no process are recorded.Could you please tell me the solution.
Usually logout is:
Associated with the relevant HTTP Request
Assumes clearing session data so if you have > 1 Loop on Thread Group level and using one of the following (or both):
HTTP Authorization Manager
HTTP Cookie Manager
Make sure you have Clear xxx on each iteration box checked
Logging out is a call just like any other- and it will be specific to your site. If you closed a browser tab or window, it's possible that you didn't actually log out from your site. It's also possible if you stopped recording too soon that you simply didn't record it.
I suggest manually adding it. You'll have to go into your Browser's Network Debugger to find the actual call that you're looking for, and then recreate it in JMeter.
I have a small application that has a handful of authenticated users. One of the users is trying to login and they keep getting a token mismatch when trying to log in. No other user on the platform is experiencing problems and I cannot seem to replicate it. I've had them clear their cookies and cache and it didn't solve the issue.
Any other thoughts on what may be causing it for this individual user?