I'm implementing authentification for a Xamarin application using Azure B2C.
To signup user we will need the user firstname, last name and his email.
later in the application the user will be asked to add his address and his user photo.
Should I add the user address and photo to be saved in the B2C or I should keep them saved in the application data base?
what is the user unique identifier that I should share between B2C and application data base? should I use the email or the userId?
In the auth token you receive back from Azure AD, you have an object ID that is unique to each user.
The B2C token is slightly different to the regular AD token, you don't get back all the values listed in the Token Reference (e.g. Groups, you have to query for these separately), but you will get the object ID that you can then use to lookup your DB.
Please visit here for further reference.
You can decode your JWT token here to see what you get back: https://jwt.io/
Hope it helps.
Related
In my Spring Boot I'd like to have both social login and signup with user and password.
Let's say the user signs-up via Google. After some time, he forgets that he signed-in via Google and tried to register using the same email.
What should happen in this case?
Should I save user info (returned by Google) in a "users" table of my database to prevent the same user to register twice?
Is there an article or something that explains a similar login/registration flow?
you can save all the users(OAuth or signup) in the user table. you can maintain a column by which you will be able to identify them if a user is signed in via OAuth or email. then if a user tries to signup via the same email you can show a message. or you can design your signup process using multiple steps. at first, the user needs to enter her email address, then you can send her an email where she needs to click some link that has some token in the url, if she previously logged in using some oath provider then she will be automatically logged in otherwise she needs to set her password.
How to get userId for getting the activity data of the user from google fit API.
GET https://www.googleapis.com/fitness/v1/users/userId/dataSources/dataSourceId
I can able to get my data by replacing userId with me but I want to create an application for other users.
As stated in the documentation, the only supported value for the user id is "me".
The identity of the user that "me" refers to is conveyed by the OAuth token you pass with your request.
If you want to access the data for a user, they will need to grant an OAuth token to you.
I'm using Laravel Socialite to handle logging in with Google. In response I can see the user's domain. I was wondering if there was also a way to get an organization id that's user belongs to.
I was wondering if there was also a way to get an organization id
that's user belongs to.
No. The only information that you have access to is stored in the Access Token and ID Token. The exception being if the Access Token also provides API access (privileges) to GCP or G Suite.
You'll need to request additional scopes to find the organization ID [1].
[1] https://cloud.google.com/resource-manager/reference/rest/v1/organizations/search
We have developed an app that let user login with facebook. The app has been granted all required permissions to retrieve name, email, gender and age range etc. But our app developer stored only id,name and email while user login. Now we need to retrieve gender and age range of all those users who have logged in the app.
Is there a way to rerun user query to retrieve those data? I am looking to develop an program using Spring-social and RestFB but it needs user login action to retrieve required data which is problem in our case since we cannot recreate login action again.
As long as the user granted public_profile permission to your app, and you have their app-scoped user id, you can make the API call using your app access token.
And if you are looking to request this data for a lot of users, then you should optimize your requests in the following ways:
request the fields you need only: /user-id?fields=id,gender
request data for multiple users in one go: /?ids=user-id-1,user-id-2,user-id-3&fields=fields=id,gender – https://developers.facebook.com/docs/graph-api/using-graph-api/v2.5#multirequests
perhaps even use Batch Requests if necessary, https://developers.facebook.com/docs/graph-api/making-multiple-requests/
Currently I am developing an application with several access methods based on Laravel/Socialite, I want to allow users authenticate with facebook, twitter, google so far or creates it's own account by filling a form with name, email, password.
Routes
login/
login/facebook
login/twitter
login/google
Questions :
¿What is the best approach once the User data has been obtained from the auth provider?
¿How to handle a common data user storage?, I mean, I am storing only person name, email and avatar, but how about the token provided by the auth process.
¿How to handle when user log in with more of 1 providers with a same email address?
And how to handle when a user set password to his account created trough facebook?
I thank your attention .