https://github.com/square/connect-javascript-sdk/blob/master/docs/OAuthApi.md#obtainToken
How many access tokens can be generated per personal API token with Square SDK? A million at a time? Infinite? 100? It doesn't mention on the website, nor on any other Stripe documentation that I could find.
If you really mean Square, and you're solely talking about OAuthing other merchants (based on the link you provided) then our docs say:
By default, the OAuth API lets up to 500 Square accounts authorize your application.
It is possible to increase that number, but you would need to reach out to support and communicate the need with them.
https://docs.connect.squareup.com/api/oauth#navsection-oauth
Related
I use scopes:
https://www.googleapis.com/auth/userinfo.profile
https://www.googleapis.com/auth/userinfo.email
but result data of:
https://www.googleapis.com/oauth2/v1/userinfo
https://www.googleapis.com/oauth2/v3/tokeninfo
not contains info about exist two-factor auth on google account.
Can I get boolean or another value about it?
Sorry we don't expose If a user has 2 factor auth or not) through API. We have been thinking about this for a while.
We have been doing a lot of things to improve the security for all users (including the ones who have not enabled 2nd factor). This is based on the risk signals and we ask for second factor if the user has a phone # on their account even without a user enabling "strict" 2nd factor. This allows us to protect all users. The difference being in one case 2nd factor is required in all sign-in vs required when we think there is risk.
The problem is that if we do expose whether a user has enabled strict 2nd factor, a lot of 3rd parties will "force" users to become a "strict" 2 factor users without understanding what that means. So for now we don't have a timeline.
I am developing an app that uses the Orders endpoint.
As far as I can tell, there is no way to place an "order" without providing a credit card. Which means there are fees (because there is no square sandbox...)
Is there any way to test my integration without incurring fees??
Note: This stackoverflow answer gives a work around for the Payments endpoint, but that is not helpful in my case.
Square has sandbox where you can use the sandbox nonce and predefined credit cards. In this way you will not get charged for the orders. Check this link https://docs.connect.squareup.com/articles/using-sandbox/
I'm currently integrate Google+ API to my service.
I'd like to know what's the limitation for this kind of api:
https://www.googleapis.com/plus/v1/people/{user_id}/activities/public
in google develop console, I found this:
Quota summary
Free quota 10,000 requests/day
Remaining 9,998 requests/day
99.98% of total
Per-user limit
5 requests/second/user
I think there will be two kind of limitation:
Application level
For example, how many requests can an app send per day(sum of the number for all users), and what's the max qps?
User level
For example, how many requests can an app send per day for a special user, and what's the max qps?
But I can't find the exactly info, does anyone know?
Can't say particularly about this API, but when I used Google Places api the quota was linked with IP address.So if it expired, we need to use different IP for hit.No user / application quota.
you already have those answers in your question:
10,000 requests per day in total, using that developer console key, thus your total "app" calls.
per user there is no limit, there is a rate quota. a single user could at most make 5*(seconds in a day) requests per day.
in this specific api case this is much bigger than 10,000 thus that rate quota is not that useful (except it prevents users from quickly depeting the 10,000 daily quota).
you can edit that rate quota so its lower or higher, and is used so a single user cant consume all the app quota (maliciously or otherwise)
I am currently in the process of planning & developing an integrated application using Stripe in addition to some other technologies (a combination of backbone & laravel). As a result I am using Stripejs in combination with the PHP stripe library.
I use stripejs to send Stripe their account info (for savings accounts I send country, routing and account numbers via stripes js lib, I then save off the created token in the response to the backend). I am attempting to transfer money to various recipients following charging accounts (so I have money in my stripe account) but I am a bit confused over exactly what approach to take.
My main questions are as follows.
If I am positive of the identities of the individual’s using the application, is verification required (5 – 10 people max will be using)?
If it is required what is the best approach to verifying the user using the current technique I am using (create a token, save off on the backend)?
From my experience with Stripe, you don't need to 'verify identities' each time you use a token, so long as a customer has been set up for recurring use. So as long as your application is properly secured so that only the 5-10 people can use it, and can only process payments for their own accounts, you are good to go. In other words, you obviously want to do your own user verification to make sure only valid people can use the application, but you don't need to do it as far as Stripe is concerned.
That said, if you are in essence transferring money between people, you might want to go the extra distance and make sure that the user has the correct card number or bank account number each time. In which case I would use something like:
Get user data using tokens stored in DB.
$cu = Stripe_Customer::retrieve("cus_4pn93XXXXXXXXXXX");
$card = $cu->cards->retrieve("card_14g7ZU4rLTyXXXXXXXXXXX");
If Stripe's returned data matches user-submitted data, you know you have the correct user. In particular, if the last 4 digits of the card and the expiry date match the last 4 returned by Stripe and the Stripe returned expiry date, you can be reasonably sure (albeit not certain) that the person actually possesses the card in question.
Can't find any information about invoices/billing in Facebook Ads Api documentation.
Is it possible at all to get Facebook ad account invoice data using any api?
I know I can get amount spent by ad account per day. Unfortunatelly this is not always identical to the amount on the invoices.
Unfortunately I don't think there is an API for this.
Spend is a little tricky to get right. Facebook can retroactively change the numbers, apply credits to your account, and so on, so you can't really rely on any spend numbers retrieved via the API being 100% accurate.
We ended up setting up a task that runs every night and retrieves spend data for the past 28 days. This was the only way we could ensure that our numbers matched FB's exactly. If you require a similar level of accuracy you might want to consider setting up something along those lines.