Yammer Token in SharePoint Online - yammer

I am fetching the data from Yammer Using Rest api.
I am passing Bearer +"Yammer app developer Token" in the header.
Is it required to pass the token in SharePoint online since Both Yammer and SharePoint are in Office 365 Tenant.
If required how can i pass the token dynamically in the header instead of hard coding the token.
Many Thanks

You need to implement the process of getting user specific yammer access token, once you got the access token that will be valid for years. here is the process you can follow https://developer.yammer.com/docs/authentication-1click here

Related

Get accesstoken from Microsoft Authentication Library (MSAL) for .NET without Login into the Web Server

i am building a saas website(aspnetcore webapi 2.1+angular js) which allow user to connect thier email account(Gmail,outlook mail..),so they can receive and send email without switching out. i have completed the gmail part smoothly, but when i come to outlook mail, i stucked on the authentication part. what i wan't (and i have already done on Gmail intergration) are :
direct user to the Login page with necessary parameters(tenantid,clientid..)(https://login.microsoftonline.com/common/oauth2/v2.0/authorize.....)
when user is logined in, store the tokens in database, and manage them(get new refreshtoken and accesstoken after expired automatically).
i have read a lot articles on msdn,github,stackoverflow, and found the nearest solution is this one:
https://github.com/jasonjoh/dotnet-tutorial, but it logins the ms user to the my website. i just wan't to popup/redirect the user to microsoft login page, and get the user's accesstoken to get/send thire emails through Microsoft Graphy Api, not login as a microsoft account. i can't found similar code to Google API in MSAL
credential = GoogleWebAuthorizationBroker.AuthorizeAsync(
GoogleClientSecrets.Load(stream).Secrets,
scopes,
tokenId,
CancellationToken.None,
// new FileDataStore(credPath, true)
(IDataStore)userApiTokenRepository //<------------token management
, new LocalServerCodeReceiver(
#"<html>
<head>
<script>
window.onload(function(){window.setTimeout(3000,function(){window.close();}});
</script>
</head><body>Successfully linked with gmail!</body></html>")
).Result;```
the code above will direct to google login page(even it is called via http post from js client), and store them in my customer repository. do i miss something in the MSAL, or i must implent the 0auth flow manually?
To get an access token for MS Graph the user has to sign-in first so you can send their credentials to acquire the token. You cannot bypass the 1st sign-in page.
MSAL can do this for you, by interception the openIdConnect event OnAuthorizationCodeReceived and then calling AcquireTokenByAuthorizationCode with the code received. I would recommend you to take a look at this sample, set a breakpoint on OnAuthorizationCodeReceived and analyze the flow that is happening there.
About implementing the flow manually, it will be a hard task to deal with the token expiration and the security points. I would highly recommend to use MSAL.

OAuth or API key authorization?

I'm trining to create live stream on youtube using google API. Now it working only when I use oauth authorisation. When I use API key authorisation I get authorisation error (login required)
When I use oauth authorisation - it require to enter confirmation code each time I create new translation. Is it possible to use "liveStreams->insert" method of API with authorisation that does not require entering of confirmation code?
From what you are writing it appears to me that you haven't understood the concept of OAuth and when to use OAuth vs an API key.
Try to think about it this way: You, as a person, have a Google account. This Google account is not the same as your YouTube account (or, as it is more commonly refered to, your YouTube channel). But your Google account is associated with your YouTube channel (of which you can have multiple). Because you are logged in to your Google account and your channel and Google account are linked, the YouTube website knows who you are and gives you access to your channel.
Now you head over to the Google Cloud Console. Here you create a project, which is very similar to a YouTube account in the sense that it, too, is an independent account which in this case represents your app, but is linked to your Google account so the Cloud Console website knows to give you access to the project as long as you are logged-in to your Google account.
HOWEVER, your YouTube account is not linked to your Cloud Console project. When you make an API request with an API key, the API does not see you as in "your Google account", but rather your apps's Cloud Console Project. That's why with an API key, you can only access publicly available data (everything you could "see" when you browse YouTube while not being logged-in).
So, in order for an application to read private channel information or modify channel information, the API needs verification that whoever makes that request is actually allowed to do that. This is where OAuth comes into play.
When you say you have to provide the confirmation code for each request, I think you don't save the access token and refresh token. I highly recommend you read Using OAuth 2.0 to Access Google APIs and Obtaining authorization credentials over on Google Developers to help get you started.

How to replace people.me from Google+ with Google People/Google Sign In api?

I had a "sign in with Google+" function in my web-app. Upon signing in I would show user's email and name on the page and save it to database. To fetch user's profile data after sign in I used Google+ API method people.me with access_token in GET params.
Google+ API is going to shut down on March 7. I have to migrate to Google People or some other api. How do I achieve the same goal with a different google API? I need to fetch email and name by known auth token.
We use this through Laravel's Socialite, and they're replacing it with:
https://www.googleapis.com/userinfo/v2/me
You may want the profile scope as part of the OAuth flow to make the profile data accessible through this methods. Otherwise it will return incomplete data.

Google OAuth Access tokens for different APIs

I'm trying to access Reports API. And created source code for this on Java (GitHub project).
I can get Access Token, but if I use it for Reports API Google always return me "Access denied. You are not authorized to read activity records" error.
I tried this Access Token to receive information from Drive API and it works. So Access Token is valid for Drive API and not valid for Reports API.
On this page I found this information - Using OAuth 2.0 to Access Google APIs
Access tokens are valid only for the set of operations and resources
described in the scope of the token request. For example, if an access
token is issued for the Google+ API, it does not grant access to the
Google Contacts API. You can, however, send that access token to the
Google+ API multiple times for similar operations.
So I can't use one Access token for all APIs? If so how can I get Access Token for Reports API?
I'm using Service Account JSON for access token generation.
Thank you for help!
Aleks.
So I can't use one Access token for all APIs?
When you authncate a user you request some scopes this tells the user what apis and data you need access to. There are a lot of Scopes each scopes gives you acccess to diffrent data.
If so how can I get Access Token for Reports API?
You include the scope for that api in your authentication code. Its hard to know which reports api you are talking about
adminreports_v1
There is also the Google analytics reporting api, and the Youtube analytics reports. The easiest way to know what scope you need to include is to check the doucmentation page for the method you are using they will always include an auth section telling you which scope you need in order to use it.

Login with Yammer credentials using API

I am trying to login website with yammer credentials using REST api. I have registered in yammer API. Now i have got developer token and Client ID from Yammer website.
Could you guys please let me know what is next step to login with yammer credentials from our application using c# in visual studio. Because i am beginner in using API.
Thanks!
You have a couple of options:
The JS SDK approach -
https://blogs.technet.microsoft.com/israelo/2014/10/21/yammer-rest-api-for-dummies/
The ADAL approach -
https://blogs.technet.microsoft.com/israelo/2016/07/05/yammer-apis-and-adal-tokens/
The first open will request users to login via a browser pop up, and the second option can utilise IWA, but there are some pre-conditions and limitations as it is still in preview. Details are in the blog.

Resources