I am calling the following curl command, but it is always returning me invalid username/password.
curl -F "login=myemailAddress" -F "password=myPassword" "https://api.cloud.appcelerator.com/v1/users/login.json?key=<API_KEY>"
I am using the key defined in TiApp.xml as acs-api-key-production. Now if I use the same username and password and login through dashboard.appcelerator.com, then I am able to do so.
Can someone please point out as to what issue is this. I am doing a similar implementation in C#, which too is returning the same invalid username/password error.
The username and password should not be from your AppC account, but from an (admin) user you create at:
https://platform.appcelerator.com/#/api/data/<GUID>/data.next/user
In the dashboard, navigate to your ArrowDB app > Manage Data > Users > Create User. There should already be an admin user you can use.
Related
I’ve been trying to login to HEROKU CLI on a headless Ubuntu. So, I don’t have a chance to open a browser. That’s why, I need to login with credential or any other method but there are only two login options which are browser, credentials.
Is there anybody face with the same problem?
Command:
heroku login -i
Error Message:
› Error: Your account has MFA enabled; API requests using basic authentication with email and password are not supported. Please generate an authorization token
› for API access.
›
› Error ID: mfa_required
PS: The Heroku doesn’t allow me to disable MFA.
Shanshan Chen is basically right, but given the specifics of your issue you're still going to need the -i flag. I have had the same issue and was able to log in successfully using these steps:
Run heroku login -i
Enter your email address as normally
For the password, use your Heroku account API Key (see below)
Try heroku login and use API key as the password. Feel free to refer to
Not able login to Heroku account from command line
I am trying to access the Github repo which sits behind an enterprise firewall (Open VPN). I am trying to access with my username and password but getting the below Exception. Any suggestions on how to access the repo with Spring Cloud.
application.properties:
spring.cloud.config.server.git.uri=https://github.com/company-repo/abc.git
spring.cloud.config.server.git.username=tarun
spring.cloud.config.server.git.password=xxxxx
spring.cloud.config.server.git.ignore-local-ssh-settings=true
Exception:
Error occured cloning to base directory. org.eclipse.jgit.api.errors.TransportException:
https://github.com/company-repo/abc.git: not authorized
Do not Use Your GitHub password in your app.prop file...You will get a Not Authorized exception. Instead Generate an access token.
Creating a personal access token
You should create a personal access token to use in place of a password with the command line or with the API.
Personal access tokens (PATs) are an alternative to using passwords for authentication to GitHub when using the GitHub API or the command line.
If you want to use a PAT to access resources owned by an organization that uses SAML SSO, you must authorize the PAT. For more information, see "About authentication with SAML single sign-on" and "Authorizing a personal access token for use with SAML single sign-on."
As a security precaution, GitHub automatically removes personal access tokens that haven't been used in a year.
Creating a token
Verify your email address, if it hasn't been verified yet.
In the upper-right corner of any page, click your profile photo, then click Settings.
Settings icon in the user bar
In the left sidebar, click Developer settings.
In the left sidebar, click Personal access tokens.
Click Generate new token.
Give your token a descriptive name.
Select the scopes, or permissions, you'd like to grant this token. To use your token to access repositories from the command line, select repo.
Click Generate token.
Click to copy the token to your clipboard. For security reasons, after you navigate off the page, you will not be able to see the token again.
Warning: Treat your tokens like passwords and keep them secret. When working with the API, use tokens as environment variables instead of hardcoding them into your programs.
To use your token to authenticate to an organization that uses SAML SSO, authorize the token for use with a SAML single-sign-on organization.
Using a token on the command line
Once you have a token, you can enter it instead of your password when performing Git operations over HTTPS.
For example, on the command line you would enter the following:
$ git clone https://github.com/username/repo.git
Username: your_username
Password: your_token
Personal access tokens can only be used for HTTPS Git operations. If your repository uses an SSH remote URL, you will need to switch the remote from SSH to HTTPS.
If you are not prompted for your username and password, your credentials may be cached on your computer. You can update your credentials in the Keychain to replace your old password with the token.
The way i made it work is :
Generate the Access Token on Github repo and provide read and admin rights to it
Use the Token as password
Credentials can be saved in Kubernetes as Secrets or inside Vault. Hope this helps.
Suppose there are some web sites that require people to type in his or her username and/or password to pass through the authentication dialog to get the actual contents behind it. When people encounter such web sites on a browser he or she can type in his or her username and/or password to pass through the authentication. However, is it feasible to verify it from within Terminal?
The content there is a single zip file, and I was able to download it using curl and -u option to specify my username. However, it still requires me to type in my password to pass through the authentication, and I would like to know how to automatically go through it using my password, without being prompted to type in my password, since I have to download it every day, and want to use my bash script to achieve it.
I use OS X 10.9.2 and I would like to access it from within my Terminal. I have both of my username and password on the authentication for sure. I might be interested to know the most secure way possible to pass through the verification.
You should be able to use curl for this, just change the argument you give for -u to include the password:
curl -u username:password http://www.website.com/content/file.zip
Obviously this requires storing your password in plaintext in your script, which is not ideal for security. If you have SSH access to the server in question, you can create a private/public key pair, then use the public key to log into the server without a password being required (and download the file using scp), which would ideal from a security point of view.
I am trying (and failing) to use OAuth2 to make calls to the admin.directory.group scope via a command line script. I tried configuring a Service Account to do this, but get this error message:
Error calling GET https://www.googleapis.com/admin/directory/v1/groups/foo%40example.com: (403) Not Authorized to access this resource/api
I also tried using an "Installed" application type, taking the manual step of obtaining an authorization code and subsequently a refresh token, but got the same Not Authorized error.
I do have "Enable API access" checked, and also have "Admin SDK" enabled in my project (though oddly it doesn't list admin.directory.group as one of Admin SDK's scopes).
What am I doing wrong?
Have you add the client ID in your Admin Console to grant Admin SDK third party client oauth access?
Here is an instruction on how to do that for task API:
https://developers.google.com/google-apps/help/articles/2lo-in-tasks-for-admins#manage
It should be similar for Admin SDK except you will have to put Admin SDK as the scope
I finally got this to work using a service account. I did have to grant 3rd party access as Emily Lam suggested, but by a different means:
Log in to admin console
Security -> Advanced settings -> Authentication ->
Mange third party OAuth Client access
Authorize a new client by setting the Client Name to the Client ID of the service account, and the the API scope to whatever you need from the Admin SDK (e.g., https://www.googleapis.com/auth/admin.directory.group)
The other thing I needed to do was make sure my request was being made on behalf on an administrative user. Using the PHP API, setting up the credentials object looks like this:
$cred = new Google_Auth_AssertionCredentials(
$clientEmail,
'https://www.googleapis.com/auth/admin.directory.group',
file_get_contents($keyFile));
$cred->sub = 'admin#example.com';
Now I am able to successfully make calls using the Google_Service_Directory class.
I've deployed my site in IIS 7, and can browse to it fine on the web server.
I've set it to windows authentication (only), and when browsing from outside the domain, I want to be challenged for credentials, and gain access when entering a domain\username & password combination that exists in the AD.
401 - Unauthorized: Access is denied due to invalid credentials. My iis logs
I put a dummy site in IIS and set it to anonymous, I can browse to this no problem also.
I checked that windows auth was installed/set up on the web server, and it is.
What set of config parameters do I need to get this working?
*yes, I know I should use some sort of custom authentication provider with accounts stored in a database, but I don't want to go through that yet.
Thanks for any advice, words of wisdom.
I think your only option is to enable basic authentication. The user should then enter the full domain\username with the password. Beware though that basic authentication uses just base64 which can be very easily decoded. So if you enable basic authentication you have to use SSL/TLS as well.
In Internet Explorer, you can get it to prompt you by: Internet Options > Security > Custom level > User authentication > Logon > Prompt for username and password.