I have registered my app in fitbit . There I can't see " Consumer Key " option. But I need the key to include in my passport-fitbit integrated application.
Related
We have a react app using auth code with pkce . When user is not assigned to an App they are getting an endless loop to /login/callback and /authorize endpoint with error “User is not assigned to an app” . I don’t understand why I’m getting the loop . This is causing Okta rate violation limit .
Click here to see the code
Assign the Everyone group to your app and it should solve the problem.
I'm trying to build an application similar to Spotify, where users can access particular content if subscribed. I'm trying to use Microservice Architecture to build this. The client is an android app.
So for user Authentication, I have an "Account Service". It makes use of the Oauth2 code to authenticate the user.
For accessing content, I've made a service called "content service" which would authorize user access to content, thereby giving them a signed URL to the content (link to .mp3 in this case).
Now, how do I authorize the user requests at "content service". All subscription details are stored in the "Account Service" database. I don't want it to communicate with account service, as that'll defeat the purpose of using microservice architecture.
so to solve this, I was thinking of making use of digital signatures. Have the account service generate a key pair, send the public key to "content service" or some other Keystore service. specify the access/authorization in JSON, sign it, and send it to the client. When a client wants to access any content, it sends this signed JSON to the "content service", which checks its validity by making use of the key "Account Service" sent earlier and thus authorizes the user and grants access.
I want to know a better/standardized way of doing this.
I am using google app Oauth for authentication.
I Submitted the app and got verified.
Verification status says Published and application type set to public
But when i use it through my application it says unverified.
This app isn't verified This app hasn't been verified by Google yet.
Only proceed if you know and trust the developer.
Thanks .
Found the problem .
App is verified but when i send the request with the scope which is not added to the scopes .
Thanks guys
I have an app developed with PHP for the google marketplace. It is working well although users when installed the app on the domain, it still asks for permissions to access contacts,drive etc when coming from the google default navigation button.
according to google it should be automatic when installing the app on the domain and users should not be prompted for anymore permissions. How is the correct way to implement this using the new SDK and oauth 2.0?
Best regards,
Joao Garin
Take a look at this post - SSO with Oauth2.0 for Enterprice Google App (OpenId to Oauth2.0 migration)
That one is Python oriented but should work with similar ideas on PHP.
Put all your scope in admin sdk and when user gets redirected to your url "http://www.example.com/?domain=somedomain.com" just redirect the user to google again with only scope="email+profile", "include_granted_scopes=true" makes it include all the scopes you have defined in the admin sdk and try to avoid https://www.googleapis.com/auth/plus.login scope in the request as it will causes confirmation popup for access to users' circles for each user and its broke the seamless domain-wide sso.
Here is an example in vb.net:
sub page_load
Dim loginUrl = "https://accounts.google.com/o/oauth2/auth?scope=" & _
"email+profile&" & _
"state=" & xState & "&" & _
"redirect_uri=" & GoogleApiCredentialHelper.RedirectUri & "&" & _
"response_type=code&" & _
"client_id=" & GoogleApiCredentialHelper.ClientId & "&" & _
"access_type=offline&" & _
"approval_prompt=auto&" & _
"include_granted_scopes=true"
response.redirect(loginUrl)
end sub
I am trying to get my API key for the new Google Custom Search API.
When I go to Cloud Console->APIs & ath->APIs->Custom Search API->Overview, I get an older dashboard (I believe) for the Cloud console, where I see "API Access". When I hit that, I get redirected to "Cloud Console->APIs & ath->Registered apps", where I cannot see an API key.
How can I get my API key?
Maybe try a direct link: https://cloud.google.com/console?redirected=true#/project/HERE_YOUR_PROJECT_ID/apiui/app?show=allapp
(Remember to replace the project id).
If the key is not there, go back to the APIs & Auth > APIs tab and check if the Custom Search API is ON (green).
I've found the answer.
It seems that if you register your app as "Native", you do not receive an API key by default. I've had to register my app as "Web" to see an API key.
Alternative:
Access the old dashboard and at the "Simple API Access" click "Create new server key"
The API key is available in the,
Cloud Console -> APIs & auth -> Credentials -> Public API access