I want to add a user to a group through the API. The proper endpoint should be:
https://www.yammer.com/api/v1/group_settings/process_additions , but keep getting a 404.
I found this, describing my exact problem, but no answers:
I want to join users except current login to yammer group. or I want to invite them to join yammer group using javascript sdk by yammer. I found one way of doing that by following
Makes a POST to: same call as above
id: GROUP_ID
invites[ids][]: USER_ID
invites[emails][addresses]:
I don't know how to call it. I tried to call that URI but it gave me error like
"No 'Access-Control-Allow-Origin' header is present on the requested resource" can any one tell me how to pass that data to request call ?
So: How to call https://www.yammer.com/api/v1/group_settings/process_additions ?
Looks like there is an authenticity_token param missing in your URL. You must supply that parameter.
This URL works, but note that it is not documented / supported, and could potentially change at any time:
https://www.yammer.com/insert_yammer_network_name/group_settings/process_additions/isert_groupID.json?id=isert_groupID&invites[ids][]=&invites[emails][addresses]=insert_email#domain.com&auto_add_invitees=true&authenticity_token=insert_oauth-token
Modify the above format with your details, copy it into a browser URL, hit enter, and you should get the following response {"status":"ok"}, or {"already_member":"true"} if the the user is already a member of the group.
Note that you can't make REST calls to https://www.yammer.com/* as it will result to CORS error. Use https://api.yammer.com/api/v1/ as your base URL instead.
===========================
The above solution is no longer valid. Use the impersonation method instead as it is supported/documented by yammer.
Related
I am using Authorization Code Flow. I want to get consent for two different audience/resource in one login popup.
So, I know that it is needed for acquireToken for first audience and then acquireTokenSilently for second audience.
However I got below error when calling acquireToken method:
AADSTS28002: Provided value for the input parameter scope 'openid
profile offline_access' is not valid when requesting an access token.
Please specify a valid scope.
I remember that I didn't get this error when I tried this scenario last week.
Also, I didn't add the openid, profile, offline_access scopes, it is added to url automatically by the library.
Then below url is generated.
https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?scope=openid+profile+offline_access+https%3A%2F%2Fgraph.microsoft.com%2FUser.ReadWrite.All+https%3A%2F%2Fteamsconfigapi-int.trafficmanager.net%2Fuser_impersonation&response_type=code&redirect_uri=https%3A%2F%2Flocalhost%3A8080%2Flogin&state=bd237c04-76b6-4a76-beca-fe4650c1f64d&nonce=3eab6371-df43-5cga-aded-a106fed74ab6&prompt=consent&client_id=56b7k4bh-8ce4-4b45-adkd-c51cdf5t52c2&response_mode=query
Note: Also, when I getting https://graph.microsoft.com/User.ReadWrite.All and https://teamsconfigapi-int.trafficmanager.net/user_impersonation consents separately(in two different login popup), there is no any problem. I can get AuthenticationResult objects both of them.
Why I got this error?
You want to collect consent from two separate audiences/resources in one login popup, however you cannot get an access token for scopes that span more than one resource. You will need to request two access tokens for two different resources. The first can be accomplished using loginPopup, and the second can be accomplished using acquireTokenPopup or acquireTokenSilent.
Read more here: https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/resources-and-scopes.md
Before adding, yes it works when I give the entire url like http://localhost:8080/onedrive/oauth2/success/1 in the list of uri in azure uris. I am using code flow to authroize these tokens.
But as per the docs, it should work with me just mentioning the domain name there, like http://localhost:8080. Which it doesn't.
I want to do something like send the user id along with every request for me to keep track of which user I should link this accees token to, and have no idea to do so, if this issue is there. My current application logic is, when my application sends the user details and calls my spring API, I want to handle all these transfer of tokens in the server side, so I want to transfer this userId as my path variable. How do I go about doing this? Has anyone done this, can they explain to me any other different solution?
You can't add custom details to OAuth redirects and it is best practice to always register the full redirect uri.
In terms of tracking the user, after login the token has a user id and you can also get fields such as user name and email - so both the UI and API will know which user each token is for. I can provide further details on mechanics if needed.
The user id in a token is often a generated value, whereas the user id you want to use in API path segments is maybe a user id from your app's back end database - if so you will need to map between token details and database details.
If you provide redirect uri as http://localhost:8080/ then it means you are handling the api response in
/
endpoint and not
/onedrive/oauth2/success/1
To get to know the user to whom you are linking, few ideas which you can use are
1) Use security to obtain the logged in user credentials (Ex: Principal if you're using Spring security in java)
2) After successful authentication, use the user id you have and send one more request to backend and store it database with userid as a key
This happens in the API Explorer and using the .NET client API. In the API Explorer, I was trying to use the query param, but eventually I just removed it and now send the request with no params, and it still turns around 400 even though I am authenticating successfully with OAuth2 in browser.
Why is this endpoint broken?
https://developers.google.com/admin-sdk/directory/v1/reference/users/list
The problem was the customer field was not filled in. It must contain a valid customer id. Once I populated that, it worked.
Really wish Google would work on providing better error feedback and improve their docs. This field (as of today) is still listed as optional.
As the documentation says:
either the customer or the domain parameter must be provided
I tried to specify domain name and it worked.
I am a beginner to magento REST API, how i will get token and token secret to be fill in Postman REST resquest. I have only consumer key and consumer secret.
Please provide me the steps to follow.
First, you want to request a valid OAuth token and secret. Do this by hitting the /oauth/initiate URL of your Magento store with a GET parameter for oauth_callback. We're going to use httpbin so that we can echo anything that is passed to our callback. Make sure you have "Auto add parameters" checked on the OAuth 1.0 settings for Postman.
That will give you an oauth_token and oauth_token_secret, which are only temporary. These are referred to as a "request token" and secret. Save these values somewhere because you will need them later.
Now, assemble a new regular HTTP request to the /admin/oauth_authorize URL of your Magento store. This will return a login form where you can accept the oauth token and authorize your app, however since we're using Postman we aren't able to interact with the form.
Instead, view the source and pull out the form_key hidden input value. Then assemble a new HTTP request to fake the submission of the authorization form. Make sure it is a POST request. Your new HTTP request should look like this.
Now, you need to actually confirm the authorization. Simply issue a GET to the /admin/oauth_authorize/confirm URL of your Magento store with the oauth_token as your parameter. When you send this request it will redirect to your oauth_callback from the first step. Now, you can see why we used httpbin as our callback in the first step.
OK. So, we're almost home. The last piece of the puzzle is to use the oauth_token, oauth_secret, and oauth_verifier all together to get a valid and persistent "access token". So, take the oauth_token_secret from the first step, and combine and assemble a new OAuth request like so.
You should get a returned token and secret. These will never expire! You can use them to query products and stuff.
Now, you can assemble your OAuth requests like this. Edit: Note, you must check the "Add params to header" checkbox in order for Magento REST calls to work properly.
Example request in Postman version 6.x.x
And response of this request is
You can get this credentials from Magento Admin. Click on edit icon in Integrations page.
#Franklin P Strube Unfortunately, I don't have enough reputations to add a comment.
I would like to add the following. The Magento REST API does not require both outh params on the URL AND Oauth headers. This is not actually stated above. See the last note where it says you need to "add params to header". You do need to do this, but when you do you will find it sends both url params and oauth headers. You don't need the url parms, it will work fine without them.
btw: the franklin response worked great!
I have a tumblr api-application and i need to receive infos about a specific blog.
To get this information I need the following request:
api.tumblr.com/v2/blog/{base-hostname}/info?api_key={key}
But I don't know how i get the {base-hostname} from the user who is logged in. Oauth provides just the conusmer-key, the consumer-secret, theo auth-token, and the oauth-token-secret. But i need the blog-name which matches with the user credentials. It works perfectly fine with the tumblr_client gem but due to some reason I am not allowed to use ist.
Can anybody help me with that?
I think you can parse the response from /user/info api (which is based on oauth creds provided for the request). It returns the name / url for the user's blog(s), which you can then use in your {base-hostname}.