I'm working on a migration product that migrates data in to Yammer and I use the Yammer REST API. I perform programmatic Yammer authentication using HttpWebRequest as posted here - Yammer Authentication with HttpWebRequest . I'm thinking that if Yammer changes the internals of its authentication (such as changing the number of cookies that gets sent back and forth) I might run in to an issue. Has anyone used this approach and would recommend it ?
Not supported - see other SO thread on this here:
Yammer Authentication with HttpWebRequest
And Microsoft Technet article here:
http://blogs.technet.com/b/speschka/archive/2013/10/05/using-the-yammer-api-in-a-net-client-application.aspx
Related
I just started to work with Google API's (Calendar and Gmail for now). I already got both examples working on both my Frontend (React) and my Backend (Java - Spring).
I have the following doubt, If I want to enable users to be able to send email's using the oficial API not javax.mail should that be done on the Backend or it can be done on Frontend? Since the official documentation only shows examples on Java and Python.
If the answer is on Backend how will users be able to authenticate via OAuth2 If they are "not supposed" to see server-side information.
Thanks
Ok for does looking for an answer. I found the following guide...
https://developers.google.com/identity/sign-in/web/server-side-flow#step_1_create_a_client_id_and_client_secret
Basically you can get a client-side one time access code which is send to server-side where it can get a long-live access_token in order to have offline access once correct authentication has happened.
I want to integrate gmail and google calendar in my web application. I can login via google and make api calls to either gmail OR google calendar API, depending on the authorisation that I request from google.
I have not found a way to request authorisation for more than one APIs simultaneously. Is this even possible? Is it possible to receive one access token in order to use it for requests against more than one of Google's APIs?
As far as I know it can be done. If you try testing it in Google Oauth 2.0 Playground and select multiple API scopes.
"scope": "https://www.googleapis.com/auth/calendar https://mail.google.com/ https://www.googleapis.com/auth/drive"
It should look like this:
Hope this helps.
everyone. I'm recently learning OAuth authentication. I'm playing around with google's oauth api. In the tutorial for Google Sign-In for server-side apps, in the third step - Initialize the GoogleAuth object, you need to provide the client id to initialize the GoogleAuth object. I'm just wondering if we need to keep the client id secret because right now anyone can find out what the client id is by looking into the javascript.
You don't need to hide the client ID, provided that you restricted access to specific JavaScript origins and redirect URI's on the server side. See more details on this Quora thread or this IETF thread.
I am creating an Azure AD App that is using the new Yammer delegated permissions preview to post a message to Yammer using the access token that I obtained from Azure AD. Unfortunately, I get a 401 Unauthorized response when trying to call Yammer Rest APIs.
Here is the code sample:
var resourceId = "https://www.yammer.com";
var endpointUrl = "https://www.yammer.com/api/v1/messages/following.json";
AuthenticationHelper helper = new AuthenticationHelper();
helper.EnsureAuthenticationContext(AuthenticationHelper.AuthorityMultitenant, resourceId);
var token = helper.AuthenticationResult.AccessToken;
HttpClient hc = new HttpClient();
hc.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);
var result = await hc.GetAsync(new Uri(new Uri("https://www.yammer.com"), endpointUrl));
Here I get the 401 Unauthorized, with a message "Authentication failure". I tried also with api.yammer.com instead of www.yammer.com, with no change. I know that the tokens are being retrieved correctly, as I tested them with other Office 365 REST APIs.
My assumption is that the token is in an unaccepted format, but it is supposed to accept Azure Tokens now that the Delegated Permissions were added. Am I using the wrong resource ID and endpoint?
Your code sample looks correct. Does your user have an active Yammer subscription?
From an answer on the Yammer IT Pro Networks group for Office 365 developers, this:
Yammer authorization in apps is still handled completely separate from
the rest of Office 365. You need to create a Yammer app in your
network, and the users still needs to click the consent dialog to
authorize it.
Yes, there is a delegated permission for Yammer API in Azure AD, but
unless I am mistaken this does not actually do anything.
This is not from a Yammer source, because they never offer any kind of developer support or up-to-date documentation, but it seems entirely likely that this is another "feature" that simply doesn't work at all.
I have found the resolution for the problem. It appeared to be that Yammer authentication can be configured in 2 ways - one way is to configure it to use the same authentication as other parts of Office 365, and another one is to is using a different configuration.
If Yammer's own SSO is used (in other words, Yammer has a separaate configuration for ADFS), then this problem happens.If you disable Yammer SSO for your network, all yammer authentication for “mapped” users will be handled by Office365. When that’s done, you can then use the Office 365 API.
I am using Yammer api (Java script SDK) for integrating Yammer Platform into our app. The problem is "when I am submitting a post from my app, it's getting updated on Yammer Platform, but when I do post from Yammer Platform, my app is not getting updated". So I would like to know whether there is any observer pattern for Yammer api in Java script sdk.
No. In my app I'm issuing GET request for messages to refresh data on the client side.