I have a project using OAUTH2 API of Google, but this project is created by a personal account, instead of creating by a Google Workspace Admin Account. Later on, I migrated this project to a Google Workspace Admin Account to make this project internal. When my admin account trial is expired, does my project become external again?
I think my project become external, but I don't want to check because it disrupts the system.
Related
We have created a Microsoft Teams tab app with bot integration that we want to distribute to various organizations either manually or via an App Store. In summary,
We created Tabs App with Microsoft Bot using node.js botbuilder package.
We provided zip archive to another organization (another tenant Id).
Organization uploaded our app using Microsoft Teams Admin panel and approved permission in Permission tabs.
Question is how can we receive the tenant id from the organization we are deploying to without asking their admins to go to Azure Active Directory and look it up. Once provided, the graph api and the multi tenant bot does work fine. We are trying to avoid asking their admin to provide us the tenant id and want to retrieve it automatically upon the app being uploaded or on startup.
Thank you.
The best place to get the tenant id is from the access token you are provided by logging in to your app. Look for the 'tid' value.
I'm assuming you are talking about stream lining the company wide admin consent for your application.
What you can do is have a web site that a customer's admin can log into (using standard Microsoft OAuth interactive flow). You can then pull the Tenant ID from the access token and then run through the Microsoft consent process. Once consent process redirected back to your web site, you can do your own customer onboarding if required.
I am following the link to integrate One Drive SDK into an existing iOS app. I have an free account created on azure portal. Its a work account so I can see a default Azure Active Directory.
During this process, I need to register the app on the Azure portal. This link for registering apps and generating app ID does not work in my case.
I am unable to create an app ID or access existing active Azure Directory details. The portal shows me restricted access page as mentioned in this link : https://learn.microsoft.com/en-us/answers/questions/352443/microsoft-azure-free-trial-no-access-to-acitive-di.html. The solutions mentioned in this link does not work for me as those options are not seen on the screen.
Any kind of help in understanding the trouble will be of great help!
This might be due to insuffient permissions as this is a free trial account.
Go to your Overview pane of your subscription and check if there are any directories present.
If not try creating a free trial account using a Work or school account and there you will be provided with a default directory. Then Create new Azure AD Tenant and then Connect your Azure free subscription to your new Azure AD Directory.
REFERENCES:
Associate a subscription to a directory.
Create a new tenant for your organization.
How could I easily change the match configuration so it continues working with a new user?
We had a person who was account owner whose account was used to perform the build via FastLane. Since Apple introduced the new 2-factor authentication which is mandatory for the account owners we had to either authorize computer via 2fa occasionally or use some other account which is not of account owner role. We want to change the user to the specialized account only for fastlane builds. I have a feeling I will need to nuke everything and start from scratch but I would rather get some input before doing that.
I already created accounts needed for apple developer portal and for iTunesconnect. I changed fastfile, matchfile, deliverfile and .env but it always pulls the old user somehow.
We are using the git for storing credentials but as far as I know I should not have to touch anything there since it's only used for sync.
I tried using
fastlane match development
And it verifies on the portal but then it installs old users certificate.
I have created an app in https://apps.dev.microsoft.com portal with name GroupsApp and I have given couple of permissions as below:
I have created client id and secret to use in my application. I am using asp.net MVC (with 4.5.1 .net framework) web application.
I am getting some groups info and displaying on the screen. If I am logged with my account it is working fine. But if I logged in as another user then it is giving me issue as below:
I have formatted url as below: https://login.microsoftonline.com/948894dc-c0e2-43e5-a7e6-1d21dd183c9d/oauth2/authorize?client_id=75acb700-e675-4dc4-9deb-d3f68f6911a1&response_type=code&redirect_uri=http://localhost:34280&prompt=admin_consent and trying to granted the permission. Here I have logged in as admin and given permissions.
Now if I check with normal user same issue is happening.
How should I give the permissions to this application.
I am not able to find any option to approve the permissions from the Azure portal.
Now if I check with normal user same issue is happening.
How should I give the permissions to this application.
I am not able to find any option to approve the permissions from the Azure portal.
I could encounter the same issue according to your settings. I assumed that you may hit the Admin-restricted scopes of AAD v2.0 as follows:
Some high-privilege permissions in the Microsoft ecosystem can be set to admin-restricted. Examples of these kinds of scopes include the following permissions:
Read an organization's directory data by using Directory.Read
Write data to an organization's directory by using Directory.ReadWrite
Read security groups in an organization's directory by using Groups.Read.All
Although a consumer user might grant an application access to this kind of data, organizational users are restricted from granting access to the same set of sensitive company data. If your application requests access to one of these permissions from an organizational user, the user receives an error message that says they are not authorized to consent to your app's permissions.
You could Using the admin consent endpoint and follow this Build an app with admin restricted scopes using the v2.0 endpoint github code sample to ensure your app can gather permissions for all users in a tenant, including admin-restricted scopes.
I am working on a Google AdWords integration built on .NET, which was developed some time ago for API v201409. That version of the API has not been retired and I am now trying to migrate to the latest (v201506).
I have updated the Nuget package and it builds fine.
The account that I use to upload conversions is a manager account, with around 50 client accounts being managed by it.
When trying to upload conversions to some of the client accounts I am getting OfflineConversionError.UNAUTHORIZED_USER errors.
When I check the setup on the Google AdWords website everything looks fine. Each client account has the manager account set in the Account access settings.
I have used the ManagedCustomerService API to retrieve a list of client accounts that are managed by the manager account and it returns all accounts, including those that throw the error.
All refresh/access tokens appear to be working fine.
Has anyone experienced similar problems?
The OfflineConversionError.UNAUTHORIZED_USER is returned when you attempt to upload conversion data to an Adwords account other than the account that the click originated from.
If you have a manager account with multiple client accounts, make sure that the account ID is the correct one.