We are trying to create a digital badge public url for course certification issued by our company. We are creating our own inbuild version where we are creating database which stores user public information along with the badge details and assign to unique id. Since this url has no authentication built around it, anyone can access the url. If authentication is built around that url, the users cannot use those links in public site, emails etc., How can I restrict url to be used only by intended user.
I did a lot of searching online with not much luck.
Any help is really appreciated. Thank You in advance.
Related
I'm having the same issue as the one described in this and this question. The OAuth consent screen page says "Verification not required" but when I upload videos they get "locked as private". According to this answer, a domain is needed in order to verify the app and fix this, but I don't have a website related to the application.
This answer explains adding a domain in order to get verified and upload public videos but I'm afraid the domain and website I do own are completely unrelated to the content I'd upload to the YouTube channel. So is there a way of using the API to upload public videos without owning a website/domain or can I use an unrelated website that I own?
At the top of the Video.insert page you will see it states.
Audit is not verification, these are two different things. You need to apply for an audit. YouTube API Services - Audit and Quota Extension Form
This document states:
Note: even if you include the name or email scopes, nether will not be included as claims in the token which Azure AD B2C receives from Apple. Apple provides these values in a non-standard way as part of the authorization response payload. Azure AD B2C will not be able to read these values and you should collect them from the user separately if needed.
Is this information still up to date? (Document seems to be older than 1 year). Are there any plans to facilitate this?
Does this actually mean that it is not possible to use Apples Private Email Relay Service in conjunction with AADB2C or is there an other way to contact users using Sign In with Apple through email? (I'm aware that I can query the email from the user with a simple text field as a last resort.)
Unless Apple provide these values in the standard way (e.g OIDC) the guidance is still correct.
AFAIK you should receive an email address back from Apple -- it will be the actual email of the user if they choose to share it with the app, otherwise it will be the one with the relay service address.
I am using google's oauth2 to allow users to register/login into my site (php library). The first time a user attempts to login I get the user's email address and google+ id which are provided by the Google OAuth2 API (with the user's permission).
In a different part of the site I need some information from the user's youtube channel. I am using the incremental authorization to get the extra permissions as it is recommended (and described here: https://developers.google.com/identity/protocols/OAuth2WebServer#incrementalAuth ).
The problem is that I don't have a unique identifier for the user between the calls, in order to keep track of him/her in my side of the application. A user, for example might have multiple youtube channels and each one can be associated with a different google+ account/id and a different email address, which most of the time is not a real address but a provided email with the format 'username-XXXX#plus.google.com'.
I was wondering if google's apis can return a unique identifier for the 'parent' account of a user across different apis.
Thanks in advance.
I'm using Twitter API for my website in PHP.
I have created a developer account "me" let's say.
I have then created an app named "myapp". I've generated tokens and keys with Read&Write permissions.
My problem : when I tweet via my website (using the API) and using my app tokens and keys, my tweets appear in https://twitter.com/me as if "me" were the author of the tweet, and the app name does not appear anywhere...
How could I tweet with my app name as the author ?
To be more clear, I would like to see the tweets posted (via the API using the tokens and keys of "myapp") in https://twitter.com/myapp and with "myapp" as the author of the tweet.
Thanks a lot for your help.
By definition, your app posts on behalf of an account that has granted permissions, so what you're seeing is "working as expected" from the outside. In order to have your app be an author, create an account specifically for it to tweet to.
The app technically still won't be the author, your dedicated account is, but you would (probably) set up that dedicated account to represent your app (URL if it's public, icon/photo, etc).
Note that you'll use the auth keys you get when attaching the app to the custom account instead of the ones that you're currently using for attaching it to your developer account.
i am developing an app for the app store but it seems i am required to have a support url. I do not have a website dedicated to my app and do not want to make one. Can i use a twitter account dedicated to my app as a support url?
To quote the documentation:
The support website you plan to provide for users who have questions regarding the app. The support URL must lead to actual contact information so that your users can contact you regarding app issues, general feedback, and feature enhancement requests. The URL can specify a localized site.
Include the entire URL, including the protocol. For example, http://support.example.com .
Make sure whatever page you link to contains that specific contact information. A good example of this would be a page with an email form or other way to directly contact you.