I have followed the suite article in Netsuite https://netsuite.custhelp.com/app/answers/detail/a_id/51362 to establish a connection between Netsuite and SFTP which has three parameters (KeyId,passwordGuid, and secret) among which two of them become optional when the third one is selected I would like to know how could we generate key Id in Netsuite and how to use it.
In netsuite help there is a complete example on how to connect netsuite with sftp
https://tstdrv1229883.app.netsuite.com/app/help/helpcenter.nl?fid=section_4855401415.html
hope this might help
Related
recently I ran into a problem where I was using python imap to automate outlook tasks, but microsft changed basic auth to Oauth now, and I have not being able to authenticate ever since, I get an error
imaplib.error: AUTHENTICATE failed.
So I started working with the Microsoft graph API, in which I can get the information that I need but once I need to forward an email I can't setup a custom subject, I can just add a comment and toRecepient custom arguments.
https://learn.microsoft.com/en-us/graph/api/message-forward?view=graph-rest-1.0&tabs=http
any advice here ?
If you use the Create-Forward endpoint https://learn.microsoft.com/en-us/graph/api/message-createforward that will create a draft message of the forward which you can then patch any message property you want to update and then send.
The one thing they don't mention in the documentation is you should set the Prefer: outlook.timezone header to make sure the dates in you response are set the local time of the responder.
I have a task toget some data from an external supplier.
They have a Rest OData API. I have to connect using a subscription-key(APIKey).
When creating the OData LService, I add an Auth Header: "subscription-key" and in the Value field, I enter my key. After saving, I create a new dataset, and the OData LinkedService, provides me with the remote tables. I can choose the table I want and after that I create a pipeline to copy data from that table to my Azure SQL server.
This works fantastic :-)
However, after closing my browser and re-open it, the subscription key that I have entered earlier on the linked service, is now replaced with stars as it is a securestring. When I now run my pipeline, it will think that my key is the ten stars that have replaced my real key.
What am I doing wrong here ?
Also I would prefer to get my value from the KeyVault, but it seems that this is not possible on ODat connections....
Hope someone is able to provide some insight here :-)
BR Tom
From my testing I did not get any error on re-running. However coming to dynamic keys - I was not able to achieve it using the ODATA linked service.
Alternatively, if you can hit the ODATA endpoint with REST / HTTP Connector
You could - have a Web Activity to get the keys from the Key Vault and Set in the Variable.
WEB Activity URL : https://<your-keyvalut-name>.vault.azure.net/secrets/<your-secret-name>;
You could access the output of the web Activity using : #activity('Web1').output.value & Store in a variable.
You can reference this variable as the SUBSCRIPTION KEY for the subsequent steps in the REST/HTTP dataset.
You could pass it along the additional headers
I want to implement Oauth2 protocol from scratch for study purposes.
I'm following the Github guide after having created an App with a Client ID and Client Secret.
The two information sources are pretty simple and are:
https://developer.github.com/apps/building-oauth-apps/authorizing-oauth-apps/
https://gist.github.com/technoweenie/419219
In particular, I'm starting from the first step pasting on my browser:
https://github.com/login/oauth/authorize?client_id=&redirect_uri=http://localhost:8080/auth/temp&scope=user&state=&allow_signup=true
I have a Spring application listening on port 8080 (I don't want to use Spring Security because I want to implement the protocol from scratch) with the following and working endpoint exposed:
#RequestMapping("/auth/temp")
public String redirectAuth(HttpServletRequest request) {
//TODO implement next steps
return "here we are!";
}
but when I go to the github link I get a 404 not found error, as my localhost application wouldn't exist.
I expect the official guide has some mandatory information missing, such as some other endpoints which my application must expose in order to be queried, for instance, about the client secret.
So, what am I missing?
Github only supports the auth code oauth 2 flow. It might be helpful to read up on that.
I have a blog and a video on the auth code flow that may help.
Disclaimer: I work at and created them for Ping Identity, but I think
they'll be helpful even for your study purposes.
https://developer.pingidentity.com/en/blog/posts/2019/what-are-oauth-2-0-grant-types-part-1-authorization-code-flow.html
https://youtu.be/eg7I8x-u0sc
You haven't included your client_id in the authorisation url:
https://github.com/login/oauth/authorize?client_id=&redirect_uri=http://localhost:8080/auth/temp&scope=user&state=&allow_signup=true
The authorization server (GitHub) needs this value to identify the client you have registered.
I am trying to create a Google Assistant for my Raspberry Pi in Kotlin. I implemented a OAuth flow using the so called "device flow" proposed in this IETF draft, since my Raspberry shall later just expose a web interface and does not have any input devices or graphical interfaces.
Google does support this flow (of course) and I obtain a valid access token with user consent in the end. For testing purpose I also tried a default authorization flow that will just forward the user to localhost, as it is normally done but it did not solve the problem.
I tested the access token using this tool and it confirmed validity of scope and token. So the token itself should work.
Scope is: https://www.googleapis.com/auth/assistant-sdk-prototype as documented here
This actually does not point to any valid web resource but is referenced in every documentation.
Then I tried to stream audio data to the assistant SDK endpoint using the gRPC provided java stubs. As took a third party reference implementation as a guide how to authenticate the rpc stub. But neither the reference implementation nor my own one works. They both report
io.grpc.StatusRuntimeException: UNAUTHENTICATED: Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.
The stub is authenticated this way:
embeddedAssistantStub.withCallCredentials(
MoreCallCredentials.from(OAuth2Credentials
.newBuilder()
.setAccessToken(
myAccessToken,
myAccessTokenExpirationDate))
.build()))
and the authenticated request is performed like this:
val observer = authenticatedEmbeddedAssistantStub.converse(myStreamObserverImplementation)
observer.onNext(myConfigConverseRequest)
while(more audio data frames available) {
observer.onNext(myAudioFrameConverseRequest)
}
observer.onCompleted()
(I prefixed pseudo variables with "my" for clarity, they can consist of more code in the actual implementation.)
I even contacted the author of this demo implementation. He told me, last time he checked (several months ago) it was working perfectly fine. So I finally ran out of options.
Since the client implementation I took as reference used to work and I do actually authenticate the stub (although the error message suggests the opposite) Probably, either my valid access token with correct scope is not suitable chosen for the assistant API (though I followed the suggestions of google) or the API servers had a change not properly documented in the getting started articles by google.
So: Did anyone ran in the same problem and know how to fix it? I have the project on github. So if anyone needs the broken source code, I can do a temporary commit that produces the error.
Note, to save some works for mods: This issue referres to this and this question, both unresolved and using different languages but describing a similar problem.
Well, seems I was right about my second assumption: The error is server side. Here is the github issue, let's just wait for the fix.
https://github.com/googlesamples/assistant-sdk-python/issues/138
Parse.com's REST API docs (https://www.parse.com/docs/rest) say: Authentication is done via HTTP headers. The X-Parse-Application-Id header identifies which application you are accessing, and the X-Parse-REST-API-Key header authenticates the endpoint. In the examples with curl that follow, the headers are stored in shell variables APPLICATION_ID and REST_API_KEY, so to follow along in the terminal, export these variables.
I am building a Sencha Touch app as a native app on iOS and Android using Phonegap, and I was wondering whether it is secure to expose these keys to the client while making the REST calls?
Also, can someone explain to me how does security work in this scenario? Help is much appreciated! Thanks!
Without phonegap , in a proguard , post processed android apk , the string values of the 2 headers you mention are exposed client-side . not a big issue. TLS covers the http header values during network leg and far more important for app security, you have Full ACL at the DB row level(parse/mongo) contingent on permissions of 'current user()'. So with no access to logon, some outsider doesn't have any more than obfuscated string value to an app-level access token.
. One odd thing is that with parse the lease time on the client-side token value foapi key is permanent rather than say a month.
Parse REST security is robust n well executed.
Can't speak to what PG framework offers in obfuscate/minify/uglify area but you should check that.