So I applied as a Twitter Dev to make a bot that tweets stuff. About two days later, I got access. When I ran the code with the tokens it gave me, it posts from my account.
My question: Is there a way for me to make it send as another account (a bot account) without me having to apply again?
Yes, you can use the Sign-in with Twitter flow to authenticate a different user to your app, and then use the Access Token and Access Token Secret for that user to post to that account. This is the correct way to implement things - you should not be applying for multiple developer accounts.
You can also use tools like twurl or another CLI tool to
https://github.com/twitter/twurl/
https://github.com/smaeda-ks/tw-oob-oauth-cli
https://github.com/olithissen/twitter-oob
Did you get elevated access from tweeter or Essential? I have a stack error:
You currently have Essential access which includes access to Twitter API v2 endpoints only.
If you need access to this endpoint, you’ll need to apply for Elevated access via the Developer Portal.
It's hard to get Elevated now.
Related
I need to authenticate to an API using OAUTH2, however, it has to be made programmatically, no user typing stuff in a browser is permitted.
This seems like such a simple use case, but I haven't found anything online, the only thing close to it was this post, and the only answer is "yeah, you don't want to use a web browser, but what if you do?"... This doesn't help.
So, please, opening a web browser is not an option, I just want to know if Google provides any way to authenticate purely through code.
Thank you!
In order to achieve your goal, I would like to propose to use the Service account. When the Service account is used, the access token can be retrieved without using the browser.
As the points for using the Service account, please check the following points.
The Service account is not your own Google account.
For example, as one of several situations, if you want to manage a file in your Google Drive using the Service account, please share the file with the Service account. By this, the Service account can access to the file in your Google Drive.
References:
OAuth2ServiceAccount
Several cases using the Service account
Google Drive Access - Service Account or OAuth - To read/write user files
Google service account not being authorized for calendar API
Service Account for google sheets returns not found
I cannot find a good working sample that calls the Graph API and retrieves the user's contacts from within an Azure Function. Part of the issue is a lack of documentation and samples as this seems new-ish. Is this even possible? I am trying to create a function that can take a phone number and check against the user's contacts to see if the contact exists. So far, the only way I can achieve authentication is to use Postman to retrieve a token manually. That token didn't even work to retrieve the contacts. I know I am doing something wrong but I think what I really need is the big picture. I'm missing something. Thank you for your help.
The auth token binding may help at least with the act of getting the token. In this case, if it's on behalf of the user invoking the function, you'll want to use the identity: userFromRequest setup. Keep in mind that for debugging, you'd still have to acquire a user token for the app and attach that to calls to your function, but you can use the function app's /.auth/login/aad and /.auth/me endpoints for that.
Make sure that your application registration has the Contacts.Read permission. This is required for the contacts API.Today, the UX for App Service Authentication / Authorization today links to the existing permissions UX, which unfortunately uses different names for things. I'd recommend navigating directly to the AAD section of the portal and selecting App registrations (Preview). Find your app registration there (defaults to same as your app name), and browse through the API permissions there. That way the right names show up and will match the Graph docs.
Our application can show rich links to webpages. So instead of a mere weblink we show a short summary and a picture. We used to use embed.ly's extract api to supply us with this data, but since they have changed their terms and pricing we have implemented an alternative solution.
The problem we find is that linkedin profile urls cannot be assessed by our new solution. Embedly was able to give us all the details we needed from a linkedin profile url (including the user's picture), but we don't seem to have access to that information without going through linkedin's API.
This call gives us all the data we are looking for:
GET https://api.linkedin.com/v1/people/url=[PROFILE_URL]:(id,email-address,first-name,last-name,headline,summary,formatted-name,picture-url,picture-urls::(original),site-standard-profile-request,public-profile-url)?format=json&oauth2_access_token=[TOKEN]
Where [PROFILE_URL] is a linked in profile url and [TOKEN] is the oauth2 access token.
There are two issues that I have:
Our application does not ask users to authenticate through linkedin, so we do not have a user oauth2 access token available;
Linkedin's suggestion in their FAQ (https://developer.linkedin.com/support/faq) seems very daft:
Can I get an access token for my application that doesn't require a member to login?
We do not provide access tokens for applications that are not associated with a particular LinkedIn member.
If your application requires you to make API calls in an automated way - without user interaction, you need to bootstrap the first access token request by manually signing in, and then ensure that your application refreshes the token automatically prior to expiry to avoid the need for additional human authentication.
Now... four questions:
a. Has anyone implemented option [2] in a production setting?
b. If yes, what are the limitations, downsides etc. Is this really the best and safest solution?
c. Is there any alternative that allows me to authenticate the application itself with its mighty client key and client secret?
d. Is there anyone from linkedin monitoring this? If yes, can you contact me?
Cheers, Raymond
I would like to know what access token I require to achieve the following.
My Meteor app crawls various RSS feeds and makes a daily digest. I would like to automatically tweet about the daily digest when it is created, using the app's Twitter account.
As I see, in the doc, it seems that I need to use application owner access token and create my app using the app's Twitter account. Is this a correct approach?
Yes, that's correct. It's quite simple too.
Go to Twitter Apps and login with your regular twitter account
assuming you have one, if not you need to create one.
Once signed in click on Create New App button.
Fill out the application (Name, description, and whatever else it requires).
Create your key and access tokens. Share those with users that you trust as they'll be used to access the twitter API to read/write information.
Give the application you created a "Read and Write" permission based on what you asked in the question.
Then depending on the software/language you use there's a plenty of existing packages that can help you access and obtain the information from the API.
Currently using the Provisioning API that is being depreciated April 20.
This is the current flow:
user (University Alumni) gets to our site http://alumni.columbia.edu/email
they click on Create My Account
they authenticate through our university WIND system using what we call their UNI
they land on a page mentioning that an email account UNI#caa.columbia.edu is ready to be created. They can pick an alias to UNI. They also need to enter a password to use the Chat and POP-mail features of Gmail.
they confirm the creation of the account. At this point the API is being called using https://www.google.com/a/feeds/, some data (email address, name, id) being saved in our database.
To log in, they come through our site, click on the login button, this will use the SSO and they get logged in.
Based on the flow above, do I need to use OAuth2.0?
Yes, you will need to authenticate with OAuth using the Installed Applications approach to do this. Instead of step 5 the way you currently have it, you'll need to call the API from a process on your server with an account that has (limited) admin credentials that can create the account with the Directory API. To do this, you'll need to persist the OAuth token information that the account will use to connect, and handle the code to refresh the token when it has expired.
The first time you run your code you'll need to manually authenticate that account to get your application the appropriate permissions so that they can be stored.
If you're hoping to not go too crazy with handling the authentication side of things and you're using .Net, I'd recommend checking out my project gShell that acts as a wrapper for the authentication and handles the token storing and refreshing for you. It's still a young project but it should fit your needs. Alternately, feel free to browse the code for an example on what to do.
If you plan on using Python, check out Google Apps Manager by jay0lee which is also a wonderful resource.