Is there a way for the Microsoft bot framework to get access to the web API methods in the Slack API (channel read for example)?
If your bot needs access to Slack specific APIs, it should call the Slack API directly using the bot credentials (Client ID and Client Secret) that Slack provided when you created the app. Going through BotFramework would add additional hops making your bot less performant.
Related
The rest API (https://cloud.google.com/identity-platform/docs/use-rest-api) support user sign up without request attribute, multiFactor : {enrolledFactors :[]}. It seems that the only way to enable multi-factor authentication is via NodeJS server as described here: https://cloud.google.com/identity-platform/docs/admin/manage-mfa-users.
Is this correct? NodeJS api must be relying on rest-api. So any reason, it will not work with a direct rest API call.
After further investigation, the restful API does let a client programmatically specify MFA attributes. The API is accounts.signUp.
https://cloud.google.com/identity-platform/docs/reference/rest/v1/accounts/signUp
I am asked to build a self service application on SharePoint where users can search through list of Publically accessible O365 groups. All users should be able to Add and Remove themselves from any specific group.
I planning to use Graph API for this.
Can anyone please provide some documentation or examples.
I would try the following steps to build your above application:
Register an Azure AD application and define an auth workflow which suits your scenario
Make a call from the app to AAD using library like MSAL, get a valid access token
Using the valid token, i will call to access the protected resource like Microsoft Graph with necessary roles/permissions defined.
In your scenario, you will access the Microsoft Groups - then i will refer the Graph API documentation for it.
Implement your business logic to add/remove uses from the Group.
You're good to go!!
You can start by looking at the documentations and examples by going through this documentation : Microsoft Graph API
Microsoft Graph is a RESTful web API that enables you to access Microsoft Cloud service resources.
After you register your app and get authentication tokens for a user or service, you can make requests to the Microsoft Graph API.
It has various features that it supports : Major Services in Microsoft Graph
On a project, I'm using app-only tokens and Graph API to perform various operations on data in Office 365 (this is how the app is registered). When it comes to SharePoint, certain operations are not available through the Graph API but are available through SharePoint REST API.
My question is: is there a way to use Graph API tokens with SharePoint REST API?
The closest answer I could find is this:
To access the http:///site/_api/lists endpoint, Graph API token wont work.
Taken from here.
However, the answer is about a specific endpoint and is pretty old, so I wonder whether this is (still) true.
Update
Here's how I'm calling the various endpoints.
The token you are using to access the graph is in fact an azure active directory token. Lots of other APIs accept those in office 365.
The procedure is more or less the same expect instead of selecting the Microsoft graph API when requesting the scopes, you have to select the SharePoint API.
Also note that some actions (mostly the tenant related things) do require you to present a token generated with a client id + certificate and not client id +secret.
EDIT: if you are using AAD v2 endpoints the requested scope has to be https://tenantName.sharepoint.com/.default when requesting an access token for SharePoint REST API
I am developing a console app in .net which will send mail using the Azure AD application. I followed all the step from generating the certificates to registered an application in Azure AD. Then provided the application permission (Send mail as any user) using Microsoft graph API and provided it “grant permission” as an admin consent.
In my console app code I uses the below outlook api to send mail as
resourseurl — https://outlook.office.com/api/v1.0/users/{my email account}/sendmail. After providing grant permission to my app I am still facing the 401:unauthorized error.
You gave permissions to Microsoft Graph API, so you need to use it.
https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/user_sendmail
The URL that you need to use is thus:
POST https://graph.microsoft.com/v1.0/users/{id | userPrincipalName}/sendMail
Internally the graph API does call the API you mentioned. But your token is for the graph. Not the outlook API.
You also mentioned the resource URL. The graph API resource URL is https://graph.microsoft.com.
I have a existing application built in ASP.NET. This application has REST APIs. We are wanting to expose these APIs via API connect platform. Now, since our APIs are already authenticated, if we use IBM API connect, then how will end user authenticate to our API and API consumer authenticate via IBM Developer portal?
Lets say our API clientA logs into our developer portal, creates an app and then subscribes to our API. Now when end users try to access our API "VIA ClientA", we need to authenticate the request.
I tried to follow this tutorial http://www.ibm.com/support/knowledgecenter/SSFS6T/com.ibm.apic.toolkit.doc/task_apionprem_redirect_form_.html
But it does NOT get redirected to our external URL.
Please help!
The API gateway (part of API Connect) establishes and enforces authentication between the API end-user/subscriber and your outbound API service running on API Connect. The gateway acts as a service proxy to authenticate potentially many subscribers to a particular API plan (made up of one or several APIs), using API keys that are generated as new subscribers onboard to that plan. The management and enforcement of those API keys is accomplished entirely within API Connect. Nothing is required on your part, except the initial setup parameters for each API.
For that same API, the back-end authentication between API Connect and your existing REST API endpoint is different: it is the same for all end-user subscribers. Every time an end user calls an API they have previously subscribed to, they must first authenticate to API Connect using their unique key (since their usage must be tracked, billed and possibly limited). Once authenticated to the API gateway, all subscribers invoking usage instances for this API will be authenticated to the same API endpoint using the same authentication scheme and credentials as created when setting up the API.
Their are several choices of back-end authentication schemes when using external API endpoints. See this tutorial for more information and links to further resources:
https://www.ibm.com/support/knowledgecenter/SSMNED_5.0.0/com.ibm.apic.toolkit.doc/tutorial_apionprem_security_OAuth.html