I am trying to get gapps user profile information using google apis & OAUTH2 in c#.
Which DLL & scopes should I use to get user profile information after token generation?
Related
Here is my project details,
We have a Mobile App that should send device's data to Thingsboard server.
For this, we need to have a user accounts in Thingboard, so that they can JWT token on sign-in in the Mobile App. And this JWT token is user for the data upload & retrieve.
So, for the new users, we have developed a form page to register in the APP. When user fill-up the form and submit, what api shall be used here that will create a new User entity in Thingboard and send an account activation link to provided email?
Your help would be appreciated.
Thank you.
The Thingsboard REST API has proper 'saveUser' method that can be used to create user accounts, however this endpoint requires a JWT Token with proper authorization to Create Users.
We had a similar problem and ended up creating a custom REST api service to wrap the Thingsboard Native REST and user a hardcoded username and password in order to auth the account creations. We did this to avoid having the username and password hardcoded in our Mobile App. We later switched to adding the users directly in database with an ORM.
We had to use this approach because we user Thingsboard PE, if you use TB CE you can try to modify the REST Api in order to allow this endpoint to be used without JWT.
The swagger UI can be checked at:
{base_url}/swagger-ui.html
and the crate user endpoint is:
{base_url}/api/user?sendActivationMail=true
I am building a spring boot java resource server as a backend for an iOS app. The iOS App authenticates users using federated login with Facebook and passes access token for resource server to create an internal user. linked to the facebook profile.
Any documentation I came across discusses how to use spring security to authenticate/authorize users using login form, but I am just trying to parse/validate the access token already given by FB. How can I do this? Google offers a library to easily parse access token and extract user's information, but I can't find a counterpart library for facebook.
I want to gain access to the Graph API in order to integrate a native iOS Sign Up page. I was able to achieve a native implementation of Sign In using ROPC but there too after logging in the user and redeeming the refresh token, I wasn't able to read the user profile using Graph API. Can someone please explain to me as to how I can go about this?
AAD B2C tokens can not access Microsoft graph api. Customise the token such that it contains all the information you require in the first place.
A client has requested implementation of the new Google Photos API as a feed of their photos on the website.
The issue arises whereas the library only supports OAuth 2.0 to authorise the library requests. Meaning that each visitor needs to authenticate themselves prior to seeing the photos.
Authorization
Like other Google REST APIs, the Library API uses OAuth 2.0 to handle authentication and authorization. Your app can request access to the user's Google Photos library via the various authorization scopes provided by the API.
Note that the Library API does not support service accounts; to use
this API, users must be signed in to a valid Google Account.
Does anyone know a way that I can authenticate the library for all web traffic? I want to use Google Photos as a CMS for images and have a constant feed on the site.
Since the Google Photo APIs requires OAuth 2.0 User Credentials, you will not be able to use this API as a CMS for you website.
Each API request requires an OAuth Token and this token can only be obtained by a person authenticating with Google Accounts. The OAuth Flow requires the user to authenticate and grant permission to their personal Google Account.
In addition this API requires that you create OAuth Client Secrets which is used to track your app.
I'm not understanding how OAuth2 works for Google API.
Supposing I've signed in API's console and chosen several API's I would like to use.
My website should offers these API's to its users.
I have a doubt if my website users have to be logged in GOOGLE to can use these APIs.
For example, some users that prefer to login with Facebook couldn't use the APIs?
Depends on the API. Anything where you're accessing a user's data on their behalf (tasks, calendar, etc) then of course the user would need to have a Google account and would need to log in when authorizing your app.
But not all APIs act on user data. APIs like search & translate don't require a user to authorize access, and typically use a simple API key rather than OAuth.
User must be signed in Google to grant authorization to your application.
Your application is required to provide an access token when call Google API. The access token is granted by a Google user so that your application is able to access this user's resource on Google. So it's obvious that the user must be signed in Google.