I am writing an iOS app and using Azure Mobile Services for my identity management and DocumentDB for noSQL DB. However the only access control that I can see for DocumentDB is when we use Active Directory (which I am not currently using.)
I see from
https://azure.microsoft.com/en-us/documentation/articles/fundamentals-identity/
that there is a way of integrating access control service without using the active directory authentication.
However I can't find any documentation showing how this can be done. Has anyone done this? I am on a mac and developing for iOS.
The only documentation I see is for .NET and a ASP.NET MVC application: https://azure.microsoft.com/en-us/documentation/articles/active-directory-dotnet-how-to-use-access-control/
Also, does anyone know if Active Directory can be integrated with a JavaScript backend? All the docs show using Active Directory with a .NET backend.
Thank you.
Can you point to the docs you're referring to on securing DocDB with AAD?
You should be able to leverage resource tokens for Doc Db just fine, regardless of if you have an AAD identity. You can read more about resource tokens here: https://azure.microsoft.com/en-us/documentation/articles/documentdb-secure-access-to-data/.
To answer your question on AAD in the Node.JS backend, this is supported, but only through the server-orchestrated flow, as documented here: https://azure.microsoft.com/en-us/documentation/articles/mobile-services-ios-get-started-users/. If you were looking to use the ADAL library and get tokens on the client, this is only supported for the .NET runtime.
Also, for reference, Access Control Service is a specific service which is not currently receiving updates in favor of AAD which will take on that functionality. More about that here: http://blogs.technet.com/b/ad/archive/2013/06/22/azure-active-directory-is-the-future-of-acs.aspx
Related
I'm new to jira development.
I created an app in atlas connect cloud app. I want to use REST api calls in this app to access jira core features.
When user installed my app I want to get his projects and other details using rest calls.
How can I authenticate user and use rest api calls.
Thx.
Depending on the setup of your JIRA instance, you can use the following ways to authenticate users:
OAuth
Basic authentication
Cookie-based authentication
For getting a list of projects and other details, you can use this resource to find out what is possible.
An introduction to the JIRA API can be found here.
What would be the best way to obtain an AAD token from an electron app?
Microsoft has 2 javascript authentication libraries: adal.js and msal.js.
Both are designed for browsers and not native Electron apps (For example - AAD won't allow for file:/// scheme as a reply URL).
Sounds like a long term solution would be native AAD packages (like Microsoft built for Apache Cordova), but since that's probably not going to happen any time soon, what is the best short-term option?
Azure Storage Explorer is a good example of an Electron app that does this. It even allows for being logged into multiple AAD accounts at the same time.
You might be able to check out what's going on in the app's dev tools. I've had a poke around and it looks like it uses adal-node npm package instead of the browser based js libraries.
It also looks like it uses an authorization code flow for obtaining tokens.
The Azure AD doesn't support the file protocol as the reply address. To develop the single page application, you can host it on the server and using the server URL as the reply address.
I am implementing a webhook using a Microsoft Graph API using the tutorial on https://github.com/microsoftgraph/aspnet-webhooks-rest-sample.
I have made a demo version to work on my localhost. I have an existing web application host on Mircosoft Azure.
The issue or rather concern is that do I use the Account Controller provided by the link https://github.com/microsoftgraph/aspnet-webhooks-rest-sample. Or Merge it with my existing application
I have merged it but having trouble with the login process. The existing login is troubling with the login using office365. note that the office365 users are not part of the users table yet
I've seen in a few tutorials that Google's Places Web Service API is prohibited from being used directly from a mobile device. Is this still true?
I wouldn't call it easy, but after setting up a server key without any restricted IPs/Referrers, it seems to function just fine for me. I have searched quite a bit for official documentation from Google that specifies this to be the case, but I have yet to find anything concrete. I could see it being a good idea for additional security, but is it a requirement?
The Places API Policies document has a section Mobile Applications, but doesn't mention any restriction regarding using web service directly from a mobile device.
https://developers.google.com/places/web-service/policies
1.How to programmatically connect with QuickBooks Online using .NET? We followed the below article but this needs manual intervention to connect.
http://ippdocs.intuit.com/0025_QuickBooksAPI/0010_Getting_Started/0020_Connect/0010_From_Within_Your_App/Test_the_In-App_Connect_Flow
Initially we developed the sample application using the code:
https://github.com/IntuitDeveloperRelations/IPP_Sample_Code/tree/master/QuickbooksAPI/DotNet/WebForms%20application
2.Which type of integration method we have to use Json or .NET SDK library? Most of the Json examples are code fragment only, Where we can download the sample application using Json with .NET
You cannot connect to Quickbooks APIs without manual intervention as it is a part of the 3 legged OAUTH flow.
The .Net SDK supports XML and JSON. There is no separate JSON library. The sample app for Dotnet in v3 is not yet available. Please refer to the docs for generating the JSON requests.
https://developer.intuit.com
If you want to create SaaS application and want to publish it in Appcenter then you need to implement OAuth flow which needs user's input for authorization. In the dev env, using the above sample app, you can get the OAuth tokens(consumer key, consumer secret, access key and access token) which you can use in your app to call all API endpoints.
https://developer.intuit.com/docs/0025_quickbooksapi/0055_devkits/0150_ipp_.net_devkit_3.0/0002_synchronous_calls/0001_data_service_apis#Step_3:_Build_the_ServiceContext
FAQ - https://developer.intuit.com/docs/0025_quickbooksapi/0058_faq
.Net V3 Link - https://developer.intuit.com/docs/0025_quickbooksapi/0055_devkits/0150_ipp_.net_devkit_3.0
But Intuit Quickbooks API(V2/V3) are only for SaaS app. If you want to create some custom solution for one company then you should use QBSDK.
Ref -https://developer.intuit.com/docs/0025_quickbooksapi/0055_devkits/0250_qb
Thanks