Can I use Asana Connect to open users asana account in my .NET project if user has logged in using his google account
Yes, Asana Connect works even when the user is authorized via Google - it's actually double OAuth because Google provides an identity to Asana, then Asana provides an identity to your app. This should work the same regardless of the language/framework you use, as long as you handle the normal OAuth interaction with Asana properly.
Related
We have a system that is using its own authentication system and I need to make it use our Google Workspace accounts to integrate with Google SSO so that when the user gives their credentials to the webpage, it will be authenticated in both google account and on our web app account.
Google default workflow redirects the user to its own form, so we have the problem of the password not being passed to our server.
Crossed my mind the fact that this would be too insecure to exist, but remember that all users that would log in to our website would have an account created in a workplace totally managed by us.
how could I auth the user this way?
Why not use "Sign-in with Google" -> OpenID Connect to access to the website. That way it will authenticate with Google.
Or add the website as a custom SAML application in the Admin console, and use Google as the IDP since the users will be provided by your organization.
It is possible to authorize some MS apps using OAuth and login form. If the user logins and allows the permissions the app wants then as a developer you can read (and write) some data via API.
Is it possible with https://botframework.com? I don't want my clients to have to write down the client_id and client_secret in my administration. I just want them to give me permission via logging in and let me download this data.
I've read MS docs about OAuth and have seen that the possible scopes doesn't include the bot platform.
To demonstrate what I mean here is a demo application from the docs.
I recommend you to check AuthBot.
AuthBot is a .Net library for Azure Active Directory authentication on
bots built via Microsoft Bot Framework.
In short, when using AuthBot, your users will receive a link that they will open and perform the OAuth flow. The users won't have to write the credentials in the bot (which could be a security concern) and instead will be done in the MS login page. Then a callback (already provided by the library) will be called and the conversation with the user will be resumed.
You can also check AzureBot as an example of a Bot that uses AuthBot and that retrieve information only available if you are logged.
I am implementing DocuSign's OAuth flow by following their OAuth2 doc.
With demo developer account is it normal that only users specified in the Admin Dashboard are able to complete the OAuth flow?
I'm assuming so but no reference is made on the docs.
Re:
With demo developer account is it normal that only users specified in the Admin Dashboard are able to complete the OAuth flow?
Yes, that is normal. Perhaps you are thinking of Single Sign On (SSO). That feature uses OAuth too, and it includes dynamic account creation as needed.
The OAuth part is the same in either case. Without SSO, the users are first added via the web admin tool (or via the API). Then they can login.
If you want to use SSO, it must be set up by the DocuSign support team. Contact your sales rep to start the process.
I have a working integration with docusign, any docusign account should probably work. I have a demo app and I'm using a live docusign account to complete the Oauth flow. But anyway, have you done some test?
We want to integrate our mobile app with OneDrive , but i do not want my user to explicitly login into OneDrive.
The flow which i want is like.
Our app will authenticate the user based on his credentials stored in our organization's LDAP.
Once the user is authorized we want to enable him to his OneDrive account through our application.
Short answer, no.
OAuth 2.0 is the only public api for authentication, as stated on the OneDrive API Documentation.
You can verify authorization against LDAP first, but the user is going to have to log in to authorize access to their OneDrive at some point, somewhere.
An open source library is doing the same - checkout --
https://github.com/liveservices/LiveSDK-for-iOS
I'm using OAuth 2.0 to allow people to sign in to my website using a variety of different accounts (Google, Facebook, Windows Live, Twitter and OpenID). Currently I can get access to a unique profile ID using Facebook and Windows Live, but I can't find that information for Google.
It appears I can access it through the OpenSocial API, but that uses OAuth 1.0 for authentication.
Try - https://www.googleapis.com/oauth2/v1/userinfo
Of course - you need to add this to the scope - https://www.googleapis.com/auth/userinfo.profile