I want to Integrate My .Net Web Application to Quickbooks Online. I can do this by using the QuickBook Widgets(Connect to QuickBook button). This will load popup window for authorization. But I want to do this without popup windows and only through a direct service call.
Is there a way to do this by using a direct service call and without loading intuit Authentication and Authorization popup windows.
The very first time the user connects you MUST authenticate to IPP/Intuit Data Services via the pop-up/widgets.
Once you do that, you'll have a long-lived (6+ months, with an option to renew them) set of OAuth tokens which you can store and use from that point forward. Once you have those tokens, you no longer need to show the "Connect to QuickBooks" button (and thus the pop-up window).
You do still need to show the other widgets (the blue dot menu).
Related
I want to restrict the users to one tab for one applcaion. I am currently using Azure AD based Authentication in my application.But the users logged in one tab and opening the application in other tabs.Now I want to show a alert like the user is already logged in in another window/browser/device.Please logout and try to login again .
Please let me know how should I know whether the users is logged into particular application or not using Azure AD
You cannot do this in Azure AD. You have to manage that in your application. Because it is your application that sends session cookie to the browser.
There is of course also an SSO Session with Azure AD, but this is out of game once your user authenticates successfully and your application sends its own session cookie. And while you can determine usage of different browser on the server side, there is nothing on the server side to help identify a browser window instance. And no way to recognize a browser tab on the server.
In order to achieve what you want, you have to combine client side (JavaScript) + server side (back-end) technologies to be fully able to identify usage in another tab or browser instance. And this neither Azure AD nor Azure specific.
I am developing one application which uses the youtube-data-api. I know it must be use with UI but I want to use it with predefined my own user credentials with back functionality in Curl or any php programming.
So I want like on one click my app should automatically get the auth access code without UI which is based on just a web server link calling from application back-end.
Can you please help to sort out my issue?
The problem you are going to have with this is that YouTube API doesn't not support service accounts.
You are going to have to use Oauth2 and authenticate your application once. Save the refresh token then use the refresh token to access the account later from your back end application.
You will have to keep an eye on it refresh tokens don't expire often but on rare cases they can expire you will need to authenticate it again if it does.
I am trying to use a rest API for authentication in my outlook add-in but it is being redirected to a separate browser window instead of rendering in the Iframe and control never comes back.
Because of security constraints you cannot implement the OAUTH flow within the addin sandboxed iFrame, so the popup window is a necessary workaround.
Here is the best solution to achieve the OAUTH flow in popup.
Microsoft is well aware of the problem and has started to work on a dialogAPI that avoid popup window (that may be turned off).
EDIT (September 2016):
At Keluro we released an open source code sample to leverage the sign-in technicalities. It is used more for connecting to Azure AD/Office 365 but the client side using dialogApi and the popup as a fall back can be reused
I am currently creating Universal Windows App (native) that uses Microsoft Graph API. For authentication, I used ADAL for .NET library by calling GetTokenAsync() on the AuthenticationContext (https://github.com/AzureAD/azure-activedirectory-library-for-dotnet). The library will automatically prompt a login window for the user to enter its credentials.
Later I was required to open a OneNote URL on a web browser. I managed to get the note URL from the Microsoft Graph API (OneNote API) and then I realized when I tried to open the URL on a browser I was redirected to the Microsoft login page (http://login.microsoftonline.com).
This is not very good for user experience because they needed to enter their credentials twice (on the ADAL prompt window and on the browser). Is there any way whatsoever so that the user can do the login activity only once?
User needs to enter their creds on Microsoft online website but not twice. please debug the app and store this context ticket so you can use it in your win universial app. by the way, make sure that you are not pointing your app to two different api endpoints. go with the Microsoft graph api endpoint but not any other legacy endpoint for your app. Hope this helps.
Previously, my installed application (desktop application) is using gdata-java-client with ClientLogin mechanism, for user to access Google service.
In order to provide seamless experience, the desktop application will store users previous entered username and password in encryption format. Whenever they wish to access Google service, the desktop application will automatically help users to fill in username + password information. (Even after application restarting) Users just need to single button click to access Google service.
The login code is as follow : http://jstock.hg.sourceforge.net/hgweb/jstock/jstock/file/808b03e824bf/src/org/yccheok/jstock/gui/Utils.java#l1520
I plan to migrate code to google-api-java-client, and use OAuth 2.0. Since my desktop application has no control over users entered username and password, users will be prompted with the following Windows every time they wish to use Google service.
The user flow doesn't seem seamless any-more, as users need to deal with the browser window, every-time after application restarting. Is there any way for my desktop application, to remember their login information, so that they need not to respond to browser window every-time the application restarting?
Great question. Yes, we are working on this right now. The feature request is here, and the changeset under review is here. Our plan is to make it be available in the next version 1.11.0-beta some time in July. For now, feel free to patch in FileCredentialStore from the changeset into your application and try it out. More documentation about the OAuth 2.0 support in the Java client library can be found here (which will be updated for 1.11.0-beta with information about FileCredentialStore).
Take a look at https://developers.google.com/accounts/docs/OAuth2InstalledApp. This a general guide for your type of application - installed on client machine.
The tell you These applications, in general, cannot keep secrets. But if you already store users' credentials - will it really change something for you?