Is there any way how to access https://code.google.com/apis/console with any kind of api? I need to access it with python and add subdomains to oauth2 callbacks dynamically, thanks.
No, there's no API to programmatically configure projects in the APIs Console.
Related
The rest API (https://cloud.google.com/identity-platform/docs/use-rest-api) support user sign up without request attribute, multiFactor : {enrolledFactors :[]}. It seems that the only way to enable multi-factor authentication is via NodeJS server as described here: https://cloud.google.com/identity-platform/docs/admin/manage-mfa-users.
Is this correct? NodeJS api must be relying on rest-api. So any reason, it will not work with a direct rest API call.
After further investigation, the restful API does let a client programmatically specify MFA attributes. The API is accounts.signUp.
https://cloud.google.com/identity-platform/docs/reference/rest/v1/accounts/signUp
I think in 2020 Google announced that they would be turning off access to LSA apps. That you need to use OAuth to access their services.
https://workspaceupdates.googleblog.com/2020/03/less-secure-app-turn-off-suspended.html
Our application uses IMAP/SMTP/POP3 however to use these with oauth we need the full gmail scope ie (https://mail.google.com/). When we tried to get verified we were denied.
So we started building a gmail client using the gmail api with a more granular scope. however the docs themselves say to not use the api if you're making a client. https://developers.google.com/gmail/api/guides
screenshot
Is the correct approach to use IMAP/SMTP/POP3 libraries?
We are planning to make a recommendations engine for the features in the app and we were thinking about using GCP Recommendations AI. Then, we ran into some unclear areas due to lack of examples.
When we send POST requests from iOS (swift) to GCP, is there a way to get access-token for the header field "Authorization: Bearer $(gcloud auth application-default print-access-token)" using Firebase iOS SDK? Could you please point us to some resources that we can follow. If it's not possible to do easily, what is the easiest secure method that you recommend? Any resources? example use case, we found.
Could you guys please help us with this?
Calling the Google Cloud Recommendations AI API requires that you specify the OAuth2 access token for a Google account.
Firebase Authentication uses a JWT ID token to identify the users. These are not Google accounts, as for example you could create a user with email/password that Google's account system knows nothing about.
It is idiomatic to only call the Google Cloud APIs from a trusted environment, such as your development machine, a server you control, or Cloud Functions. This is done to protect yourself from abuse, as (unlike Firebase services) most Google Cloud APIs don't provide a mechanism to control access directly from the client.
So you'll typically want to wrap the GCP API in custom server-side code, that checks whether the user is authorized, and then call that from within your client-side application code.
I'm generating YouTube Data API v3 keys via Google Console and wondering if there is a way in generating it via CLI?
The google apis console is used to register your application with google. You can create api key as well as oauth credentials there.
This must be done manually there is no api for doing this nor is their a CLI which will allow you to access the google apis console.
Looking for some guidance, links on how i can protect my logic apps using Oauth2 and api management, anyone have some good articles and guides, tried googling around with no real luck 😀
The link given by #derek li is fine to configure the OAuth security on APIM. But after that you need to configure your policy to remove the Authorization header.
Otherwise you will receive an error saying:
The request must be authenticated only by Shared Access scheme.
Check this link for more information: Secure your Logic Apps with Azure AD and API Management
This is possible with API Management. You can configure your Logic Apps to whitelist and be accessible only by API Management's IPs, and configure API Management to your liking (e.g. Oauth).
For more info, refer to Securing Logic Apps