I am using Firebase, and I want to be able to create a user, get his ID, and then create his profile data.
I can do this using Google.Cloud.Firestore, just the way we do it in Android. However, I want to do this from a C# web application.
I have not been able to find anything that creates an auth user that is callable from C#. How can I do this?
There's this FirebaseUI Widget in javascript which really gives a lot's of auth options out of the box (Google, phone, email/password, etc.), but I need to use my own interface (i.e., the interface required by my client).
There is no SDK for accessing Firebase Authentication from C#/ASP.NET web application.
But there is a REST API for Firebase Authentication that you can call from any platform that can make HTTPS calls, and which has a method to create a user account.
A quick search also lead me to this third-party library by Step Up Labs, but I have no experience with it.
Related
I am using the Docusign Authorization Code example (https://github.com/docusign/code-examples-csharp) to create a C# application connected to Docusign (which is already configured with our Single Sign On).
I also have another Azure App Registration to invoke my Custom API from Azure and I need to successfully get a token to invoke it.
I have successfully used MSAL javascript to invoke the custom API.
However, I am not sure if this is the safest or should i go with MSAL.NET (to do everything server side).
Anyone got ideas how to incorporate this additional MSAL.Net auth to my existing Docusign based C# code.
Thanks in advance !
I think both MSAL js, and MASL.NET are secure, but there are some limitations to what you can do with the former. If all you need is a token to invoke an API - you should be good, but Microsoft support more things that you may need the server side code for.
This article has a table that tells you all the different authentication flows Microsoft supports, and the different features each of them supports.
I have two web apps in azure one angular 6 the other one is .net core web api. Angular app consumes the apis to get data. Some of these apis are public apis. It means authentication is not needed for them to be called.
My questions is, what the best approaches are to protect these public apis? By protecting, I mean not letting anonymous users to call these apis and abuse data.
In my mind these are what I can do:
CORS, but the problem is postman and other rest tool still can call my apis
Using azure api management? By rate limiting? Is there a better way?
Use some sort of api key but the angular app will expose them anyway.
In my c# app I get user agent, host, Origin of the call and restrict based on those?
Basically I want to restrict anonymous user from manipulating and calling my post apis and push not relevant or duplicate data to my back-end without using any sort of AD as my apis are going to be public. I want only a few authorized app can call my apis.
Please tell me which one of the above are the right one and please recommend a better approach.
P.S: my backend is .net core 2.2,
Thanks
I can recommend below solution,
Host your APIs on Azure API app and import it to APIM. Then Configure IP restriction on API APP using the IPs of APIM. That mean, only APIM can access your API host. or you can implement client certification authentication between APIM and API host.
https://learn.microsoft.com/en-us/azure/app-service/app-service-ip-restrictions
https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-mutual-certificates
02.Next enable subscription key/API key on APIM and keep these key on Azure key vault. So you don't need to hard code these keys on frontend. I hope you host this Angular app on Azure. (I am not Angular expert...just check online for docs)
https://learn.microsoft.com/en-us/azure/key-vault/quick-create-node
03.Later based on your scenario, If need you can apply Rate policies.
https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/api-management/api-management-sample-flexible-throttling.md
I have a cross platform app currently designed using xamarin forms but now need to use this to create a user profile for the user, using the information provided, for a website.
Are there any add ons or plugins for something like square space or wordpress which would allow me to upload a user program via a RESTful api or something along those lines?
Basically what are my options to transfer user data from a cross platform app to a web app so that my user can then log onto the web app and see all their information?
All you need is a database that can be accessed by both your web app and your mobile app. There are numerous services that would allow you to do this.
But if your web site is going to be a WordPress site (I have never looked into squarespace) then it already uses a MySql back end for data storage. I would imagine squarespace uses a database of some sort as well. You could then create RESTFul urls on that same server to send and request data and use whatever database system that your website is using. If you don't want to implement your own service code for sending and receiveing data that can be used by both your web app and your mobile app, then you could use some service like Azure, AWS, Apigee, etc. just for the database.
Ultimately I want to create a desktop app that allows users to update their own status, view status' of their friends, update pics etc. - basically a lot of the functionality the facebook website provides. Through looking through some tutorials and sample projects it seems that an app must be created for the facebook account. Now is this the facebook account of the developer (i.e. mine) - which will provide an API key that will allow any other user to log in?? Does every desktop project need to authenticate the user through a facebook dialog window to take the users' credentials?? Where does OAuth fit into this?? If anyone can shed any light as to the structure of the facebook api and the ways in which I can grant this functionality from say a WPF C# app for example I would really appreciate it.
EDIT: Before complaints of a potentially huge question or too 'vague', my question is specific to the integration/use of the facebook API in desktop applications - not how to then retrieve status feeds etc. I'll work that out myself.
Per Facebook documentation, all desktop apps will need to implement some form of web browser integration, whether embedded within the desktop app or controlled.
See: http://developers.facebook.com/docs/authentication/
Desktop Apps
Our OAuth 2.0 implementation does not include explicit desktop app
support. However, if your desktop app can embed a web browser (most
desktop frameworks such as .NET, AIR and Cocoa support embedding
browsers), you can use the client-side flow with one modification: a
specific redirect_uri. Rather than requiring desktop apps to host a
web server and populate the Site URL in the Developer App, we provide
a specific URL you can use with desktop apps:
https://www.facebook.com/connect/login_success.html.
Don't worry it took me two solid days of trial and error and re-re-reading of the documentation on authentication to finally "get" it.
i could not find any idea of how to implement API over the SharePoint(MOSS) framework.
Could anyone give me a tip please?
What i want to do is create a client application to communicate with the SharePoint.
wanting to implement something like following.
Client send post request to API implemented on SharePoint, API receive a request and do the authentication and create a login cookie.
Client keep communicating with API(with the login cookie), request necessary information and API returns it.
I could not find anyway to hook a program...
Is there anyway to hook a program or implement own authentication mechanism before SharePoint's own authentication is called?
Any alternative approach will be grateful.
Thank you in advance.
Taiga
It sounds like you need the Web Services that ship as part of SharePoint. There is no need to re-invent the wheel by creating your own API.
If your own application runs on a machine with a local SharePoint installation then you can program against the SharePoint Object Model directly. Otherwise use the Web Services interface.
More on Google.
Here you find a fluent API for the SharePoint. FluentSP implements a modern fluent interface around the classic SharePoint 2010 API:
http://www.parago.de/2011/09/fluentsp-the-fluent-sharepoint-api/