I have a quick books sandbox account and a trial database, i want to connect my asp.net application with its database using web services.
Requirement is whenever we insert anything into our database, it should also be inserted into Quickbooks database.
I have studied Intuit SDK and as per their flow, we have to authorize our request using oAuth process, whenever we need to do any action.
My requirement is very simple, i have a service createItem() in my application deployed on an online server, if this services is called, it should also create that item on quickbooks online database. I want this process to be generic, services will work automatically as per actions. Is there any way? I just want that there should be no oAuth/Redirection.
Please suggest some solution
You are misunderstanding how OAuth works.
The OAuth redirections only occurs once. Once you have gone through the OAuth flow once, you never have to go through it again. Ever.
The purpose of the OAuth redirection is to securely supply your website with a set of tokens that it can use to connect in the future. So once you have those tokens, you never have to redirect someone ever again, and the process can be fully automated beyond that.
What you're trying to do is perfectly possible.
Related
I'm building an application in WPF that is client side and will only depend on external API.
To this point I could use open API which I build in RestSharp and everything worked well. But from last week this API uses CAS authentication, so to use them I need to be authenticated. API I want to call is in external server. They have two API's and my assumption is that if I will log in on their site using CAS then I will be able to use this auth for my API calls for second API.
I'm new to SSO, CAS and security overall, so this was my first thought: I will build WebBrowser control, get returned TGC cookie and use ticket from it to use in requests I will be making. But this failed, setting cookie still got me and 401 error and from what I understand from CAS auth for now, TGC is a go to for checking if I'm an authenticated user in current session?
My next thought was to use some CAS c# library. Unfortunately all of advices / libraries focus on creating CAS in .NET projects. Is there some library which will provide a way to log in to CAS auth and then allow me to make API calls?
I hope this makes sense and I didn't messed up things completely. I'm new to secutity and I will be grateful for any help or guidance how to approach this problem. Things I have: API specification (endpoints paths) and username and password to log in to the system.
I have quite a stupid question, but the environment I am working in forced me to use this solution.
We have a WebAPI providing data to an angular frontend.
For authentication we use an Azure AD B2C Tenant.
User sign into frontend and start to receive Data from the API as normal as it should be.
But: The users have to get different data regarding Groups in the Azure AD. So e.g. UserA is in GroupB and has to get other data than UserX who is in GroupY.
So within the api I need to verify that the Users are in the groups for the data they are requesting.
Normaly I would use Microsoft.Graph to communicate with Azure from the API. But as this is a special network I need to go through a proxiy using different User-Agents. This is all working fine when I call my Code from an executable.
But when I call the same Methods within the API I get a timeout and no Data from Azure. I tested the same routines with other APIs and there is no timeout.
I already checked the request Headers to verify that there is no mixed up information or anything, but everything looks like as it should be.
Has anyone had similar Problems, or has a solution regarding the User-Agent when creating the Request Token for API?
Thank you!
Cheers!
Case closed. The proxy denied the request and caused the timeout when called by the api. Don't ask my why. The same code and build is running on the deployed environement with no issues. Who would have thought that there would be the day when I say "But it wasn't working on my machine..."
Cheers!
Is it possible to pull work items from the DevOps API without needing a user to be logged in to get an access token every time?
I am trying to create a back-end service that pulls work items from the API every so often to generate a report. Can I just generate a one-time access key to use with that back-end service?
I've looked around the documentation, but it seemed like it all requires either a PAT or Azure Active Directory authorization/authentication.
Here's the docs for the API: Link
you can do something like this https://learn.microsoft.com/en-us/azure/devops/organizations/settings/manage-authorizations?toc=%2Fazure%2Fdevops%2Forganizations%2Ftoc.json&bc=%2Fazure%2Fdevops%2Forganizations%2Fbreadcrumb%2Ftoc.json&view=azure-devops
and
https://learn.microsoft.com/en-us/azure/devops/integrate/get-started/authentication/oauth?view=azure-devops
Basically authorize applications to use devops based on your credentials using oauth. similar to an app registration.
Thats the only way I can see without PAT and manual login each time.
Instead of your personal account, you could create a fake AAD user then add it to your Azure DevOps Service.
Use that account to create a Personal Access Token. Similar to Build Service account to pull source code/work items. This should be a easy way to track everything.
But the limitation here is also obvious: this needs involvement of IT department, and also causes additional costs, since every user is billed.
Allow personal access tokens that do not expire is not supported right now. There is a related user voice.
As an alternatively way you could use OAuth just as alphaz18 suggested. Details please refer-- Authorize access to REST APIs with OAuth 2.0
So I wrote quite a few ASP.NET web applications and there I often used the forms authentication. Now I need to do the same but in a client application. What would be the best way to create something like this?
I was searching for it for some time now but I didn't find something that I could implement in my project. I just need to have a login screen and only when it is valid with the user logins I created I should be able to use the complete application.
Can someone please help me?
There are probably several approaches that you could take. If the application is internally distributed you could use a database connection to something like SQL Server where you would have accounts set up to validate against. If the distribution is external you may want to consider setting up a server and using socket connections in your application to make calls to your server(again storing account information in a back end database) to validate users.
I remember using ASP.NET Identity for that purpose. Was very easy and everything is pretty much ready.
ASP.NET Core Identity is a membership system that adds login
functionality to ASP.NET Core apps. Users can create an account with
the login information stored in Identity or they can use an external
login provider
learn.microsoft.com/en-us/aspnet/core/security/authentication/identity
I'm currently toying around with the Clarity .NET Facebook API but am finding certain situations with authentication to be kind of limiting. I keep going through the tutorials but always end up hitting a brick wall with what I want to do. Perhaps I just cannot do it?
I want to make a Web Service that takes in the require credentials (APIKey, SecretKey, UsersId (or Session Key?) and whatever else I would need), and then do various tasks: Post to users wall, add events etc.
The problem I am having is this: The current documentation, examples and support provide a way to do this within the context of a Web site. Within this context, the required "connect" popup can be initiated and allow the user to authenticate and and connect the application. From that point on the Web can go on with its business to do what it needs to do.
If I close the browser and come back to the page, I have to push the connect button again. Except this time, since I was already logged into facebook, I don't have to go through the whole connection process.
But still ... How do applications like Tweetdeck get around this? They seemingly have you connect once, when you install their application, and you don't have to do it again. I would assume that this same idea would have to applied towards making a web service because: You don't know what context the user is in when making the Web service call. The web service methods being called could be coming from a Windows Form app, or code behind in a workflow.
I would advise you to try Steve's blog and starter kit
you can also find a reference to his post in this so question
Good luck
Edited/Added below
You cannot store the facebook login credentials for users and pass them to FB.
(terms & conditions)
but you can use: offline_access, to access some usage without flagging the user as logged in.
Cool tip from this forum:
Use the following URL with your API Key
http://www.facebook.com/login.php?api_key=YOURAPIKEY&connect_display=popup&v=1.0&next=http://www.facebook.com/connect/login_success.html&cancel_url=http://www.facebook.com/connect/login_failure.html&fbconnect=true&return_session=true&req_perms=offline_access
Register for the Facebook Developer
App on your facebook profile.
Create a new app Web App(By default)
through your "Facebook Developer
App". Change the Application Type to
"Desktop App". Note down the API Key
& Secret Key for you app.
Authorize the app & authenticate the user and
then get the permanent session_key.
Authentication
For a fully logged in session, you are asked to use (again terms and conditions) login.php and you can login via JavaScript
HTH
Ric