I want to create an access token for the "Acrobat Sign REST API V6".
I'm logged into the echosign backend https://newsign.eu1.echosign.com/public/docs/restapi/v6#!/
Now I try to create the access token. I click on the "baseUris" section and then on the "OAUTH ACCESS-TOKEN" button.
Then I enable every of the scopes and then I click on the button "Authorize". I get the following error message:
access_denied: Scopes not enabled for this application
Related
In my web app I need to add freebusy read permission for my service account to the primary calendar of gmail addresses provided by users.
How do I do that?
Delegate domain-wide authority to your service account
From your domain’s Admin console, go to Main menu menu > Security > Access and data control > API controls.
In the Domain wide delegation pane, select Manage Domain Wide Delegation.
Click Add new.
In the Client ID field, enter the client ID obtained from the service account creation steps above.
In the OAuth Scopes field, enter a comma-delimited list of the scopes required for your application. Use the scope https://www.googleapis.com/auth/calendar for full access to the Google Calendar API.
Click Authorize.
I'm currently working on a project where we want to connect facebook profiles to existing (and logged in) Okta users.
The website is made in ASP.NET using Sitecore 6.5.
We use the "Authorize URL" to do our login and account linking with redirect callouts.
I can register and create an account with the facebook identity provider when the user isn't logged in in Okta. In this case it follows the Callout redirects and we get a tx_id. Hover when you're logged in to Okta and you visit the same "Athorize URL" it follows the redirect_uri where you get a id_token as result. this is an JWT string which I managed to decode (example result).
How can I use the information in the JWT to link a user to the identity provider? Or is there another way to do this? I can't find any methods or API calls to add a user to an identity provider without the tx_id.
I believe you used https://developer.okta.com/docs/api/resources/social_authentication.html to add FB social auth for users. Yes, once you browse the final url
https://example.okta.com/oauth2/v1/authorize?idp=0oa0bcde12fghiJkl3m4&client_id=AbcDE0fGHI1jk2LM34no&scope=openid%20email%20profile&response_type=id_token&response_mode=fragment&state=someState&nonce=someNonce&redirect_uri=https://app.example.com/social_auth
you will be redirected to your app https://app.example.com/social_auth with id token in the url. In the redirected app you can read, decode and create session for user. However, the same user profile is also created in Okta.
Once the social auth user profile is created in Okta, you can use that to get id token next time.
I'm using Custom Token Authentication for my firebase app.
I will need to fetch the token from my server wherein the user needs to login first. I'm thinking of utilizing a popup.
But how do I pass to the opener (parent window) the retrieved token by the popup?
Firebase authentication uses pop-ups or redirects for OAuth authentication because a user's browser needs to be sent to the third-party OAuth provider (Google, Facebook, Twitter, etc.) in order to authenticate.
If you have your own authentication system, the simplest and easiest thing to do would be to use form input on a page, communicate with the server via XHR, and then update your UI to reflect that the user is now authenticated.
That said, if you're set on using a a new browser window / pop-up for authentication, check out Mozilla's open-source library github.com/mozilla/winchan which makes communicating between host pages and pop-ups fairly easy.
You may create a popup window for custom Firebase authentication as described in this example for Spotify OAuth: https://github.com/firebase/functions-samples/blob/master/spotify-auth/public/popup.html
Also you may use in the main application window firebase.auth().onAuthStateChanged() to listen to the Firebase user change event like in the example: https://github.com/firebase/functions-samples/blob/86f9e135af344b2e9268c055a9a1bcb00a7e7c0d/spotify-auth/public/main.js#L36
How does it work? Excerpt from the readme:
The ./popup.html receives the Custom Auth Token and other data back
from the AJAX request to the token Function and uses it to update the
user's profile, saves the access token to the database, authenticate
the user in Firebase and then close the popup. At this point the main
page will detect the sign-in through the Firebase Auth State observer
and display the signed-In user information.
I am writing a small program to retrieve and display Google Analytics information. I keep getting a 403 Forbidden error because of insufficient permissions.
I read on other posts that you have to add the email address associated with the client id you are using to access analytics in User Management.
The client id I am using however is associated with an installed application and doesn't have an email address, it only lists a client id, client secret, and redirect Urls as credentials in the developer's console.
How can I allow access for this client id when there is no associated email address listed in the developer's console to grant permissions to on the User Management page in Google Analytics?
Simply follow Google's OAuth 2.0 guide for installed applications.
Create a URL for authorization like you would for a web app. Only set redirect_uri to urn:ietf:wg:oauth:2.0:oob.
Point your user to this URL and let him authorize your app. Then the user will receive a code.
Prompt the user to enter this code in your app and use it to retrieve a refresh token from Google.
Store the refresh token and use it to get a fresh access token whenever you need one.
I am using oauth in my web application to access Twitter. My problem is i am not getting the token secret and moreover when i run my application it asks the user for authorization request. when the user click "allow', it does not go back to the called url. Infact it shows a blank untitled page with a url having oauth _token value and oauth_verifier value.
Can someone throw light on this.
Before you send users to twitter.com to authorized the app you need to save the request token secret. When the users clicks allow they will return to the callback url you specify. Once there you need to use the request token/secret to get an access token from twitter that will let you perform API requests as a user.
http://dev.twitter.com/doc/post/oauth/access_token