Assuming I have created a fungible token for an Account with name Issuer on the Corda Node with token quantity as 1000(MY_CUSTOM_TOKEN), I have transferred them to other accounts on the Corda Node and the token quantity has reduced to zero on the Issuer's Account, How to mint/issue additional tokens on the Issuers Account, I don't see any OOB class available to Issue/Mint additional token in the Token's SDK. Thanks in Advance!!
You should be able to issue more tokens the similar way you issued them the first time. You just need to run the issue flow again. The OOB flow used to issue token is IssueTokens flow.
Take a look at this blog post for more details: https://medium.com/corda/introduction-to-token-sdk-in-corda-9b4dbcf71025
Related
I'm trying to call https://tourplanning.hereapi.com/v2/problems API end-point. For this reason I'm obtaining Oauth2 token as it was described in this guide. I'm able to obtain a token, however, when using with the end-point above I'm getting 403: {"error":"Forbidden","error_description":"These credentials do not authorize access"}
Does anyone have an idea how to overcome it?
The following features are excluded or limited. Please contact us if you are interested in one or more of these:
Electronic Horizon in the HERE SDK (Premium Edition)
Geovisualization REST API (Geovisualization via JavaScript is
included)
Tracking REST API. For a free trial go to https://tracking.here.com
and select "Try our app"
Matrix Routing requests above 15x100 size in many-to-many matrices
and 100x1 size in many-to-one matrices are excluded (they are
included with the Pro Plan)
- Tour Planning
Live Sense SDK Beta
Geocoding and Search API Bring Your Own Data (for this a subscription
to HERE Workspace is required)
For more information you can go through the following link for plan details.
https://developer.here.com/plan-features
I am trying to pull some data from the TSI for a defined time period using python. I would like to do this with the help of access tokens generated for security purposes. Can you help me with how to start this process.
#ranah
How you'll do this will depend on whether or not you want to authenticate a user, a Service principal / application, or via the device code option. Take a look at the Python sample for obtaining an AAD token here. If it's a user that will be accessing the data within TSI then the user should be granted either the Reader or Contributor role. If the app will be calling the API as itself then you'll grant the AAD app a role on the TSI instance just like you would for the user.
In the sample code, replace the value for the resource URI with "https://api.timeseries.azure.com/" The trailing slash is needed.
Once you have an AAD token you can then make calls to TSI's APIs for events, series, aggregates and model metadata.
Useful links:
https://learn.microsoft.com/en-us/azure/app-service/configure-authentication-provider-aad
https://learn.microsoft.com/en-us/azure/time-series-insights/time-series-insights-authentication-and-authorization#service-principal
While testing the security of one of our product, a web application, using the REST API of Firebase we got surprised when we realised that refresh-tokens never expire in the V3 of the Firebase implementation, allowing any refresh-token to create new tokens forever.
While local-storage seem a reasonably safe solution today, we are concerned by the possibility that it could fail tomorrow, even for a short amount of time, and that we cannot stop someone from using any of these refresh-tokens.
Two factor authentication will help mitigate the issue, but the first step would become compromised nonetheless.
Is there a way to blacklist tokens, or similar behaviour, with Firebase, without handling all tokens exchange, such as minting, ourselves? We could not find such feature when going through the doc.
Any advice appreciated.
Authentication sessions don't expire with Firebase login. But the ID token will have to be refreshed hourly, to keep access to the services. If you disable an account, refreshing the token will fail and the account won't be able to access services anymore. There is no way to invalidate individual tokens.
Firebase recently implemented revokeRefreshTokens() inside the admin sdk. Although this will not let you kill an invalid JWT, it does allow you to prevent a refresh of the token (from my testing so far at least) and it allows cleaner control flow inside firebase database.
See Admin Manage Sessions For rough examples
All,
OpenStack API issues token after successful authentication. However, it is only valid for 1 hour.
Is there any workaround or possibility to extend token's lifespan?
Thanks & Regards,
Ganesh.
You may want to take a look at the solutions used by Heat, the OpenStack orchestration engine.
Heat needs to be able to execute actions on behalf of a user at some point in the future. Heat cannot simply store a token because, as you have stated, tokens expire.
Heat offers two solutions to "deferred authentication".
Keystone Trusts
Stored passwords
There are lots of details about how Heat handles this here and here.
There are some API examples of keystone trusts on the eNovance blog, and some more over here.
I am playing with the Netflix API. I am confused on what they want as the 'UserID'. (for a protected query)
I am sending in this string (after authentication) to get the User's queue:
http://api-public.netflix.com/users/'userID'/queues
This is return from authentication (not the real token) but what part of it is the userID?
oauth_token=xxx4ewzxxx8xx3xxxx3x9hv&oauth_token_secret=xxx8xxxx7xxd&
application_name=MyFlix&login_url=https%3A%2F%2Fapi-
user.netflix.com%2Foauth%2Flogin%3Foauth_token%3Dxxx4ewzxxx8xx3xxxx3x9hv
Maybe I am not even approaching it from the right angle. Any documentation or code I have found glosses over that part (My netflix ID doesn't work and I assume it should be part of the oauth token I get back, not my normal netflix ID)
Its a bit old question, but you need to get access token which will give you userid.
You can get access token when user agrees that your application can access his netflix account by calling API
http://api-public.netflix.com/oauth/access_token
These information you will later use for communcation with api.
Hope it helps.
Find more here: http://developer.netflix.com/docs/read/Security part Send Us the Subscriber’s Authorized Request Token