The quick-start sample documentation shows how one can query the public endpoint using a subscription key.
But say I have a private Bing News API endpoint and an AppId generated that identifies me - Can I use the C# SDK to call this endpoint using my AppId? Or would I be forced to call it as a REST API by creating a HttpWebRequest?
Is there something that allows the private API provider to generate subscription keys for their consumers?
As far as I know, only the subscription key can be used to define the client in the SDK. Such as var client = new NewsSearchClient(new ApiKeyServiceClientCredentials(key));.
Currently, private sites such as https://pa***2.cognitiveservices.azure.com and key are not supported to define clients. It is recommended to raise a support ticket on portal to confirm this.
If you need to use C# code to implement the bing search function, it is recommended to use HttpClient and C# code to send http requests.
You can use HttpHelper in my sample code.
Related
after reading this answer https://stackoverflow.com/a/51614256/15486192 from #Arsam, i am successfully sending data from nodeMcu esp8266 to firebase.
but i am using Database secrets Although it is deprecated.
and while searching for an alternative i came across firebase REST
Firebase Database REST API
API Usage
You can use any Firebase Realtime Database URL as a REST
endpoint. All you need to do is append .json to the end of the URL and
send a request from your favorite HTTPS client.
HTTPS is required. Firebase only responds to encrypted traffic so that your data remains safe.
after reading that, anyone conclude that you can send data to firebase using HTTPS request.
so my questions,
is REST API just an HTTP request?
i am just confused if it is, then why just not naming it HTTP API?
can i send my data to firebase Realtime-database using only https request from my client?if yes then how
REST or RESTful API design (Representational State Transfer) is designed to take advantage of existing protocols. While REST can be used over nearly any protocol, it usually takes advantage of HTTP when used for Web APIs.
Be carefull when using the REST API on the client side!
The REST API for the Firebase RTDB is usualy ment for development of code where you don't wand or can't use the official SDKs. For example when you code in a language that doesn't have a official Firebase SDK. Or also in usecases where you because of perfromacne reasons don't want to use the SDKs. In most cases landing pages.
BUT. The REST API is very handy for public data in your database. And I would only recommend to leave public data only the read access. Othervise anyone could fill up your database with knowing your REST API.
So if you plan to use the RTDB on your client side try to use official SDK because the handle the security for you.
David East even had a talk on the last Google IO on how to improve the loading time for laning pages by removing the Firebase SDKs and using the REST API. But that was also only for public data.
If you want to use it on a server from the backend you can use also the REST API. Here is the documentation for using the REST API and here for the authentication part of it.
Background
I'm looking at using Google Cloud Endpoints to specify public endpoints on a Kubernetes cluster.
I'm able to create an API key that can access endpoints, and manually specify which endpoints can access an user.
Is there a way to have a "class" of API keys that get access to the same endpoints? Is there a better way?
2 use cases to support
When enabling a new client they should have access to all our public endpoints.
When adding a new public endpoint, it should be applied to all existing keys.
It depends on what are you using:
With gRPC, all API methods require an API key to access them, so, a new API key/client will have access to already existing endpoints. If you later add a new endpoint, all previous existing keys will have access to it.
With OpenAPI, you can restrict access to your methods in a similar manner.
I need add multiple API publisher and store but I don't want to use WSO2 UI to add one by one.
How to use program to add all API publisher and store?
Thank you.
You can use the APIs published by WSO2. Take a look at their documentation.
Before you make an API calls, you to have call following APIs to receive scope & access_token:
Register your application using /register.(the client from which you will be making API call needs to be verified.)
Get access_token using /token API.
I am using WSO2 API Manager to expose few APIs. But I don't want that the consumer use the API store for the subscriptions. The creation of subscriptions/applications and Access tokens should be managed through by my custom web application.
I have checked the WSO2 API Manager docs https://docs.wso2.com/display/AM210/apidocs/store/ and imported the swagger in SoapUI. When I try to invoke the store api of my local API Manager I am getting the HTML content of API store page. see below screenshot.
Can anyone please help what I am doing wrong? Or is there any other way to the requirement.
You need to pass token which is generated by passing scope and client secret key and password as described in https://docs.wso2.com/display/AM210/apidocs/store/#guide
Is there support for Proof Key for Code Exchange by OAuth Public Clients on Apigee cloud? I couldn't find any reference to it on the online documentation. If not supported, is it on the roadmap?
this should be fairly simple to do, all you need is to create the proper policies in your oauth proxies... we have a solution for openid connect on top of apigee and just added this in a few hours.
PKCE just requires that you store the code_challenge in a cache you can retrieve when about to create the access token, and then it requires you be able to re create from code_verifier + method... this can be done with a node backend, or by importing the proper libraries in a JS callout ( or java callout if that is your thing.)
we used node for this