Q: Is there a way to configure Pingdom to check results from mydomain's API?
The API would consist of multiple GET requests. If so how can I approach this. Uptime Check and Transactional check don't seem to offer what I am looking for.
I'd be surprised if you can't do this with Pingdom. The options tab of the http check allows you to submit post requests to an API, with the appropriate headers set.
This article touches on that http://royal.pingdom.com/2016/02/19/make-the-most-of-your-http-check-best-practice-for-optional-settings/
Maybe you could explain further what you need to achieve?
Related
I want use Google Assistant from my phone to send HTTP POST command to my server. I have a simple webnms app running over it, this server support REST API and now I want to use Google Assistant to shoot GET or POST command to that server and return my output.
Is it something possible? I am not full time developer.
Yes, as #Prisoner says it is possible. It is not what you asked - but have you seen these ways that Google provides to get skills published without requiring a lot of developer savvy?
https://developers.google.com/actions/content-actions/
https://developers.google.com/actions/templates/first-app
I don't speak for them, but IMO Google's target audience for Action building apart from the above is those who have at least some familiarity with the JavaScript language and its "run-time" Node.
There is also this - which I haven't tried by the way.
https://www.techadvisor.co.uk/how-to/digital-home/easy-actions-google-assistant-3665372/
In case it is not obvious, Google Actions are essentially websites that interact with Google's assistant running on a Home device or a smart phone, say. Think of the Assistant as a browser initiating requests and your Action as serving them. If you can (build and?) deploy a server that handles POSTS over HTTPS on a publicly addressable URL, and if you can understand the JSON payload that the Assistant sends and respond with appropriate JSON to carry out you application then you are good to go.
Where you don't have a public IP address - e.g. in testing - you can use a tool like ngrok ( https://ngrok.com/ ) to reverse proxy requests emanating from the Assistant to your server.
I have slides for a presentation I did targeting fledgling developers who had never built an Action here
https://docs.google.com/presentation/d/1lGxmoMDZLFSievf5phoQVmlp85ofWZ2LDjNnH6wx7UY/edit?usp=sharing
and the code that goes with it here
https://github.com/unclewill/parrot
On the upside the code is about as simple as it gets. On the downside it does almost nothing. In particular, it doesn't try to understand language. As #Prisoner says you'll likely need a tool like Dialog Flow for that.
Yes, it is possible.
Your server will need to implement the Actions on Google API. This is a REST API which will accept JSON containing what the user is intending to do and specific information about what they have said. Your server will need to send back JSON indicating the reply, along with additional information about how to continue the conversation.
You will likely also want to use a tool such as Dialogflow to handle building the conversational script and converting a user's phrases into something that makes sense to you. You'll also need to use the Actions on Google console to manage your Action and provide additional details about how users contact your Action. All of this is explained in the Actions on Google documentation.
Simple Actions are fairly easy to develop, and can certainly be done by a developer as a hobby. Good Actions, however, take a lot more thought and planning. Google offers you to the tools - it is up to you to best take advantage of them.
I've found the solution.
In the "Action" console https://console.actions.google.com/project/sandbox-csuite/scenes/Start
Go to menu "Webhook", click "Change fulfillment method", and then select "HTTPS endpoint"
I was trying to send an HTTP POST request with certain parameters to a third party API which would return data. I was trying to it to work but was having issues. As part of my research into resolving the problem I started to read about cross domain HTTP requests.There were site after site on how to perform cross domain HTTP requests and why some methods were good and others bad. However, it was all written in a way that suggested that cross domain requests weren't the 'done' thing.
Now, please excuse my ignorance as I'm very new to all this, but this confused me somewhat. Surely cross domain HTTP requests are the whole point of HTTP requests? Someone writes some script to which one can send HTTP requests (with the proper credentials to authorise access) and the script can talk to the underlying application, do some processing based on the parameters sent by the requester and return some data.
Of course I know you can have scripts in your own website (from the same domain) to which you can send information and get results returned, such as validation scripts.
In essence my question is: "Are cross domain HTTP requests not the norm?".
I appreciate that my question is more of a discussion rather than a problem with a specific answer but I'd appreciate any help that can be offered.
Short answer is it's normal. You can make api, authorization on different domains for one project and consume it from another domain that just frontend. Why it can be abnormall?
I am wondering what is the best way to check if an API is up and running as expected. This check would need to occur at regular intervals, similar to what the author of this blog speaks of:
http://www.lornajane.net/posts/2009/add-a-heartbeat-method-to-your-service
Is this the best practice for monitoring API status?
I've been trying to follow good RESTful APIs practices when designing them. One of them which happens to be very simple and common keeps getting hard to follow:
Use GET http verb to retrieve resources
Why? Consider you have a URI to get account information like this:
http://www.example.com/account/AXY_883772
Where AXY_883772 is an account id in a bank system. Security auditing will raise a warning stating that:
Account ID will appear on HTTP ACCESS LOGS
Account ID might get cached on browser's history (even though is unlikely to use a browser regularly to access a RESTful API)
And they end up by "recommending" that POST verb should be used instead.
So, my question is:
What can we do about it? Just follow security recommendations and avoid using GET most of the times? Use some kind of special APACHE/IIS/NGINX access log configuration to avoid logging access to certain URLs?
If you have sensitive information in your urls, and you are logging urls you are logging sensitive information.
So there's two obvious solutions:
Don't log the url
Use a different url that doesn't contain the sensitive information
The last one could be implemented by using some (different) id that your server maps back to the normal id.
If neither of those solutions are an option for you, then you cannot use GET and therefore it's not good RESTful design.
I realize all these things are probably already obvious to you; But it's the most accurate answer I could give.
It's worth nothing that this doesn't just apply to GET, it would actually also be the case for PUT, DELETE and often POST.
I am looking for a product to solve a particular task and I'm having a hard time sorting out which product or type of product can accomplish the task. I am looking for something to handle POSTing notifications via HTTPS.
One of my use cases is a mechanical turk type scenario. A client will request a task be started via an API call. A human will get this request do the task, tell the system the task is complete, and the system will send a HTTPS POST to a subscriber. So it's a long-running async request.
I am looking for something that will take care of making this POST for me. I would like something that is reliable and durable. Of course I can write the POST myself, but all of the other niceties that come with a queuing application would be nice to have (and I don't wish to implement all that myself).
I have been looking at a number of queuing, MOM, and ESB products. From what I can tell the queuing products don't seem to push notify over HTTPS and the MOM and ESB are a little too heavy handed I think. For example I think BizTalk will do what I need but that has a lot of overhead. The one solution I did find was Amazon's Simple Notification Service, but that appears to only send from the amazon.com domain, but I want the messages to be sent from my domain.
Can anyone help identify a product that will help? Maybe I'm just overlooking something, not sure what I am looking for, or have to choose a different way of implementing this.
The answer I was looking for was webhooks. Here's a great presentation on what they are and how they can be utilized.
if you want a serverless way to do webhooks, check out IronWorker's webhook support, here's an article on it: http://blog.iron.io/2012/04/one-webhook-to-rule-them-all-one-url.html
nginx has a messaging module that may be just what you need.