I have a registration form asking for linked in URL and other user details. I have to check the Linked in profile existence with the URL entered by the user to allow registration. How to check the profile existence in Linkedin?
Related
I want to set up authentication with email (used to receive a link) and display name only, without password. However, from the documentation I only found createUserWithEmailAndPassword. I tried auth().sendSignInLinkToEmail, which enables me to sign in, but it can't create new user in the database.
You're looking for email link authentication. See the Firebase documentation for email link authentication for full details.
There won't automatically be a display name with this form of authentication, but you can set the display name of your choice in the user profile. See the Firebase documentation on updating a user profile for details on that.
I'm currently working on a project where we want to connect facebook profiles to existing (and logged in) Okta users.
The website is made in ASP.NET using Sitecore 6.5.
We use the "Authorize URL" to do our login and account linking with redirect callouts.
I can register and create an account with the facebook identity provider when the user isn't logged in in Okta. In this case it follows the Callout redirects and we get a tx_id. Hover when you're logged in to Okta and you visit the same "Athorize URL" it follows the redirect_uri where you get a id_token as result. this is an JWT string which I managed to decode (example result).
How can I use the information in the JWT to link a user to the identity provider? Or is there another way to do this? I can't find any methods or API calls to add a user to an identity provider without the tx_id.
I believe you used https://developer.okta.com/docs/api/resources/social_authentication.html to add FB social auth for users. Yes, once you browse the final url
https://example.okta.com/oauth2/v1/authorize?idp=0oa0bcde12fghiJkl3m4&client_id=AbcDE0fGHI1jk2LM34no&scope=openid%20email%20profile&response_type=id_token&response_mode=fragment&state=someState&nonce=someNonce&redirect_uri=https://app.example.com/social_auth
you will be redirected to your app https://app.example.com/social_auth with id token in the url. In the redirected app you can read, decode and create session for user. However, the same user profile is also created in Okta.
Once the social auth user profile is created in Okta, you can use that to get id token next time.
I have a web application that creates user accounts, but I would also like to have the ability to have users that can sign up for subscriptions without accounts. All they have is a subscription page to modify email settings and enable the newsletter subscription.
My questions is how do I verify that the user is who they say they are without a username/password, and my second is how should they access this page. I dont want just anyone typing in the url with the email and access subscription settings for that user.
For each user entry you create a unique access code that you use in the url in order to validate that this is the user you want.
The subscription form will give these options:
subscribe by filling in your email
request to change your settings by just putting your email to another field
both action will send an email to you with a special url
the first to validate that this is made by you so you will enable this user & his email
the second to send him another special url to make any changes to his settings in the case that this use is active in your database.
For this unique code you can use md5 of his email with a timestamp when he was registered.
I am using the Facebook login api in my website, currently I am checking if the FB userid exist in my SQL Server database, if it does, the user is allowed to access my website else he will be directed to the Facebook registration plugin page.
The thing is I am also using aspnetdb which in my web.config authorisation, I block all users accept for users who are logged in and authenticated by the aspnetdb membership provider, hence my problem is for users who uses logs in successfully with Facebook gets block by my app's non-fb login page. How should I go about authenticating users who logs in via Facebook? Thanks.
Facebook login/registration API provides you with the FBUserid, it should be stored in your SQL server DB against the user. If a new user comes to your website and registers via FB, you should generate corresponding user in your database too with some default password (random and different for each user) You can provide the functionality that, if a user registered with FB wishes to user your application's login, you should send him the default password via email and ask him/her to change on first login.
What is the right way to find out if a user has logged in to Flickr? I have an iframe in my application which lets user's download their images from Flickr. But if the user is not logged into flickr, then flickr redirects me OUT of the iframe to the yahoo home page.
I would like to do the following:
- Check if the user has logged into flickr, if he has, then download his images in the iframe.
- Else, open a new browser window which will let the user enter his flickr login credentials.
Any suggestions from the experts?
You should use the Flikr API. You need to setup proper flikr authentication in your app. According to the docs, the authentication should flow like this:
Our web based app has the api key
'1234567890'. It has already
registered a callback url for this key
- 'http://viewr.com/auth.php'.
User visits http://viewr.com/ and clicks on the 'login' link.
This link points to http://flickr.com/services/auth/?api_key=1234567890&perms=read&api_sig=2f3870be274f6c49b3e31a0c6728957f.
The user is already logged in to flickr - they are asked if they wish
to allow the application to have
'read' permissions to their photos.
The user clicks 'yes' and flickr updates it's auth database.
The user is redirected to http://viewr.com/auth.php?frob=abcxyz.
-The app makes a background call to flickr.auth.getToken:
http://flickr.com/services/rest/?method=flickr.auth.getToken&api_key=1234567890&frob=abcxzy&api_sig=3f3870be274f6c49b3e31a0c6728957f.
The call returns an auth token '334455'.
The application stores the auth token and creates a session for the
user with a cookie which points to the
user's auth token.
The application makes a background request to the flickr.people.getInfo
to return information about the user,
by calling
http://flickr.com/services/rest/?method=flickr.people.getInfo&api_key=1234567890&auth_token=334455&api_sig=4f3870be274f6c49b3e31a0c6728957f.