In my application , I use the following APIs of the companies API,
https://api.linkedin.com/v1/companies/id={id}
and
https://api.linkedin.com/v1/companies/{id}/updates?event-type=status-update
With the new API program, do I need to change my existing application ? I find the description on the linkedin developer website regarding the same as not comprehensive enough. If I need to continue with the app, do I really need to get into a partnership program with linkedin or can I continue like I do currently.
We recently contacted the LinkedIn Support regarding the changes.
So first endpoint will be available to you without getting into PartnerShip program. The following endpoints are the only ones that will remain available for use:
Profile API — /v1/people/~
Share API — /v1/people/~/shares
Companies API — /v1/companies/{id}
The second Endpoint will require Partner Ship program with LinkedIn you can apply here
But it will not involve code changes because they will give privileged access to your App. At the time of applying for partnership program they will ask for LINKEDIN_APP_KEY and LINKEDIN_APP_SECRET. They will provide access to these KEY and SECRET.
Related
I have successfully deployed a Google Cloud Endpoints Developer Portal for my API running on Endpoints. I would like to provide access to testing to people outside my organisation that are not using GCP in their projects.
Login to the portal works correctly if I enable the Service Consumer role for these people (on per-email basis). However, when they open it for the first time, they are being asked to grant some extra permissions to the portal:
This form can create totally unnecessary security concerns. Does anyone know, why is it needed?
I only would like my clients to be able to test my API using a GUI, before they could start connecting their projects (not necessary on GCP) to mine. This seems to be a valid use case for me, however I might be misunderstanding some basic concepts.
Or should I submit a feature request to Google about a new role that only enables the access to the portal, and nothing else, so no such forms are shown?
Since Endpoints APIs must be explicitly shared with customers, the portal needs to verify that the logged-in user has permission to view that Endpoints API. So the short answer is that these scopes are being requested primarily so the portal can check the user's access to this API.
Longer answer is that we (the Endpoints team) are looking into if it's possible to build narrower OAuth scopes that would correspond to the access checks we perform. We agree that it's unnecessarily broad of an access request and are hoping to improve this in the future. Thanks for your comment!
Alright, A friend and I are developing an App where I'm developing the back-end and he is developing the front-end. The project is separated into two repositories the front-end and the back-end, and we need to implement a payment API.
Now, since we're using the REST API Concept, we communicate both ends through JSON data.
My question is, when we're making the connection to the payment API, who needs to execute that request? The front-end or the back-end?
I know it's a silly question, but first timer here.
The backend will obviously process the payment, I'm not sure which payment API you're going to use. But depending on the API you go with, the implementation will vary. But the actual processing of the payment will be processed in the backend for sure.
It completely depends on the API.
In some cases, a payment can be accomplished via a secure web service call, which would be issued by your friend's REST service. The front end will still need to collect data (e.g. payment amount and card number) and may also need to collect additional information to satisfy the API (e.g. IP address or browser signature, for risk management purposes).
In other cases, the payment is sent directly to the service from the browser. The role of your application would be to render an iFrame housing a page that is reached via SSO. The back end may need to call a service to retrieve an SSO token, or may have to compute an SSO token using a shared key.
You should probably refer to the payment API's documentation. They often have very specific guidance which you must follow carefully in order to achieve payment card (PCI-DSS) compliance. There is nothing special about "payments" that says that allows StackOverflow users to guess anything about its API.
We are planning to develop a web based application for one of the Research Institute.
Overview of the application:
It is survey application
It requires login credentials for data-entry operator to open web-app for collecting participant’s information
It has fixed number of login credentials for data-entry operators (No user registration)
Google Maps APIs will be used in this application for locating and collecting participant’s address details (Places Search APIs and
Reverse Geo coding)
We have gone through the following links
https://developers.google.com/maps/pricing-and-plans/
https://developers.google.com/maps/terms
As this application will be used by Research Institute, We are not sure which plan (Standard/Premium) can be used for such type of application.
Also we are not able to connect with Sales team where we can evaluate the application for correct billing plan.
We need help on following items
Identifying correct plan/package for pricing and legal terms as the customer is a research institute
How can we connect to direct Googles' sales team for clarifying or identifying correct plan as there is no direct support available except for Premium plan?
After different searches (googling) and connects found below URL to connect with Google Support team for Map API queries
https://enterprise.google.com/intl/en_in/maps/contact-form/
Note: We got response from google support team after aprox. 7 days. So expect minimum 7 days for response.
Hope this would help to someone having similar query.
Thanks!
I'm setting up a personal page, and I would like to display my past work experiences and other data I have on linked-in so it is automatically updated when I update my linked-in profile. Is this possible without having to do oauth? I just want my own data.
No.
As the company says on their REST API page:
In order for your applications to access LinkedIn member data and/or act on their behalf, they must be authenticated. LinkedIn relies on the industry standard OAuth 2.0 protocol for granting access, due to its simplicity and ease of implementation.
See also this previous SO question.
This doesn't mean, however, that OAuth can't be handled for you:
As a convenience, if you are developing a front-end JavaScript or
Android application, we provide SDKs to handle the authentication
process for you.
Additionally, there are several 3rd party libraries available in the
open source community that abstract the OAuth 2.0 authentication
process for you in every major programming language.
As for the major languages they support, LinkedIn provides walkthroughs in PHP, Python, and Java on their API Get Started page.
Is it possible expose and sell google cloud endpoint as an Api? I have created a simple but useful cloud endpoint. I want paid customers to access it directly as an api. How will I create a client-Id or API key dynamically for such clients, etc? For example, google also sells search service as API, where any user can go generate its own API key and Secret, and start using google search service.
Right now, no, or at least not without a lot of work.
The current product was designed with the "same party" use case as the primary goal (the API producer and consumer are the same). There are a number of things that would need to be added to the product to enable the kind of use you're describing. First and foremost on that list would be some kind of API consumer dashboard (like the one Google offers developers for consumers of its APIs).
Endpoints is built on the same API infrastructure as the rest of Google's APIs, and Google does offer this feature on some of its APIs. That may give you a sense of where the product is headed in future iterations.