From my understanding of the regular WSO2 API Manager product I could create multiple synapse-configurations and register them as (global or api specific) sequences by placing them in the proper directory.
I would then utilize the Sequence configuration capabilites on the "Manage screen" to apply different sequences to the request and response payloads of the backend.
I read the documentation at https://docs.wso2.com/display/APICloud/Key+Concepts#KeyConcepts-Sequences as it is not possible to add more but I wanted to ask specifically.
Is it at all possible to do this type of manipulation in the current version of public API cloud?
I have talked with the relevant teams and this is how you can add a sequence in the API Cloud. Although I mentioned about adding a sequence via the Gateway's carbon console (and said it was broken), WSO2 API Manager product is not a position to make it working (this is a known limitation). If I explain the reason in simple terms, to support it they will need to ship a lot of mediator UIs which will make the product similar to the WSO2 ESB. Following is what you can do.
Use WSO2 Developer Studio to create the sequence you want.https://docs.wso2.com/display/DVS371/Creating+ESB+Artifacts#CreatingESBArtifacts-Workingwithsequences
Go to API Gateway at https://gateway.api.cloud.wso2.com/carbon
You need to login to the gateway. Username is email#tenantDomain. If your email abc#gmail.com and tenant domain (or the organisation key is xyz) you need to give abc.gmail.com#xyz as the username (note the # in the email being replaced with a DOT). Go to "Manage" in the top level menu of API Cloud and you will be able to figure out your organisation key.
Go to Resources -> Browse menu and navigate to /_system/governance/apimgt/customsequences/ registry path. Upload your sequence to in, out or fault folders based on your requirement. This will be then available when you create APIs via the API Publisher.
Yes, it is possible. You have to follow the below steps.
Go to API Gateway at https://gateway.api.cloud.wso2.com/carbon
You need to login to the gateway. Username is email#tenantDomain. If your email abc#gmail.com and tenant domain (or the organisation key is xyz) you need to give abc.gmail.com#xyz as the username (note the # in the email being replaced with a DOT). Go to "Manage" in the top level menu of API Cloud and you will be able to figure out your organisation key.
After login, you can go to sequence menu and add a sequence. I tried these steps just now and realised there is a broken page at add sequence. We are in the process of fixing it. Will keep you updated.
Difference of API Cloud and API Manager standalone version is, you have to store the sequence in the registry for it to be available at the API Publishing time.
We'll be adding a doc on this at the following location soon.
https://docs.wso2.com/display/APICloud/About+WSO2+API+Cloud#AboutWSO2APICloud-CommonAPICloudusecases
Related
How would I detect a Google Tag Manager publish event and send that to an external system?
I am trying to pinpoint effects of specific tag changes for certain properties and correlate them in a graph the way I might do with a new GitHub tag being created.
I've looked thru documentation but have not uncovered anything yet specifically for this scenario.
You could user container notifications to have an email sent to some service that processes the mail and stores the information.
Or you can use the API, retrieve the container fingerprint and compare it against a stored version of the fingerprint to see if it has changed. This would require you do implement some sort of polling in the API script to check every n minutes for changes.
I inherited a program that was written with the old LinkedIn API, and I'm trying to migrate it to the new API. When I try to get the r_basicprofile permission, my oauth token works. However, when I try r_network or rw_nus, I get a response
invalid scope -- your application has not been authorized for
r_network.
Yet, when I go to www.linkedin.com/developer/apps/xxxx/auth, the boxes for r_network and rw_nus are checked.
I.e., A request to
https://www.linkedin.com/uas/oauth2/authorization?response_type=code&client_id=xxxxxx&scope=r_basicprofile&state=yyyy&redirect_uri=http%3A%2F%2Fkalatublog.com%2Fwp-content%2Fmu-plugins%2Fimb-en%2Fhelpers%2Fsocial-connect%2Fapi%2Ffinalize.php%3Fapi%3Dlinkedin%26ch%zzzzz
works, but a request to
https://www.linkedin.com/uas/oauth2/authorization?response_type=code&client_id=xxxxxx&scope=r_network&state=yyyy&redirect_uri=http%3A%2F%2Fkalatublog.com%2Fwp-content%2Fmu-plugins%2Fimb-en%2Fhelpers%2Fsocial-connect%2Fapi%2Ffinalize.php%3Fapi%3Dlinkedin%26ch%zzzzz
gives that error. What am I doing wrong?
As of May 15,
After the grace period expires, several REST API endpoints will no longer be available for general use. The following endpoints are the only ones that will remain available for use:
Profile API — /v1/people/~ `
Share API — /v1/people/~/shares
Companies API — /v1/companies/{id}
If your application is currently using any other API services (e.g. Connections, Groups, People Search, Invitation, Job Search, etc.) you will have to apply to become a member of a relevant Partner Program that provides the necessary API access to continue to leverage any of the endpoints that are not listed above.
It looks like linkedin no longer wants to share anything with their API. Creating a new app indicates that the only possible options are r_basicprofile, r_emailaddress, rw_company_admin, and w_share:
TLDR: they have locked down the API and restricted the usage to an extremely limited set of access points.
I did some more digging. The linkedin website is misleading. On my app linkedin page, it says that I'm approved for rw_nus and r_network, but on this page
https://developer.linkedin.com/support/developer-program-transition
it says those are no longer approved.
So the app home page in linkedin incorrectly said I had those permissions.
Heres the link if you want to Apply for Linkedin
https://help.linkedin.com/app/ask/path/api-dvr
I would like to enable (some) of my users to view my website's analytics data.
Our website has a bunch of groups where users can add content. I would like to enable certain users (group admins), to view usage statistics for that specific group. Ofcourse the data should only be accessable to those users with the VIEW_ANALYTICS right, not to any others.
Is there any way to do this in Google Analytics, or is there some other platform I could use to easily achieve this goal (we use AWS for our hosting)?
Regards,
klmdb
The Google Embed API allows you to display analytics data in your own pages. Pages that are only accessible to the members of your VIEW_ANALYTICS group.
You can create a service account and give it the appropriate access in the analytics user management for the property.
You also authorize the service account to use the embed API in the developers API console. (I don't have enough points to include more than two links in an answer.) In the API console you can generate a private key (p12 or json format) which you then use on your server to authenticate the request for analytics data.
You don't say which technologies you are using, but they show Java and Python examples of how to set up the authentication by the Service Account. I've also seen some node.js and php libraries.
This way you don't have to manage who has access through the google anayltics admin system, you just need to control who has access to your "dashboard" page.
I have done this all with client-side javascript and it works. Of course the client-side nature means that anybody who knows how to use browser debug tools can get our private-key, but in our particular case I'm not worried about it. On the other had it seem like you need to keep some security around this so I wouldn't recommend the client-side solution.
My application needs to fetch Google Analytics data from backend servers.
I am using Google Service Account in my application.
Though I have given all permissions to my service account through Google Developer console, it turns out that my service account cannot access custom segments of my user account.
A way could have been to copy these segments from user account to service account, but there seems like no way to login via service account and be able to copy segments from user account to service account.
So, there seems like no way to be able to fetch custom segments in a web application from backend...
Is there any way to do so?
Can any other account(web application, Installed application account) serve my purpose?
Reading the documentation of above two Google accounts reveals that user would be prompted for authentication (at least once) during authorization in these 2 accounts which is not feasible in backend servers.
I found a similar thread for my query Google Analytics V3 - How to create custom segments for API Service Accounts , but user in this thread resorted to not using segments at all, but I do need to use them in my account.
PS: I am writing my application in RubyOnRails and would be using Ruby Gem for Google Authentication
Answer: No there is no way to add segments to the Service account. Even the Mangment api only allows you to list segments not add them. Segment Management API documentation
An Idea: You could us normal Oauth2 Authenticate it using your account, Save the refresh token someplace and use that in your application to see the data. Then it would be like the Application is always you and would be able to see your segments.
Sorry I don't know ruby so I cant help you with getting the idea working.
I need to write to a Google Calendar from data in our datastore (App Engine app).
I want to access via OAuth 2.
Reading is no problem - the calendar is public and I just use the simple API access method.
Writing is a "problem" - obviously I need to authenticate. However, the calendar is owned by the app administrators, and we want to write to the calendar as a background task - no user interaction is required.
I have gone through all Google's documentation, but I feel none the wiser - how can I do a one -time setup for permanent write access to a Google Calendar, via the V3 API?
To make calls on behalf of your App Engine app without user interaction you should make use of the App Identity module:
https://developers.google.com/appengine/docs/python/appidentity/
If you are using the Google API Client Libraries, using the AppAssertionCredentials object will do this automatically for you:
https://developers.google.com/api-client-library/python/guide/google_app_engine#ServiceAccounts
Note the following:
You will probably still need to supply the simple key in order to attribute quota usage to the right project.
The App Identity module won't work during local App Engine development - you will need to deploy into production in order to obtain valid credentials.
You will need to share the calendar you are writing to with the email address associated with the service account for the App Engine app. To find this email address go to the App Engine Administration Console -> "Application settings" and look for the service account email.
Finally, I'm not 100% sure that the Calendar API allows service accounts direct access, but you should give this a try. If that doesn't work for you an alternative may be to generate a refresh token for a real user that has access to the calendar, and look at embedding that into your application - the service account method is preferable, so I would try that first.