Essentially, I'm trying to write my google maps project locally, but I'm just getting these errors.
Google has disabled use of the Maps API for this application. The provided key is not a valid Google API Key, or it is not authorized for the Google Maps Javascript API v3 on this site....
It seems like the other answers were written for another version of the google API, because I've tried the suggested fixes, and white listing these:
*humboldt.edu/*
*localhost*
file://*
http://localhost/*
as suggested by previous questions doesn't work.
Don't use a key at all while developing the project or ommit the referers.
The referers are used to prevent the key from abuse, a referer like localhost/* wouldn't secure the key, there are a lot of people out there with a "localhost".
When you really need/want to use the key(with referers) you may try to create a virtual host where you run the application and use the virtual host as referer.
Related
I have a website hosted in AWS with a NodeJS backend.
I have Google Ads conversion events being sent from the frontend using gtag.js, but I noticed missing events and a lot of duplication (even if I use transaction IDs with my events)
I has similar issues with Facebook Pixel and was able to resolve the problem by sending simple vanilla http calls from the backend.
Is it possible to do the same with Google Ads? I have not been able to find any documentation for server side APIs for Javascript.
This documentation here seems promising, but no Javascript SDK exists. That's is why I would like to know what vanilla http calls to make.
I have seen documentation about GTM server side, but it seems I need to host a GTM container (server?) which I would prefer not to have to. Unless I misunderstood what hosting a GTM container means in the context of a AWS cloud solution.
In addition to the native, gRPC-based Ads API there's also a REST alternative which can be used if there's no native client library, such as for NodeJS.
The endpoint relevant for your use case is customers.uploadClickConversions, which allows you to register a conversion given a specific click ID.
Keep in mind that you'll need to apply for API access in order to be able to use the Ads API (aside from accessing test accounts).
I have been studying the DriveAPI for a while now and can't seem to find a simple way to get it to work just for MY needs only...
I would like to use the DriveAPI only with just the REST API (HTTPS).
There are many things like token, clientid, apikey, secrets, etc.
All I need, is to search MY OWN GDrive files (FULLTEXT CONTAINS) and get a result from the API but I can't get it to work.
Please remember, this is for my own needs only and I would like to bypass the verification (login) window and get some kind of token, that lasts forever, so I can implement this in my own tool.
So, how can I authenticate and use the DriveAPI with just plain HTTPS?
My efforts so far:
I have already made a client ID and a client KEY for a sample project in the dashboard. I have also an Google Drive API KEY. From this point, I don't really know where and what to send.
As I mentioned in my comment, there is no "bypass" for the OAuth 2.0 authentication (that's why there is authentication enforced in the first place). Have you done any coding for this that you can share? For most REST API's OAuth 2.0 authentication is required. Your application must be able to request the token and use it to make the requests.
Google API's use Google Identity service to provide the tokens. In the following document there are many examples of how this implementation should be done in different programming languages:
https://developers.google.com/identity/protocols/OAuth2WebServer
Scenario: Auth0 Single Page application client. .NET Web API and Angular SPA both configured to use this client. Works great.
I'd like to add Azure API Management as a layer in front of the API. Have set up the API in the Management Portal, updated SPA to call API, tested calls from SPA, works great.
Now, I'd like to configure API Management Portal with the right security settings such that people can invoke API calls from the Developer Portal. I've used this [https://auth0.com/docs/integrations/azure-api-management/configure-azure] as a guide.
Where I'm at:
From the Developer portal, I can choose Authorization Code as an Auth type, go through a successful sign-in process with Auth0 and get back a Bearer token. However, calls made to the API always return 401. I think this is because I'm confused about how to set it up right. As I understand it:
either I follow the instructions and setup a new API client in Auth0, but if that's the case then surely it's not going to work, because tokens generated from one client aren't going to work against my SPA client? (or is there something I need to change to make it work)
or, how should I configure Azure API Management to work with a SPA application. (this would be my preferred method, having two clients in Auth0 seems 'messy'). But, don't I need an 'audience' value in my authorization endpoint URL? How do I get that?
If anyone has done this, would very much appreciate some guidance here.
Well, I didn't think I'd be back to answer my own question quite so soon. The reason is mostly rooted in my general ignorance of this stuff, combined with trying to take examples and fuse them together for my needs. Posting this to help out anyone else who finds themselves here.
Rather than take the Single Application Client in Auth0 and make it work with Azure API Management, I decided to go the other way, and make the non-interactive Client work with my SPA. This eventually 'felt' more right: the API is what I'm securing, and I should get the API Management portal working, then change my SPA to work with it.
Once I remembered/realised that I needed to update my audience in the API to match the audience set in the Client in Auth0, then the Management Portal started working. Getting the SPA to work with the API then became a challenge: I was trying to find out how to change the auth0 angular code to pass an audience to match the one the API was sending, but it kept sending the ClientID instead. (by the way, finding all that out was made easier by using https://jwt.io/ to decrypt the Bearer tokens and work out what was happening - look at the 'aud' value for the audience.
In the end, I changed my API, in the new JwtBearerAuthenticationOptions object, the TokenValidationParameters object (of type TokenValidationParameters) has a property ValidAudiences (yes, there is also a ValidAudience property, confusing) which can take multiple audiences. So, I added my ClientID to that.
The only other thing I then changed (which might be specific to me, not sure) is that I had to change the JsonWebToken Signature Algorithm value in Auth0 for my non-interactive client (advanced settings, oAuth tab) from HS256 to RS256.
With all that done, now requests from both the API Management Portal, and my SPA work.
Curious to know if this is the "right" way of doing it, or if I've done anything considered dangerous here.
Since you're able to make the validation of the jwts with the .Net API work, Only few changes are actually necessary to get this working with Azure API Management.
In API management,
Create a validate-jwt inbound policy on an Operation (or all operations)
set the audiences and issuers the same as what you've used with your .NET web api. (you can check the values in Auth0 portal if you don't know this yet)
The important field that is missing at this point is the Open ID URLs since auth0 uses RS256 by default. The url can be found in you Auth0 portal at: Applications -> your single page application -> settings -> Scroll down, Show Advanced Settings -> End points. Then copy the OpenID Configuration
Here's the reference for API management's requirement for JWT tokens
optional reading
I use APIGee for both API Proxy and Documentation, using a customized documentation site.
Following the recent APIGee outage this weekend, when I access my registered application list using my personal login on the documentation portal, I can no longer retrieve my application keys.
I get the error
STATUS: 404 - Not Found; Communication with the Apigee endpoint is
compromised. Cannot get API Products List.
The strange thing is that if I use my admin login at accounts.apigee.com, I can see 2 of my 3 applications listed... but one has disappeared. And more worryingly, this portal provides different application keys to the ones that were initially provided though the documentation portal.
I haven't been able to find any good documentation on this. How are these two sites linked together? Why are the keys different on both sites? What has caused my data to go missing?!
Tadhg -
This sounds like an issue that needs investigation by Apigee Global Support.
Would you please create an Apigee Support case? Please provide any applicable details, including your Organization name, the API call(s) you are making, the 3 applications you expect to see, and any other details you think might be helpful to diagnose.
Thanks!
I want to use Webex API [www.webex.com] to create meeting from my site.
For that I need my own domain in the case of URL API in this way:
"https://yourWebExHostedName.webex.com/yourWebExHostedName/".
And in the case XML API, I need WebexID, SiteID, ParternerID.
Those are mentioned in this Webex official document.
https://developer.cisco.com/documents/4733862/4736679/URL+API+WBS+27+Ref+Guide.pdf
I want to say that these parameters are available in testing environment.
But I don't have my own domain to use this API in production environment.
So I want to know that it is possible to use this API in production environment without owning a domain.
Do you have any Idea? Have you faced such problem? I need urgent solution regarding that.
For the XML API, you can obtain those parameters from this page (you need to login or register first to be able to see the form):
https://developer.cisco.com/site/webex-developer/develop-test/try-webex-apis/
To test the API, all the requests would be made to the sandbox site https://apidemoeu.webex.com
No
You cam't go for production without Webexdomain. Because For recording of video,Host users's and Attendee user's it take space on server to stored all this data you need your web-ex hosting site.