I am trying to add a record (contact) to the ZOHO database using their API after submitting an order.
This requires an authorization token with a validity of 60 minutes which I can generate with a grant token, but which I can only generate with user interaction (GET). Is there a way to get a grant token without user interaction?
Maybe I'm just stupid, but why does adding a record to my ZOHO database require interaction from the user who orders my product.
Maybe I'm just stupid, but why does adding a record to my ZOHO database require interaction from the user who orders my product.
No, ZOHO requires a token from a third-party resource (your site, application, etc.). Since all records are stored and processed on ZOHO servers, access to it must be controlled.
ZOHOs give a SDK, what help refresh token automatically.
Maybe this and this help you
Related
So it seems like https://developer.paypal.com/docs/api/identity/v1/ only works if you're using Connect with Paypal API. This isn't an option at the moment. I have a Paypal widget within my dashboard and users can add multiple accounts. I need an email or name to help my users distinguish this account from their others. I tried using /userinfo but I only received the user_id property.
Is there something I can do differently to get email/name from this endpoint or is there somewhere else I can get this data? This workflow is best for users but if needed I can have them manually enter the info on my application
What ended up working for me was making sure all permissions per enabled and I added my return URL. I was doing this to setup connect with paypal button but then tried a postman request and realized I could now get all user info needed
I am currently working for an online market. Once a customer completes an order, I want to transfer that order into Sage Accounting using Sage API calls.
Here is how I have thought about implementing this process:
Customer sends an order
A script is called, taking the order details and creating an invoice through a sage API request.
My problem is that I cannot find a way to automatize the process before making the API request.
Here is how a request must be made (according to the Sage API documentation)
https://sageone-uk-help.s3.amazonaws.com/sageone_oauth.png
.
I am aware of the refresh token, but the problem is the code needed to obtain the access token is generated after logging into Sage. The script will therefore do nothing if it reaches the login page.
I'm very sorry, but it is not possible to automate the authorization process. It wouldn't make much sense as well: The Sage Accounting user has to explicitely express his consent that your application is allowed to access their accounting data.
If it's only one account your application has to use in Sage Accounting, you could just create an access and refresh token on your machine and export it to the application. Or you implement a "Connect with Sage Accounting" button in your application's backend which initiates the OAuth flow and then stores the tokens.
(And just for the sake of completeness: The authorization code is only valid a minute, so better not try to store that one anywhere.)
I have bit of a confusion here, I am working on an android application, with PHP backend. I use other AWS libraries for most of the tasks but transactions and etc I kept for backend. I use retrofit for handling PHP api calls and responses. I am quite confused here, is there any way where I can determine cognito identity id of user making request to my web API using PHP? Using API gateway I will be able to restrict access only for logged in users, but determining their identity is receiver API is quite confusing for me.
Update :
I do not wish to use API gateway in any term. It's buggy most of time requests times out. Server provides better performance for current situation.
Any clue or help will be very appreciated.
Since you already have a user database, you will need to use "developer" identities in Cognito.
You need to create an "Identity Pool" in the "Federated Identites" section of Cognito.
From there you register a "Custom" authentication provider.. Basically it's a string that you will associate your users ID with...
Then you will use the CogintoIdentity->getOpenIdTokenForDeveloperIdentity() method to sign in your users in amazon.
You will be returned an IdentityID and an OpenID session token that you can send to STS to get temporary credentials to the AWS API... you can also use this new identity to create datasets associated to the Identity with CognitoSync
$cognitoIdentityClient->getOpenIdTokenForDeveloperIdentity([
'IdentityPoolId'=>'Your Pool ID',
'Logins'=>[
'your.custom.provider.string'=>'YOUR USER ID'
]
]);
EDIT:
After obtaining an IdentityId... In my mobile application, I use custom HTTP Headers to send over the IdentityId, and also the User ID and use "lookupDeveloperIdentity" method to validate the user on the server side.
$cognitoIdentityClient->lookuoDeveloperIdentity([
'IdentityPoolId'=>'Your Pool ID',
'DeveloperUserIdentifier'=>'{X_HTTP_USER_ID}',
'IdentityId'=>{X_HTTP_COGNITO_IDENTITY_ID}
]
]);
I am building a (small) subscription box business and I now need to focus on the web app. I already built stripe-based websites so I have a decent knowledge.
However, the issue I faced when building these previous sites is that the API was called TOO OFTEN. It slowed everything down.
How to build this subscription-based website, only with stripe, and making calls to Stripe API only when required (create/edit a customer, plan, subscription, etc.) while still making sure information is reconciled and up-to-date on the website for both admin and clients?
Check out the Stripe Webhook API here: https://stripe.com/docs/webhooks
You can store the user's information in the database and only update those fields if the user makes a UI action and you can make an assumption on what to update (like a subscription plan ID) or using a webhook handler, which you can use as a sanity check as well.
To be even more specific, I can give some examples as you will still need to make API calls when a user does an action such as: creates an account, removes their subscription, subscribes to a different subscription. You will store when their subscription expires in the database. When the user makes a request you do not make an API call to check when their subscription expires, but check the database field. When the subscription renews itself you will then have a webhook handler to update the expiration date in the database.
Essentially how it works is Stripe will make a request to YOUR service only when it needs to, instead of your service calling to Stripe on every request.
For WordPress specifically you can user the User Meta Data to cache/store the user's information and only make calls to your database for faster transactions. http://codex.wordpress.org/Function_Reference/get_user_meta
There is SO MUCH information about google APIs. So I'm getting lost in all the research.
My goal:
I have a spreadsheet under my google docs account. I want to run a cron job every day, pull cell values from a specific cell (it increases to the next row each day) and then do some other API calls to other services, then write the results in another column in that same row.
Most of the oAuth 2.0 stuff needs to ask the user, which can't happen in a cron job. I found something about a service account, but thats a whole new type of account, and it seems to have it's own credentials. I already have 4 types of security credentials created.
Question) How do I authenticate my google account in PHP without asking anything to the user?
The URL I want to use with cURL after authentication is this
https://spreadsheets.google.com/tq?tqx=out:json&tq=<QUERY>&key=<MY KEY>
Thanks to anyone who can help!