There is a requirement in an application in which we use only URL to access information on twitter. We cannot use twitter API for that. I have a reference URL : https://dev.twitter.com/docs/api/1/get/direct_messages/sent but it is not working as it needs authentication.
Is there some other way to access it using URL only? I want to list all Direct messages of an account on twitter in my application.
If it requires Authentication then the only way you'll be able to "get" it using GET is to authenticate the user. Otherwise you'll see an error code in the response. Recent changes were made in the applications permission model for Direct Messages.
Lean More Here
Your going to need some code besides a URL to send, receive and validate authentication tokens.
Related
I want to use the Reddit REST API for PHP. I have downloaded all necessary files and have used my id and secret however I have no idea what to have as the redirect uri. Every time I try to execute the code, it goes to the reddit site and says it's an invalid redirect_uri.
What can I use as a redirect uri?
The redirect URI is where the user is sent after they've granted OAuth access to your application. There's more information about this in the reddit OAuth docs.
I want to register users to my webinars after they submit a form in my site, this is common practice but I'm having problems authenticating my application.
The problem is that according to the documentation Citrix doesn't support username-password authentication flow (where you put your user and pass in a request and you get a token):
https://developer.citrixonline.com/content/username-password-flow
Instead users need to be directed to a login page to complete their Citrix account credentials, supposedly this can be done by me just once and then save the token, however I couldn't find a method to do it safely, I tried once to save the token and just the next day it was expired. So how can I make sure I get a fresh access token without
I'm using this PHP library which is supposed to simplify the login process (maybe there is some clue in it):
https://github.com/jakir-hayder/Citrix-GoToWebinar-PHP-Library
First, read this primer on OAuth workflow to ensure you have the terms and concepts down pat. (You can ignore the fact that the example is for SalesForce -- OAuth is all the same.)
Then, you should understand that you're looking for the Citrix Token Request Endpoint, which they happen to call "Direct Login".
That should let you pass the username/password to get the token to use in subsequent requests. That what you need?
I would use Fiddler or Wireshark to collect the API calls that are made to the Citrix API when you log in. Then add some code in your applicaiton to send the same requests, parse the response that has the access token, and dynamically use that token however you've already got it set up in your application.
I am making a mobile application, and I have created an API to send JSON data to the app. The thing is if we called the API with www.domainname.com/example.php?listid=1 this will bring all the list information that has the id of 1. The issue I am having is figuring out how I can prevent an unauthorized user from accessing the API. I want the users to only be able to view the lists that they have created.
I am using PHP
You need to include a secure authentication token with all API requests.
(and validate it on the server)
You should probably also use SSL.
I have a PHP web application that I want to make accessible across multiple clients. So, I'm trying to make it more like an API. My question is: How would I handle the creation of new users using the API? If I have a URL like http://example.com/user/signup which takes new user details and creates a new user via a POST request, wouldn't it be a problem that people can misuse it and create fake users easily?
i would recommend only allowing open id in the API, as it would be hard to implement bot preventing schemes into it (captcha ...)
anyway even open id isint that a great idea in the API are you sure you need registration available thru the API ?
What you need to do is use something like OAuth to authenticate access to your system from registered 'apps'. Then the clients can register for access and receive a token key and secret. Then they can use these things to create a request for an access token. Both parties sign the token using the secret and then they can use the encrypted access token to hit the API. Your server verifies the incoming token using the secret that only you and the authorized clients could have. Now it's secure.
I am trying to write an php twitter script which will be run by crontab, what the script does is to get the tweets from a dedicated twitter account.
I have looked at some of the php twitter oauth libraries, all of them seem to use redirect to a twitter page to get a token, then goes back to a callback link. In my case I don't want to have any user interaction at all.
Could anyone please tell me what I should do?
Regards
James
Twitter provides a single access token feature on dev.twitter.com designed just for this use.
http://dev.twitter.com/pages/oauth_single_token
You shouldn't need to be using the Twitter API at all. Tweets are public resources, accessible via HTTP.
Here's the official Twitter account's last 10 tweets, available as JSON or XML.
I use oAuth for my Twitter bot. I got the oAuth token by making a web interface and signing it up. I then pass the token with my calls.
I use Abraham's oAuth library:
http://twitteroauth.labs.poseurtech.com/connect.php
You can use the example from the library to get the token. Just have it echo the token from the $_SESSION it creates on the callback.
Unless the account is private, you don't need to be authenticated.
Or use OAuth, and authenticate using an admin screen.
We do not currently expire access
tokens. You access token will be
invalid if a user explicitly rejects
your application from their settings
or if a Twitter admin suspends your
application. If your application is
suspended there will be a note on your
application page saying that it has
been suspended.
http://apiwiki.twitter.com/OAuth-FAQ