Can the sub field of a JSON Web Token be used as a UID for identifying a user inside my app or do I have to use the username that is generated by my database (Couchbase) which looks like this: accounts.google.com_114...749 as a UID?
Related
Suppose super admin wants to see another sub admin's details
my current method is GET -- domain/api/user/get_by_id/{id}
I'm using JWT also.
is my method correct?? Is there any other method where I don't put the id directly in URL
my current method is GET -- domain/api/user/get_by_id/{id}
So, answering your questions one by one,
is my method correct??
If you are using RESt Web services as you have added that tag, then no, this should not be the url. I would suggest you to read upon REST web services a little as the url should look somewhat like this.
GET -- domain/api/user/{id}
Also the id you put in url is a public one and not the one of your database. So a entry in the database should look like:
Id | Username | userId (it is public)
1 | debabrata| r1398fh9238yhas89
So to call the url r1398fh9238yhas89 will be passed and not 1.
Is there any other method where I don't put the id directly in URL
You could encode the id in base64, jwt style or some kind of other encryption or as earlier stated just send a public ID which doesn't mean anything for your database.
I just want to know the default restful url for the openbravo, for example Let us consider a when admin logged in I should get the list of users and I don't know which path should I pass.
The url to view the list of users in is
localhost:8080/openbravo/ws/dal/ADUser you need to provide username and password for the authentication. The username can also be provided by passing l=username&p=password in the url
localhost:8080/openbravo/ws/dal/ADUser?l=Openbravo&p=openbravo
I know I can call each individual field via something like
/---ID----?fields=gender,languages,age_range,bio,birthday,education,email,hometown
Is there a quicker way than listing every single field?
It is ok if the user has most of these fields locked down with their privacy settings, I just want it to pull what is available.
just try:
https://graph.facebook.com/{{ username or uid }}?access_token={{access token goes here}}
Example:
https://graph.facebook.com/zuck?access_token=###
will give all the public information available for that user.
If I understand correctly, the Graph API enables access to public pages using a generic access token. I'm finding however that many public pages are not returned in search results when using this type of token vs. a user token. I don't want users to have to go through an OAUTH dialog just to retrieve the basic properties of a public page.
This example below returns a result when using any user access token but no results when using a generic access token:
What am I doing, or understanding, incorrectly?
https://graph.facebook.com/search?q=OSullivansHerndon&type=page&access_token={myuseraccesstoken}
https://graph.facebook.com/search?q=OSullivansHerndon&type=page&access_token={APPID|APP SECRET}
You can get a generic access token for your app that will let you look at requests where you would otherwise need an access_token= parameter in the Graph call. You don't need to authenticate users as the access token is for the application.
https://graph.facebook.com/oauth/access_token?
client_id=YOUR_APP_ID&
client_secret=YOUR_APP_SECRET&
grant_type=client_credentials
example:
https://graph.facebook.com/nike/posts?access_token={response from above call}
I suspect you need a user access token to use /search as search results use social context. If you have the page id, you can load that without any access token by just hitting /id
I dont think you can get this to work without a user access token. From my limited OAUTH is the only way forward.
By specifying GRAPH API user token, you simply meant that you are using user preferences and information .
if your intention is to fetch some public page information , then you need that page userid or username . And , if you are intention is to grab all the public data which is available for your particular user , then you have to pass oAUTH system,Since indirectly you are accessing his information which is meant public under some facebook govern rules .
Accessing public page by providing user id
https://graph.facebook.com/19292868552
By writing the id of that page,you ca access its information. Now the question is how to access the id of that particular page, Manually just visit that page --> photo album . on the top of that page,you will see something like "Album Videos" . Just visit any of that link.now see,woola the id of that page is visible to you . something like this url
http://www.facebook.com/media/albums/?id=176101909092314
And btw,if you are interested in performing search , then you need to specify user token. facebook do some algorithmic search for all users and track user activities . So , the result will not always the same for you and me , as an example .
I am building a small facebook application, in which I am performing the following:
The user fills out his friend's names (using friend selector), What I want to do next is retrieve the friend's user ID based on their user name. Is it possible? Can I query a user by its name and receive his id?
That's not true! usernames ARE unique too, but the actual name isn't unique!
The username itself is the part from the url e.g.: www.facebook.com/zuck (Page from Mark Zuckerberg) his username is zuck BUT not all user have set a username. For them it shows an userid e.g.: www.facebook.com/profile.php?id=123
No because names aren't unique. What you could do though is capture the UIDs that the friend is submitting, because even though it looks like names, what he's really doing is picking out UID's. Then, even without your app being approved, you can query some basic data (first, last, locale, profile url)