With PHP, I create a smartsheet from excel file with smartsheet API. Everything is working fine so far. But I also want to give right access to the new smartsheet to a specific user to allow him to open it from a browser.
The user already has a smartsheet account.
Is there a smartsheet endpoint that allows this to be done?
Thank you
The operation you're looking for is Share Sheet.
The following example request grants the Smartsheet user who's registered with email address jane.doe#test.com EDITOR (write) access to the sheet that's specified by sheetId in the request URL.
POST /sheets/{sheetId}/shares
[
{
"email": "jane.doe#test.com",
"accessLevel": "EDITOR"
}
]
A couple of notes:
By default, the Share Sheet operation won't send an email to the user to notify them that they've been granted access to the sheet. If you want it to send them an email, you'll need to specify the query string parameter/value sendEmail=true on the request URL, and specify the message and subject properties in the body of the request. See Share Sheet in the API docs for details about this.
If you want the user to be able to share the sheet with others, you'll want to specify EDITOR_SHARE as the access level (instead of EDITOR). See Access Levels in the API docs for details about the various permissions.
Related
I'm using the GET /sheets call to list all of a user's Smartsheets but am having an issue. The response object contains most of the user's sheets, but doesn't contain any sheets where the user's accessLevel is OWNER.
Here is the call I'm making:
GET https://api.smartsheet.com/2.0/sheets/
With a header
Key: Authorization
Value: Bearer <access token here>
Is there a setting or API parameter I'm missing?
I looked through the Smartsheet API docs and FAQ for answers but couldn't find anything related so apologies if this is already answered somewhere.
As described in the API docs, the List Sheets operation should return all of the sheets that the user (access token owner) has access to -- including any sheets that the user owns (accessLevel = OWNER) or has otherwise been granted access to. I've never seen it not work this way. A couple of thoughts / troubleshooting suggestions:
Is it possible that the user to whom the Bearer token belongs does not actually own any sheets (i.e., that they have access to sheets because they've been "shared" to sheets, but aren't actually the owner of the sheets)?
If you have access to an API access token that belongs to user who has Admin rights in Smartsheet (within the same Org as the User for whom you're trying to identify "owned" sheets), you could execute a List Org Sheets request and examine its response (which will contain all sheets owned by members of the organization to which the Admin belongs) for any sheet objects where owner or ownerId corresponds to the user for whom you're trying to identify "owned" sheets. The number of sheets "owned by" userX in the Get Org Sheets response (using the Admin token) should match the number of sheets where accessLevel = OWNER in the Get Sheets response (using UserX's token).
Update (re paging):
Also note that the Get Sheets operation is one of several Smartsheet API operations that support paging of results. If you're not seeing the sheets you expect to see in the API response, it's possible that results are being paged and it just so happens that the objects you're looking for are not contained within the initial page of results (default page size = 100). To see if this is the case, you could try including the includeAll=true querystring parameter on the API request URL (which tells Smartsheet to not page the results -- i.e., all results should be included within the response).
I have been experimenting with the REST API using my logged in user account's token to then make PUT requests on my user record to update some custom attributes.
In order to get to this work I had to grant my user account the manage-users role in Keycloak, prior to this I was getting forbidden responses back.
I can now make the PUT request successfully, and after logging out and logging back in I can see the updated attributes I set in my PUT request.
But I have now allowed my user to be able to manage all users in my realm, which I dont want to allow.
Instead I only want to be able to update my own account details.
I know the user can view their own profile and make changes on the Keycloak provided screens. But for certain custom attributes I want to be able to do this from the client side application they are logged in to, so using the REST API but not granting them a role that could allow them to update other users details.
Is this possible?
According to the User section Keycloak's Admin REST API, this is not possible.
One solution would be for your client app to send the update request to a backend. The backend will verify that the update request is legit (aka the JWT is verified and the update does apply to the user requesting the change).
Another solution would be to theme the User Account Service's screens to add input fields for your custom attributes, as the documentation says that:
This screen can be extended to allow the user to manage additional attributes. See the Server Developer Guide for more details.
The second option seems the more secure. I hope that helps.
This seems to be possible with the Account Management API.
Unfortunately, I didn't find any official documentation about that. However, there's an example in Keycloak that demonstrates how to do it.
What is the best way to authenticate with an external API from a conversation with a bot on the facebook messenger platform?
For a broad example, I would like a user of my bot to create items on their own profiles of an external website. Is there a way to get login information from the user, or connect my bot to the external website, without the user explicitly sending a message to the bot with their username and password?
What I found in the documentation under User Profile API:
You can personalize the conversation using the person's name or profile pic from the User Profile API. In order to get this information, make a GET request to https://graph.facebook.com/v2.6/?fields=first_name,last_name,profile_pic&access_token=. Read more details in the Send API reference.
This isn't quite what I'm looking for but it helps. Here's more info from the docs:
User Profile API
Request
curl -X GET "https://graph.facebook.com/v2.6/<USER_ID>?fields=first_name,last_name,profile_pic&access_token=<PAGE_ACCESS_TOKEN>"
Response
{
"first_name": "Peter",
"last_name": "Chang",
"profile_pic": "https://fbcdn-profile-a.akamaihd.net/hprofile...70ec9c19b18"
}
It depends how they come in.
If they come from your website, you can use the Send to Messengee button from within their account. Use the pass through param to link your account to the user thread.
Here's an excerpt from the documentation:
The plugin takes in a pass-through parameter defined by you. This parameter is sent back to you via a callback. You can use this to link the authentication event to a person and/or transaction. For example, a person may enter an online flow for a specific transaction and click the Send-to-Messenger button. You can pass in data to know which user and transaction was tied to the authentication event. You should encode and encrypt this parameter.
If they come directly to your bot, you would have to present them with a login of some sort (your login) from within the conversation. This would happen in a link to an mobile web URLs.
Below rest api provides the membership details of a box user:
https://api.box.com/2.0/users/335014321/memberships
Is there a similar api that will fetch folders connected to box user?
I have tried below rest endpoint but gave response status:
405,"code":"method_not_allowed".
https://api.box.com/2.0/users/335014321/folders
You would probably not be able to get the folders connected to a box user without the oauth token from that user.
If you are an admin of a box enterprise account. You can use the As-User header. You can take a look at this
https://box-content.readme.io/reference#as-user-1
You would have to get an access token as an admin to be able to use the As-User call as well as sending a Support Ticket to Box Support to ask them to activate your application to allow the usage of As-User.
I'm calling
https://graph.facebook.com/<user_id>/?access_token=<valid_token>
or just
https://graph.facebook.com/me/?access_token=<valid_token>
and getting back json object that doesn't contain primary user email which I need.
I setup email permission for the app and no effect.
What can be wrong?
Did you remember to ask for the email permission in the login request? You do this by adding the scope parameter like this in the login request (&scope=email):
https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_uri=YOUR_REDIRECT_URI&state=SOME_ARBITRARY_BUT_UNIQUE_STRING&scope=email
Facebook API reference
You probably do not have email permissions in your access token.
You can verify it with the Acess Token Debugger
I believe that your question is, even after granting permission to access email, you are not able to get email information through the Graph API. In newer versions, you need to pass fields param to the API to get additional information such as email. By default, it only provides id and name in response. Please find a sample below on how to get other info from graph :
https://graph.facebook.com/me?fields=id,email,first_name,gender,last_name,link,locale,name,timezone,updated_time,verified&access_token=<value of access_token>&debug=all
Hope this helps.
It is possible that the email is not verified in facebook. In this case facebook doesn't make it available via the API. Make sure your code handles this case.
Since the release of API version 2.5 you can get user email like this: https://graph.facebook.com/v2.5/me?fields=id,name,email