We have account linking turned on our action.
Looking to understand if a user does not use the action for a period of time say 30 days will they be automatically delinked/deregistered from action forcing them to delink?
We issue a refresh token that does not expire so there should be no expiry at least from our iDP provider.
No, even when a user doesn't use the action for like 30 days, Google will not automatically undo the account linking for the user.
Related
I am not able to login in my fb account whenever I login it shows me
We received your information
"If we still find that your account didn't follow our Community Standards, it will remain disabled.
We're always looking out for the security of people on Facebook, so until then you can't use your account."
Do anyone has idea how to resolve this?
I have already mail to FB but they are taking too long to reply.
Sorry for asking this question here.
No, the same thing happened to me just now, April 19 at 5 pm, and I was just about to set up the account for the very first time and was fiddling with the security setup by setting up two-factor authorisation, and by switching off the friends list from public view, and had not yet started to upload any material (as less than 30 minutes had passed since the account was created). That move triggered some automatic algorithm... I was just suddenly thrown out with the message that the account wasn't following community standards and would be closed in 30 days. I didn't even have time to upload a photo of myself or post a single entry to the feed.
For now, I use the scope ?allow_signup=true&login=yourself to make users reauthorize when they connect their account. But this message would show when they go to that reauthorization page:
This application has made an unusually high number of requests to access your account. Please reauthorize the application to continue.
Actually, I am not making a high number of requests, I just want them to reauthorize without revoking their previous access token.
Is there any way I can let them do so without this message?
Turns out this message only appears if the user requests reauthorizes in high frequency. If we can make sure they are not reauthorizing within 1~2 minutes then it should be fine.
I have over 20 applications utilizing ADFS SSO authentication. Last year the token signing certificate expired and I went through the whole sky is falling - chasing down 3rd party vendors to schedule the refreshing of the metadata files to try to make the transition to the new cert as seamless as possible. I have already added calendar reminders 3+ months before their next expiration but I would like to be a little bit more prepared and have a job/script that runs and send me an email when the certificate is 90+ days from expiration. Does anyone know of or have a script that could do accomplish that? Also, is there a way I could do the same per RPT signature certs? I currently have most if not all set to automatically update but would like the notification anyway if possible.
There are a few around e.g. this.
"This script will query AD FS certificates (via Get-AdfsCertficate) and Relying Party Trust certificates (via Get-AdfsRelyingPartyTrust) and check if the certificates expire within a user-defined threshold (or the default 30 days if not specified). It will then output details about expiring certificates, and, optionally, send an alert email."
I have configured Google authenticator on Linux and my mfa is working fine, but according to me an MFA token should expire in 30 seconds but even after 30 seconds time I am able to use the token.
If I use the token then it is not reusable but if don't use it within my 30 seconds then I am able to use it after sometime also. Is this normal? I want my token to expire in 30 seconds even I used it or not used it. Can somebody help me on this?
Although your timestep might only be 30sec, the RFC specifies that the validating service should search the OTP value back and forth in time. This is recommended due to the drift of the clock. https://www.rfc-editor.org/rfc/rfc6238#section-6
This is why, most systems (including Google itself) allows one previous OTP, so while the code regenerates every 30 seconds, every OTP remains valid for 60 seconds.
You need to check your server-side settings
you must to set PeriodDiscrepancy to 0
Please suggest the following:
when a user want a certain package in my site, let's call it basic package.. his starting his recurring payment..after half a month he canceles the package, but his still paid for a full month, my question is this:
When recurring payment involved, what kind of fields should i save from the ipn, and how should i know exactly when to stop the features of the package a user bought...
I've seen in the ipn, i have 'next recurring payment' date, should i save it and use it? should i, every time a user do anything related to his package,check if the package limit time just ended?
What can be a most preferred solution for this?
When recurring payment involved, what kind of fields should i save from the ipn
All of them, for any kind of IPN whatsoever. Log the entire transaction every time.
and how should i know exactly when to stop the features of the package a user bought...
You should definitely stop when you get a cancel or eot IPN message. You probably don't want to deny service just because of payment difficulties. See below for the rest of it.
I've seen in the ipn, i have 'next recurring payment' date, should i save it and use it?
Save everything. Then you don't have a problem.
should i, every time a user do anything related to his package, check if the package limit time just ended? What can be a most preferred solution for this?
I have a 'subscriptions' table which shows the user/product pair and the expiry date. Every time he pays the expiry date is pushed out another period, or maybe I create it with the final expiry date, I don't remember offhand. When he logs in, he is given the roles associated with all his subscriptions that haven't expired yet.
If he tries to do something he can no longer do due to an expiry:
he isn't even provided with a link in the first place by the webapp, so he can't get there by any direct action
in any other case, e.g. somewhere I forgot to do that, or when he tries to access via a bookmark, container-managed authentication will see that he isn't in the appropriate role and give him a 403.
He can also see a table of his subscriptions showing how long they have left to run, and another table of expired subscriptions.