I need to call smartsheet api inside my web application. Browser is blocking request to smartsheet api with Access-Control-Allow-Origin error. what should I do?
Does smartsheet provide any way to call api inside another application?
Edit:
So I need to use node js module "smartsheet". After using that I am getting timeout error. If I call API using postman it works.
what should I do?
The Smartsheet API doesn't have support for CORS which is required to be able to reach out to the API directly from a browser. To be able to reach the Smartsheet API instead you would need to make a request from the backend of your web application on a server. The Javascript SDK is written in Node.js and is meant to be used on a server. It cannot be used directly in a browser. You could setup your own Node.js server with the Smartsheet Javascript SDK and have your application reach out from the browser back to your server. Then your server can make requests as needed to Smartsheet and return back the necessary data to the application running in the browser to present the dta to the user.
Related
Hi, I have a question concerning the implementation of Facebook Conversions API via Google Tag Manager Server-Side.
We are using DNN /EVOQ CMS which is a .net application.
Everything else is in place concerning Facebook Pixel and Business manager.
I also tested it on the Graph API and it worked fine.
It’s just the last step that is missing.
I know one way to implement the Facebook Conversions API is with Node.js Business SDK.
https://developers.facebook.com/docs/marketing-api/conversions-api/using-the-api
My Question:
If you use Google Tag Manager Server-Side, do you still need to add the Node.js Business SDK ?
Thanks in advance
The Node sdk is to send FB conversions directly to FB.
In your case, you send all the FB conversion info with the hit to your GTM endpoint and then you make a custom http request tag and retranslate all the info you've got from your backend into a proper FB conversion request.
That's pretty much it.
What URL should be used for the App and for redirect for the Smartsheet new app registration form?
I'm attempting to build a small app so I can learn about the smartsheet API, but I'm stuck at step 1. Should I just use the smartsheet developer portal?
I was thinking about using Postman for this purpose, but I don't know how to use postman. I will be working with Python and just want to code a small tool to GET smartsheet data. So which rabbithole do I go down?
If you're just wanting to explore the Smartsheet API and test out some API operations by sending requests and viewing the responses, then using Postman would be the easiest route to do that. Using Postman only requires that you assemble the API requests properly (i.e., correct headers, URIs, parameters, request body) -- it doesn't require you to do any actual coding (e.g., Python). Looks like the Postman Learning Center contains some info that'll help you get started with Postman.
Regarding app registration within Smartsheet -- if you're just creating a sample app that you're going to use to explore simple API requests (and not a real app that you're ever going to actually deploy to production), I think you can use any URL for App URL and App Redirect URL (e.g., you could get by with just using https://www.google.com). However, keep in mind that building an app is a lot more work than just using Postman to explore the API -- if you're only wanting to explore the API for now, I'd recommend starting with Postman. Then once you're familiar with the API, you can use that knowledge to build an app that submits API requests and processes the responses.
I have hosted my REST services on API management and consuming those in the Azure Web app service which consists of only HTML pages, javascript files and CSS files.
I would like to know how to restrict accessing the REST endpoints of the API management only from the web app without Azure AD and OAuth setup.
Client side application sources are by design available in clear text to anyone using it. Any user can open developer tools in browser and look at code you've written to make app work. So even if you secure your REST API with some secret and use it in app code to talk to that REST API anyone in the world will be able to take that secret our of the app and call your REST API directly, and you would have no way to distinguish their calls from calls made by your app.
OAuth and AAD would work to a certain extent but even they allow you to authenticate user, not the app. Same user can easily trace calls made by your app to REST API and reproduce them in any other app, and you again would have to way of figuring that out.
I think your best bet is to throttle calls made by a certain user identifying it any way you want (even if by IP address).
You can use Certificate authentication from web app to api management. The ssl certficate thumbprint on you web app you can validate in api management policy.
I am working on a Soundcloud XBMC add-on. The add-on is open source, and written in Python. I would like to allow users to login to their SoundCloud account via the add-on, however it's possible to have XBMC instances running in an environment without access to a typical web browser (e.g. raspbmc, which provides no window manager or graphical browser by default). Is there a way to still allow users to authenticate with this add-on without requiring use of the 'SoundCloud Connect Screen' and without violating the SoundCloud API TOS?
This is not provided in theirs API, but after some digging into the libraries i figured it out.
Make a POST to: https://api.soundcloud.com/oauth2/token
with these params
grant_type=password&client_id=YOUR_CLIENT_ID&client_secret=YOUR_SECRET_ID&username=USERNAME&password=PASSWORD&scope=non-expiring
this will return non expiring token that you can use for future authenticated requests.
So I'm trying to build a Blackberry Webworks that integrates with Facebook.
I'm trying to use the Javascript API provided by Facebook, but I'm having some issues with logging in.
The typical "FB.login" function creates a popup, and this doesn't show up on a Blackberry so using that is no good.
Another issue is that I have no idea what to set as the redirect_url for the oauth login, because Webworks pages are referenced locally (local://index.html), and the API rejects this as a valid url. (I've also tried just index.html, but this also causes an error)
And finally, I have no idea what to use for the Mobile Website URL on the Application settings and not sure what other settings to use. Since users will be coming from a Webworks app, Facebook is rejecting login requests if I try to call the oauth url directly. (191 Error).
I figured out the only viable way to do this is to have a web server that will go through the OAuth2 authentication process documented by Facebook.
What you can do in Blackberry is open a new window or to use a Blackberry BrowserField that links to the web server, that way, your page will be able to get the oauth token that you can use to make Graph API calls.