Just want to know if there is a way to do this yet. I went through their https://developers.google.com/contacts/v3/ site to look for more info but I can't find anything on delegation.
To elaborate.
Due to legal issues, when we get requests for users to get "delegated access" to email. We use API calls to make the changes in order to not log into their accounts directly and make the changes. We have an API Call for email forwarding and email delegation, but we do not have one for contact delegation. Searching their site, i'm not finding how I would do that call.
Related
We are trying to implement a google home action and it needs access to customer's email.
I can see the documentation on this page mentioned we need to have explicit consent from the user. https://developers.google.com/actions/policies/general-policies
Just wondering what sort of consent do we need to implement in order to get customer's email?
Can I please get a sample consent?
Thanks,
Yihan
You will need to implement Account Linking in some form. If you have an existing service that gets their email address, you need to link the Action to the account they have established on your service already.
If you don't have an existing service, you can take advantage of Google Sign In for Assistant, which is a streamlined way you can get permission to access their Google Profile and, if they have one, their registered email address.
When I do a Paypal API signature request under business profile, the generated api is using my old website ---whateverAPI.my-old-website.com
I've updated all of my business information and see no instances of the old url in my paypal account or the developer or sandbox accounts.
I do not have the old login information for developer area where I created the original API information as it was changed to my new login/business.
I need to change the URL associated with my account so the api generated has the apicode.new-website.com
I know this is a low level expertise for most of you compared to what you are coding but I am completely stuck and have tried everything I can think of.
Thanks for taking the time to read!
When the API is first requested on an account, it is generated based on the email address associated with the account at the time. Even if you remove the email address and request new API credentials, it will still use that original email address. There is no need for concern, you only set this in your API call or in your shopping cart to use. Buyers are not going to see it or anything, and it's not something you would regularly share or have to use all that often. Once you set it in your code, you don't really mess with it again unless you need to set up the API credentials again.
In Mandrill, if you create a new API key and do not limit its API calls, whoever you give that key to can use it to log into the web interface with full access - billing information, account information, the works.
After playing around, it looks like you can disable the web interface login functionality by ticking "Only Allow This Key To Use Certain API Calls" and then selecting at least one API call. Doesn't matter which one.
So I can give full access to the account, or completely disable their ability to log in. Is there any way to customize this further? I would like to be able to limit users to the outbound/inbound UI, or at least prevent them from having the ability to charge many thousands of dollars to the attached credit card. For clarification, my use case is to distribute API keys to contractors or vendors so that all email gets sent through a single account.
I have found very little official Mandrill documentation on this. The only thing that seemed relevant is that if you have a Mailchimp account, you can instead send users there and use the "View Mandrill Reports" functionality. I don't have Mailchimp (nor do I need it), so this seems like an unnecessary hacky workaround.
Different levels of access, other than limiting API calls for API keys isn't currently possible as described in the Mandrill KB here. If someone has access to the web interface, they have access to the account as a whole. This may, of course, change in the future, and would be documented on the blog and in the KB.
I believe you could also restrict access to the web interface by setting up two-factor authentication?
I’d like to implement an “out of office” app for Facebook messages but it doesn’t seem technically possible. The idea is simple, let the user define some dates they won’t be reading Facebook messages (i.e.: they're off-line camping) so that when they get a new message we can notify the friend/sender they won’t be able to respond quickly.
I’ve been reading Facebook’s API and, although I can read user’s messages with proper authorization (read_mailbox), I cannot send messages on their behalf.
A workaround would be to get the email address of the sender, and answer with a plan email instead of a Facebook message. But getting the sender's email also requires extended permissions on a per user basis.
I could present the Send Dialog, but logically we want this to work automatically without any user interaction. Also, we could post a private status only visible to the sender, but that doesn’t seem very effective.
This is where I hit the wall. Can you think of a way to implement such functionality?
You can email to username#facebook.com (getting the username from the user id does not require any permissions) – but Facebook’s policies forbid apps from using that in general, because they say these addresses are intended for user-to-user communication.
You could make a point saying, that this was essentially user-to-user communication – but use at own risk. You’re app may be blocked if there’s spam complaints or if Facebook sees you sending a massive amount of messages this way.
I hope this is allowed but I have a number of questions regarding Facebook Connect, I'm quite unsure on how I should approach implementing it.
I am working on a live music type service and currently have user registration, etc. If I were to implement Facebook Connect alongside this, would I still be able to email the Facebook Connect users as if they were on my database?
Also, would it instead be possible to let users who have Facebook "link" their accounts once registered so I am able to give them the benefits of sharing via Facebook and inviting friends while still having an actual registered user on my system.
I have tried to read up answers to the above questions but what I've found is quite ambiguous.
Thanks, look forward to your views.
Facebook's documentation process is very poor, so don't feel bad about having a hard time getting started. Their wiki-style approach to documentation without any real official documents tends to leave the "process flow" tough to grasp, and requires piecing together parts of a bunch of randomly scattered docs.
Facebook has an obligation to protect privacy, so they never make a user's actual email address available to application developers, through Connect or normal applications. They do have a proxied email system in place that you can use, however, you must get explicit permission from a user in order to email them. There's a decent document on proxied email here. You can get permission by prompting for it; there's several methods for doing so linked in that document.
In regards to linking Facebook and local accounts, this would definitely be the way to go. Once a Connect user logs in, you want to store that fact for that user so you can provide the Facebook-specific functionality. I would simply create a normal user account in the database for every new Connect user that came by, with it's own local id, so that you don't have to do special handling of two different types of user accounts all over the site. That being said, the account would obviously have to be marked as a Facebook user's account (I use an externalId column in my users table), and any part of the site that relied on information you might otherwise have locally would have to handle the Facebook aspect properly (such as using proxied email instead of normal email).
For existing users, you could arrange an "account link" by having a process whereby they log into FB Connect after they've logged into the site already, and you could detect that and simply add their FB id to your users table. After that, they could log in through Connect in the future, or through your normal process. I've never done this, but it should be possible.
If you write the account handling code generically enough, your site will be able to function well no matter what kind of user you throw at it.