How to get Outlook Access token? - rest

I'm using the outlook calendar rest api from Salesforce. To continuously leverage the calendar API I need to get authorisation code, access and refresh token.
I have been able to get the Authorisation code by hitting the API. How to get the access token using development code to use the outlook calendar rest API.

Please find the list of AAD authentication libraries here:
https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-authentication-libraries

I found this tutorial in Python very helpful for getting access codes:
This tutorial uses Microsoft Graph (which covers several Microsoft products including Microsoft Outlook) rather than the outlook REST API (which covers just Outlook).
https://learn.microsoft.com/en-us/outlook/rest/python-tutorial
At first, I thought setting up a Django server was overkill. Then I realized that I wanted a way for my Python instance to capture the access code after going through single-sign-on. (I MUST use my browser for single-sign-on because my institution uses multi-factor authentation.) Having a Django server is a natural way to do this.
So I created a new PyCharm Django project (which is straight-forward in PyCharm) and began following the tutorial.
I found it essential to continue following the tutorial all the way through displaying my emails to avoid getting authentication errors -- deviate from the tutorial, and I got error messages (such as this one) that were unpenetrable.

Related

REST API with basic auth method doesn't work when trying to use inherit

Ive got a rest api that connects with a MQ queue. Im using the IBM tools such as App connect enterprise, and MQ Explorer of IBM.
The thing its that when I send rest, using basic mode, the request results in 200 (ok). Ive assigned the values of users and passwords. But when I try to use inherit auth from parent, the answer it's unauthorized 401.
I tryed to modify the swagger doc, but it resulted very complex, and also It occurred to me that maybe if I develop an LTPA token, that could be a help.
Do you know a method to make inherit auth to work without asking the user and password again? Thank you

How Acumatica Cloud ERP integration works for third party application?

We have an application developed with react and NodeJs and already implemented an MYOB cloud ERP integration to import data. Now we are planning to add a new ERP integration for Acumatica, in the developer document it was mentioned that the rest API is available but I can't find the cloud instance URL, everywhere it was mentioned as localhost only. So can anyone please help me to understand how to connect the Acumatica cloud to fetch details?
Note: I understand the authorization flow like Authorization Code but I'm confused with which URL to use for and I hope it should be a fixed one as it is a cloud URL
The Integration end points is a rather large topic. I am in the process of writing a blog post on it which is more or less a getting started blog on automating stuff and getting info via ReST. The blog itself is in the context of using these services via PowerShell but if you are able to follow along and get to the point of establishing postman examples of what you need to do you should be able to get to the same end result in any language.
You will want to explore The Web Services Endpoint screen in the integration module as this is where all the Contract Based Soap/ReST definitions are managed. You can even set up custom endpoint if you need.
Do you have access to the Acumatica Portal? The best way to get started is with some of the course work there.
Stand by and ill forward some information for you to get started.
Robert
The URL for the RestAPI is whatever is the site URL of your Acumatica instance. For example if your Acumatica is hosted in www.ManiMaran.com. To login to your API :
http://ManiMaran.com/entity/auth/login.

Bing Ads API - Can not authenticate - Authentication challenge in Python SDK

I am facing the challenge to request the Bing Ads API to get a couple of metrics from it.
I am using Apache Airflow DAGs hosted on a remote Kubernetes cluster to do so. It is a nice way to automate and schedule tasks.
Now, the documentation is rather light on the point of gaining access to the API.
I have followed this https://learn.microsoft.com/en-us/advertising/guides/authentication-oauth-identity-platform?view=bingads-13#registerapplication
and the official SDK docs https://github.com/BingAds/BingAds-Python-SDK/.
I am failing at authenticating when querying, since I am lacking a couple of pieces of information.
When authenticating using the "refresh token" and "redirect URI", I do not have either. (Class OAuthWebAuthCodeGrant here: https://github.com/BingAds/BingAds-Python-SDK/blob/294d01eea57d80ba381a42cde8d006fc318af056/bingads/authorization.py#L566)
When using a different method (Class OAuthDesktopMobileAuthCodeGrant here: https://github.com/BingAds/BingAds-Python-SDK/blob/294d01eea57d80ba381a42cde8d006fc318af056/bingads/authorization.py#L532), I fail w/
AADSTS700016: Application with identifier '<someidentifier>' was not found in the directory '<somethingelse>'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.
Thank you very much in advance! If you need more details, let me know!
Also great documentation in general, if I can make it more "newb"-friendly, let me know!
Edit1:
Sadly, while there has been some traffic to this question, nobody seems to be able to answer.
I will specify the set up a bit further.
We use Airflow DAGs to request daily updates from the API. For this, we need to authenticate. The authentication comes from a "new device" every time, since the code runs on a k8s cluster which allocates the jobs dynamically to it's pods.
For authentication, we ventured into different solutions, but all require some form of human interaction to get the refresh token into the DAG.
Is there any solution which allows for a hands-free deamon like many-server-to-server communication?
This link sheds some light on what we are looking for: https://learn.microsoft.com/en-us/azure/active-directory/develop/scenario-daemon-app-registration#api-permissions---app-permissions-and-admin-consent
Sadly, the Bing Ads API does not show up there.
What key piece of information are we missing?
Bing Ads, like Google Ads, uses OAuth for its API.
If you reference the Getting Started page, it mentions that you need a developer token, complete with links.
You can follow these steps to get a developer token for production.
Sign in with Super Admin credentials at the Microsoft Advertising Developer Portal account tab.
Choose the user that you want associated with the developer token. Typically an application only needs one universal token regardless how many users will be supported.
Click on the Request Token button.
Regarding your specific scenario--an application running in the cloud without an interface--you should know that OAuth requires you to interact with it to set things up. So run your app locally ONCE, or at least the getting_started code from your language's walkthrough: https://learn.microsoft.com/en-us/advertising/guides/walkthrough-desktop-application-python?view=bingads-13
Running it locally will go through the authentication process with your browser and generate a refresh token (in the file refresh.txt by default). Store this file with your code. It will have to be on the server that's making the request, and since it's in Kubernetes, you'll have to keep it with your container file.

Get published Office 365 calendar JSON without OAuth2 step?

Edit:
Initially, the question was how to get an Office365 calendar in JSON without authentication; but, what I meant was how to get an Office365 calendar in JSON without requiring the OAuth2 step (so, for example on the server-side other authentication methods are acceptable to retrieve the calendar data).
Problem:
I would like to use the Office 365 REST API to access this published calendar (i.e. the "read" operation only since the calendar is published), so that I can "style" the calendar the way I prefer. So, I am looking for a public API approach to using one of my calendars. The code examples for the Office 365 REST API that I found use OAuth to authenticate the client. This seems like overkill.
I have come up with some possible solutions, so any suggestions on the best approach is welcome.
Background:
I have a published calendar in Office365, which gives me a feed:
http://outlook.office365.com/owa/calendar/USER#DOMAIN/CALENDAR_NAME/calendar.ics
and the URL:
http://outlook.office365.com/owa/calendar/USER#DOMAIN/CALENDAR_NAME/calendar.html
How can I do what "calendar.html" is doing, so that I can display a calendar the way I would like it to be displayed (instead of IFraming what Office365 provides)?
Example:
Here is an example URL using the REST API:
https://outlook.office365.com/api/v1.0/users/USER#DOMAIN/calendars
The browser will bring up a basic authentication dialog, so it looks like OAuth is not the only method required (one possible solution, the request could be proxied from a local server that is calling the REST API using basic authentication).
Issues:
One issue might be that the calendar "publishing" feature is meant for a limited amount of data (e.g. 1 year prior or in the future at the most) which is what I assume is what the iCalendar (*.ics) file would contain for any request.
Using the REST API with authentication assumes that there isn't a date range restriction (since one can query the calendar using the REST API, I assume you could query further back than a year).
Possible solutions:
Proxy the request from another server by making the REST API calls using basic authentication. Caching might also be needed since it appears the response times could be slow. The calendar could be either JavaScript that consumes a local endpoint, or HTML content generated at the server.
It looks like the Office365 AuthenticationContext.AcquireTokenAsync() will accept a ClientCredential (client id and secret) or also a UserCredential (simple username and password). So, I think I can run a local proxy service that uses the Office365 library by manually passing in credentials to the function that acquires a token. (I still need to test this to make sure that the function will indeed work this way.)
Simply iFrame the "calendar.html" page provide by Office 365. (Cross domain is prevented, unless it's on one of the Microsoft hosted solutions "Something Webs".)
If using the iCalendar (*.ics) feed, then one would need a transformation function for the iCalendar format to JSON (https://github.com/kewisch/ical.js), then JavaScript or a calendar library could be used to design a custom calendar. (This wouldn't be very convenient for viewing a year's worth of calendar events without cashing and providing a querying mechanism, except for displaying one month back and forward. So, some sort of ics2json to use on FullCalendar might work for only a couple months of calendar history.)
Any suggestions on the best approach (or another approach not listed here) is welcome.
The Office 365 APIs require Oauth2 in order to function. If you are using Visual Studio to develop your app, the O365 tools for Visual Studio + OWIN middleware will handle a lot of the oauth work for you.
If oauth is absolutely not an option, I'd consider using the EWS APIs instead, which can use basic authentication (more info on that here on MSDN).

Gaining an OAuth Token from a Web Flow Login on GitHub

I started to integrate GitHub3.py, and from what I have seen it appears to be an excellent library for my use.
However, I'm a little confused on how to go forward and get using the library in my Django project. So far, I have implemented a login method using the GitHub web flow API, this returns me a code which I could send to the API to return an OAuth token.
However, from reading the GitHub3.py docs, I'm not sure how this can be done.
So I'm wondering how I should go forward from here. I have read this past issue https://github.com/sigmavirus24/github3.py/issues/7 - I don't believe this applies to me since an OAuth code has a already been achieved.
I'm fairly new to Python and OAuth authentication, so I would appreciate it if somebody could push me in the right direction (if the library has code to OAuth methods or if there is another way that I am not familiar with)
Thanks!
So if I understand you correctly you have a token for a user who has granted you permission (i.e., they logged went through the webflow and your application has received and stored the token GitHub returns).
In this case you can do the following:
import github3
g = github3.login(token=TOKEN_RECEIVED_FROM_THE_API)
With that (and assuming you have the proper scopes on the token) you should be able to use most methods that require authentication. If you have the user scope you can use g.user() to get some extra detail about the logged in user.
If you have repos then you can also list a user's private repositories.
In short, when we wrote the library we wanted to make it easy to authenticate in a number of ways and then use the same API that you would if you had authenticated another way.