I got the following from fiddler whenever I try to login to dropbox.
[{"uid": 663175210, "sess_id": 272608865417613682242215474540606531660, "expires": 1495277184, "team_id": 2059286, "role": "work"}]
Notice that uid is being passed. I did some google and found that the uid is The Dropbox user ID of the authorized user.
Is there any way i can get the user email id (used to login to dropbox) using dropbox API, given that i have the corresponding uid?
No, the Dropbox API doesn't offer a way to retrieve the user's email address by supplying the uid.
If the user has authorized your app on the API though, you can use the /2/users/get_current_account API call to get their account information, including email address.
Related
Just curious,
In case I want to make application using API for login(i.e Facebook of Google+)
What user's unique key do I stored in my database? Do my apps have same user's unique key as them(Facebook or google+), or they generate a new unique key for my user when sign in my apps? And what type of data is it?
Do I duplicate user's information into my database or keep accessing user's information from Facebook or Google+? Like do I have to create table for user's name, gender, birthday,etc and register user's information once user login to my apps or straight access it from Facebook or Google+ every time my apps needs it?
Is it really safe for user to using login with API? Can someone using API to get user's email and password, or make post in user's Facebook or Google+ that user don't want to post, or hijack user's account?
This might be common case, but I have no experience in using API so I have no idea about that.
What user's unique key do I stored in my database? Do my apps have same user's unique key as them(Facebook or google+), or they generate a new unique key for my user when sign in my apps? And what type of data is it?
When you use Google or Facbook signin you really only need to store the information that they return to you.
LoginProvider ProviderKey ProviderDisplayName UserId
_____________________________________________________________________
Facebook 1969950809700159 Facebook 21248583
Google 117200475532672775346 Google 21248582
User Id is the users id from my user table. Where i store there user information my system needs ProviderKey is the users Id on the login providers system.
Do I duplicate user's information into my database or keep accessing user's information from Facebook or Google+? Like do I have to create table for user's name, gender, birthday,etc and register user's information once user login to my apps or straight access it from Facebook or Google+ every time my apps needs it?
You can duplicate some of it when the user creates or links their account to your system but i wouldn't automatically update it without informing the user you are doing so. Some users dont realize how much information you have access to via linking to social media accounts.
Is it really safe for user to using login with API? Can someone using API to get user's email and password, or make post in user's Facebook or Google+ that user don't want to post, or hijack user's account?
I think you are confusing identity for Authentication. Using Oauth2 you request a user to grant you access to see there data though an api this is authorization. If you are using Google+ or facebook signin you are using an identity server and signing in as the user. You should be using signin if you want them to login to your system using their social media accounts. By singing in you are that user. No I dont think they can be hijacked using signin.
Is there a way to get a user's facebook user id from their login email address?
I want an API call where I can provide joe#example.com and get facebook user id 342255534.
I'll use that id to call http://graph.facebook.com/342255534/picture?type=large
The closest thing I've found is https://graph.facebook.com/search?q=EMAILADDRESS&type=user&access_token=ACCESSTOKEN, but that requires an access token, which I'm hoping to avoid.
I know this isn't how it's supposed to work, but is there a way to get a generic access token?
You can use your own access_token for the application, and change it to a long-lived access token so you can make the API call in a cron. The only issue is that you will have to login to the app every so often to update the access token.
UPDATE: The User Search API is now deprecated, so you cannot search using email addresses. But name based searches still work.
You can create an app and get an access token for that app. Instructions are here: https://developers.facebook.com/docs/authentication/applications/
Unfortunately, a search for a user_id by email only works with a user access token.
You don't need to be friends with a user to get their id by email address.
I'm unable to fetch the user's email address even though I've added the email in the extended permissions for the app.
This is the preview box that I get when i'm editing the app's details
Yet i'm unable to get the email address of the logged in user.
This is the url i'm using for fetching the user info
https://graph.facebook.com/me?fields=first_name,last_name,email,gender&access_token=+accessToken
This is the data i'm getting from facebook
{
"first_name": "Varun",
"last_name": "Achar",
"gender": "male",
"id": "1XXXXXX66660851"
}
Any ideas?
I don't know why the Authenticated Referrals approach is not working for you, but here's how you can ask for the email address and get it in 2 other ways (you'll need to deactivate the authenticated referrals though):
(1) Serveri-Side Authentication - When facebook load your canvas page it's doing that by POSTing to your canvas url, providing the *signed_request* parameter. With that you can check if the user is authenticated or not (if he is, you get the access token and other things about the user such as his fb user id).
If the user is not authenticated you send him to the following url:
https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_url=YOUR_REDIRECT_URI&scope=email,publish_stream,etc
When the user gets back you should have an authenticated signed request.
(2) Client-Side Authentication - You use the javascript sdk to authenticate the user in your canvas page.
Once you have an access token you can get the email address by issuing a request to:
https://graph.facebook.com/me?fields=email
Or from the client side you can use:
FB.api("me?fields=email", function(response) {
console.log(response);
});
Edit
You should read the javascript sdk documentation? especially the FB.login part.
It shows an example of how to use it and asking for more permissions (using the the scope parameter)
This is how I finally got it working. Couldn't get it working through the Authentication Referrals so had to do this
FB.login(function(resp)
{
// Handle the response.
}
, {scope: "email, user_relationships"});
Am developing a system for an app to award points users for recruiting their friends. When the friend accepts the request I can retrieve the id of the person who invited them but can not find their email.
Have tried:
$fbInviter = $facebook->api("/$inviterId", 'GET');
$fbInvEmail = $fbInviter['email'];
but it appears ['email'] isn't in the returned array.
The app requests permission from each user when the first access it aswell as requesting offline access so permissions shouldn't be a problem.
Any ideas?
There is no way to get the email address for a Facebook user other than the current user, and the current user's address is only available if they've granted you the email extended permission
I prompted for the "email" permission in my Facebook application. However, when I access the graph api of the user, there is no field called "email" available even though I know they have an email on Facebook. Why?
As far as I know based on my experience with their API, Facebook does not offer access to the messaging framework, therefore you are not allowed to send messages on a user's behalf.
Is this for a test user where you know they accepted the permissions prompt and have an email?
How are you trying to get the email? I get them via FQL:
SELECT first_name, last_name, email from user where uid = {userid}