I have a C# application where I need to connect to Box and retrieve files automatically without user interaction. I have a client id and a secret id but now sure how I get the authentication code. How do I make the OAuth call?
Not possible using V2. Try out the new Box platform.
Related
I am trying to develop a Flutter app, with which users can login with their Square account credentials, and I can use OAuth2.0 to get their access token, and use it to make calls to the Square API.
I am confused with the whole flow: after the users sign in with their Square credentials, how do I get their client secret/ app id (which are required for the obtaintoken API call). To get the access token I need those, but there doesn't seem to be any functionality for that. Right now I am testing by hardcoding both in a .env file, but how to do it for an end user? I'm currently using FlutterAppAuth.
You would use your client secret and application id. The idea behind OAuth API in Square is that the Square merchant(s) you onboard do not need to worry about creating an application, so they actually wouldn't have these credentials at all.
Using the OAuth API, you will be able to generate an access token using ObtainToken with the code that you receive. The rest of the parameters are specific to your application.
You can see the full flow on the doc site here: https://developer.squareup.com/docs/oauth-api/how-oauth-works.
I want to create a chat application with two forms of login, a standard login form with username and password, and a secondary method using single sign in for logging in using facebook, but the user only needs to specify a username.
I'm planning on designing the application in two parts, a server side module which will be my own custom rest api, and an android application module.
I would like a way to authenticate the user from the server side. I was thinking of having the android application send an facebook api access token to my server, and then having my server check if it works for accessing their private data, but I'm unsure if this is valid enough proof that it is the original user. Is there a more standard way of checking if a the facebook user is who they say they are?
We use Google Cloud Endpoints with a GWT application. For authentication on OAuth2, we use gwt-oauth2 (http://code.google.com/p/gwt-oauth2/) but it keeps prompting user with a popup window on the first access and every time the token expires. It is not a good user experience as it was before using just Cookie Authentication with Google Accounts.
Does anyone knows any other way to authenticate to Endpoints with gwt without prompt the user with authorization screen, or, at least, without prompt every time the token expires?
I'm unsure if gwt-oauth2 supports immediate mode, but if it does, that's the solution for repeated access prompting with a popup. (If it doesn't, it's a bug/feature request for the library.)
The Google API JS client uses immediate mode to get a fresh token, without a popup window, whenever the user has previous authorized the application (as seen in the documentation). You need to replicate this behavior inside of your library.
You will always get a popup window the first time a user accesses your application, by design.
I'm using the following Facebook Client SDK inorder to authenticate a user without a page refresh (works great)
http://developers.facebook.com/docs/reference/javascript/
The problem I have is I want to store some data along with that user in a local database. SO if the user authenticates himself it would pull back his given data.
I'v seen access tokens but that isn't a permant link to the user. What exactly do I need to check server side as well to guarantee the user and what would I need to store in my DB (account table)?
You could get the user facebook id and check each time if he is present in the database or he is a new one.
background: My friend has a minecraft server with a white list. The community for that server is managed with a facebook group, and the white list is a facebook document within that group.
Currently the whitelist is managed manually from the facebook document, and we would like to automate the process, ie. run a script that automatically reads the document and generates a new white list
so far ive figured out that us can use the graph api and do a GET for https://graph.facebook.com/<doc-id>?access_token=...
and i was able to see the json object using the explorer tool
but the access token only seems to be valid for one user for one session, which means i would somehow have to provide my username/password and get a new access_token every time. that's the part where i'm not sure what to do.
Actually no, you can register you own Facebook app https://developers.facebook.com/apps and get an access token from the url
https://graph.facebook.com/oauth/access_token?client_id=ID&client_secret=SECRET&grant_type=client_credentials
Then, you can use this token for requests.