Below rest api provides the membership details of a box user:
https://api.box.com/2.0/users/335014321/memberships
Is there a similar api that will fetch folders connected to box user?
I have tried below rest endpoint but gave response status:
405,"code":"method_not_allowed".
https://api.box.com/2.0/users/335014321/folders
You would probably not be able to get the folders connected to a box user without the oauth token from that user.
If you are an admin of a box enterprise account. You can use the As-User header. You can take a look at this
https://box-content.readme.io/reference#as-user-1
You would have to get an access token as an admin to be able to use the As-User call as well as sending a Support Ticket to Box Support to ask them to activate your application to allow the usage of As-User.
Related
When attempting to make calls to the Shop and Data SFCC APIs with a sandbox store, is it the sandbox URL itself that should take the place of "https://hostname:port" in the endpoint URL? It's not super clear from the documentation. My SFCC sandbox URL is in the format "https://XXX-001.sandbox.us01.dx.commercecloud.salesforce.com/on/demandware.store/Sites-Site/" (realm ID redacted here). Using that URL with the format suggested by SFCC's API docs doesn't seem to do the trick, but I'm lost as to what other URL would be used here.
Try using the API Explorer first
With the API Explorer, which is an SFCC-built API client UI. You should modify the URL with your sandbox URL:
URL- If your sandbox URL is https://helloWorld-001.sandbox.us01.dx.commercecloud.salesforce.com/on/demandware.store/Sites-Site/, your OCAPI URL should be https://helloWorld-001.sandbox.us01.dx.commercecloud.salesforce.com/s/-/dw/meta/v1/rest
Account Manager Access Role - You need to ensure that you have the OCAPI Explorer access role in your Account Manager as well, and to the correct realm
Client ID - Ideally, your administrator should assign you with a API Client ID too. Else, use the default client ID for sandboxes (which is, type out 30 'a') and for password as well. NOTE: Do not use this approach for production/dev instances as it is a security vulnerability.
Once you are able to see the APIs showing, you should tinker around with the Version (i.e. 20.2 etc.) and the Site (i.e. RefArch) until you see the desired APIs in API exploerer. If this works, then you should have the necessary access and permissions to access OCAPI
I have created the service account and can see the details in admin console, I need to get the service accounts userid without going to admin console. Is there a api call for that?
Yes, you can use the Get Current User API call:
https://developer.box.com/reference/get-users-me/
The response will contain the ID for the current user, which is normally your service account when using JWT Auth:
https://developer.box.com/guides/authentication/jwt/with-sdk/
Here is a recent forum post which is similar:
https://support.box.com/hc/en-us/community/posts/360049526313-How-to-create-an-email-alias-for-a-JWT-app-
The mailid/userid will be visible to the admin in admin console. The easiest way is to contact the admin to get it.
I got 401 unauthorized when trying to export a report from Power BI online by using the Power BI REST API.
My access token works fine with other API methods. I am also setting full API access in App registrations.
When I logged in by using the same account and use 'try', the access token provided in this test actually works.
https://learn.microsoft.com/en-us/rest/api/power-bi/reports/exportreport
Has anyone successfully used this method?
You will need to create an Authentication app and provide the right privileges corresponding to the REST API you are loading from. For this particular API Microsoft suggests to provide Report.Read.All or Report.ReadWrite.All privileges.
You can achieve this directly by creating an authentication application from https://dev.powerbi.com/apps.
You will also need to make sure you grant the admin consent once your app is up and running.
Also, make sure the request you are creating is in the right format. If you match your request with the one specified here : https://learn.microsoft.com/en-us/rest/api/power-bi/reports/export report and test to check if it working with your parameters and login, you should be able to make it work with your code. Also test it with Postman to make sure you are entering the right configuration in the request and you know what you are requesting.
Once you have all this in place, you should not have any issues accessing the right data.
I have been experimenting with the REST API using my logged in user account's token to then make PUT requests on my user record to update some custom attributes.
In order to get to this work I had to grant my user account the manage-users role in Keycloak, prior to this I was getting forbidden responses back.
I can now make the PUT request successfully, and after logging out and logging back in I can see the updated attributes I set in my PUT request.
But I have now allowed my user to be able to manage all users in my realm, which I dont want to allow.
Instead I only want to be able to update my own account details.
I know the user can view their own profile and make changes on the Keycloak provided screens. But for certain custom attributes I want to be able to do this from the client side application they are logged in to, so using the REST API but not granting them a role that could allow them to update other users details.
Is this possible?
According to the User section Keycloak's Admin REST API, this is not possible.
One solution would be for your client app to send the update request to a backend. The backend will verify that the update request is legit (aka the JWT is verified and the update does apply to the user requesting the change).
Another solution would be to theme the User Account Service's screens to add input fields for your custom attributes, as the documentation says that:
This screen can be extended to allow the user to manage additional attributes. See the Server Developer Guide for more details.
The second option seems the more secure. I hope that helps.
This seems to be possible with the Account Management API.
Unfortunately, I didn't find any official documentation about that. However, there's an example in Keycloak that demonstrates how to do it.
I want to automate virtual server deployment on SoftLayer using API (REST API preferred). The idea is to create a new user in the portal with API access but I want to restrict its access to only some calls: Order Virtual Server or Get virtual servers detail.
But do not allow the user to access other services like: Bare metal ordering, determine next billing and all operations related to billing/invoice.
Is it possible to limit API access for a user for that use case ?
Thank you.
what you can do using the API is the same that you can do using the Softlayer's control portal, You can see all the permission that you can grant to the users by going to:
Account->Users on menu
Click over an created user and click on permissions
There is a permission to allow to your users see the billing items, this permission is called "View Account Summary" so you can disable the permission and your usaer will not be able to see the invoices. For servers there is a permission called "Add server", but this permission is for Bare metal servers, Virtual guests and for the rest of oders if you disable this permission your user will not able to order neither Bare metal servers nor Virtual guest.
Now using the API you just need to use the method:
http://sldn.softlayer.com/reference/services/SoftLayer_User_Customer/addPortalPermission
e.g. using REST:
POST https://$USER:$apikey#api.softlayer.com/rest/v3/SoftLayer_User_Customer/$USERIDOFUSERTOEDITPERMISSION/addPortalPermission
payload:
{ "parameters": [
{
'keyName': 'TICKET_ADD'
}
]}
You can use this method to get the list of all permissions in softlayer:
https://sldn.softlayer.com/reference/services/SoftLayer_User_Customer_CustomerPermission_Permission/getAllObjects
Regards