I am trying to call the JIRA REST API and get a request token. I have defined an application link in JIRA with consumer key and public key. But when I am trying to request the request-token with the following url
http://localhost:8080//plugins/servlet/oauth/request-token?oauth_consumer_key=consumerKey (which was used in creating the application link)
I am getting the following response
oauth_problem=consumer_key_unknown
How to get rid of this?
This link would be handy if you are using python.
https://bitbucket.org/atlassian_tutorial/atlassian-oauth-examples/src/d625161454d1ca97b4515c6147b093fac9a68f7e/python/app.py?at=default
Also use python centrifi package to get pass sslHandShakeError. ( atlassian root certificate seems to be not from known one )
Related
Ive got a rest api that connects with a MQ queue. Im using the IBM tools such as App connect enterprise, and MQ Explorer of IBM.
The thing its that when I send rest, using basic mode, the request results in 200 (ok). Ive assigned the values of users and passwords. But when I try to use inherit auth from parent, the answer it's unauthorized 401.
I tryed to modify the swagger doc, but it resulted very complex, and also It occurred to me that maybe if I develop an LTPA token, that could be a help.
Do you know a method to make inherit auth to work without asking the user and password again? Thank you
I want to use hub to create some automation script but can't figure out how to post a message to the api. More specifically it is this api endpoint I want to post to: https://developer.github.com/v3/users/gpg_keys/#create-a-gpg-key
I've tried the following:
hub api user/gpg_keys -F armored_public_key='-----BEGING PGP ....'
hub api user/gpg_keys --raw-field "body={armored_public_key='-----BEGING PGP ....'}
None of the above work, the response back is:
{"message":"Not Found","documentation_url":"https://developer.github.com/v3/users/gpg_keys/#create-a-gpg-key"}
which is not very helpful. I thought that -F meant fields within the payload, but I guess I'm wrong.
So how do I post a message with a body using hub api?
UPDATE
I did download the repo to create a modified version that has some more logging, but can't figure out what's wrong. Everything looks good from what I understand in how the request is made.
Looking through the code I found the reason to why this is. It seems like it is hard coded that you should only get the repo scopes when you log in the first time. If you use a token you've created yourself that has more access everything will work as it should.
I am using the DocuSign REST API to send documents and we are trying to take advantage of the webhook capabilities.
Our problem is that we have basic auth set up on our webhook listener which it doesn't appear is supported in the REST API. I am enquiring whether or not this is an accurate understanding. I know it is possible on the Connect product, which the basic auth can be set up via the portal, however I am looking specifically for API REST calls.
How can I secure the EventNotification event?
Many thanks,
Mitch.
As of now, according to docusign offical post:
Individual Envelope Connect configurations created with the eventNotifications API option do not support Basic Authentication at this time.
A WORKAROUND SOLUTION:
Docusign has an official blog post to answer this question. Securing Your Connect Webhook Listener
For us, we use the Use a Pre-shared Secret method to secure our webhook. We are using the python sdk. During the process we create the EventNotification, we add a secret parameter to the webhook listener url. When the docusign post the request to your listener server, it will include the secret. You could check the parameter to make sure the request is valid.
event_notification = EventNotification()
event_notification.url ='your webhook_url' + '?secret=' + 'your_secret')
The text below is quoted from the blog post.
This defense acts both as access control and authentication. The
listener URL you provide to DocuSign can include one or more query
parameters. DocuSign will include them during its POST request to your
listener.
For access control, your listener will first check that the request
includes the expected query parameter and reject all requests that
don’t. For authentication, your listener will additionally check the
value of the query parameter. Remember that you can encode any values
for the name and value of the query parameter. For this example, we’re
using “pw” as the name of the query parameter.
To use a pre-shared secret, just set the URL accordingly in the
Connect configuration. For example,
https://listener_url.example.com/listener?pw=secret
Remember that the complete URL, including its query parameters, is
encrypted before it is sent across the internet. The URL and its query
parameters are visible in various logs and configuration screens,
including the Connect webhook configuration page.
I would like to use the GitHub API to get a log of all API requests made using a specific API key. I couldn't find anything in the GitHub API documentation about getting a history of usage for my API key. Is this possible?
I'm calling the IBM Bluemix Administration API for Message Hub (aka Kafka), as described here.
Calling the endpoint https://kafka-admin-prod02.messagehub.services.eu-gb.bluemix.net:443/topics (using an appropriate X-Auth-Token value corresponding to our API key, and a GET verb) seems to work - it returns a list of the topics we've manually configured in the Bluemix Message Hub admin screen.
However, calling the same URL with the verb POST and a body of {name: 'mynewtopicname'} and a Content-Type of application/json (this appears to be the correct syntax, according to the Swagger docs for the API) doesn't work - I get a result of "HTTP 405 Method Not Allowed". That seems to happen whether I use GET, PUT, POST or DELETE (which also means I cannot delete a topic).
Am I doing something wrong?
(I'm using Message Hub on the UK Bluemix instance, if it's relevant).
To create topics you need to do a POST to the URL /admin/topics, not /topics. Give it a try and let me know if it works.