I am successfully using OpenID and OAuth in development mode. Once I am ready to move to Production will the process change in a way that the authentication/authorization process will not require manual intervention? Today I click on the "signin" button to authenticate using OpenID. I then click on the "Authorize Quickbooks" button to authorize using OAuth. During these two processes I am redirected to Intuit where I click on buttons to allow authentication/authorization. Will I be able to achieve this process through code? I am working on a SaaS application and need to authenticate/authorize in code because the manual steps will not work with the application I am working on.
Your app should work the same way in development as in production.
Make sure you have gone through the requirements checklist - http://docs.developer.intuit.com/0025_Intuit_Anywhere/0010_Getting_Started/0040_Publishing_Your_App/0010_Reviewing_the_Requirements_Checklist
There are different requirements if you are just doing the Connect to QuickBooks flow or you are also wanting to be listed on Appcenter.
Do the free trial on a couple of the apps in the app center to see what they are doing. I tried out eBillity, their app picks up OpenID and OAuth without user interaction during the subscription process.
Based on that, yes, I think you can achieve it all in code. Personally I have not been able to get the OAuth tokens without user intervention.
Update: Use this JS method to do the OAuth authorization during the subscription process:
http://docs.developer.intuit.com/0025_Intuit_Anywhere/0060_Reference/JavaScript_Functions/directConnectToIntuit
Related
I’ve got a set of APIs written in ASP.NET. These are to be accessed by a web app and native mobile app, and should be protected by the SSO.
I would like to be able have a SSO, where the user can login online and access the web app, and can also login on the native app (via the browser), and it’ll remember their login details (ie with an authorization_token).
I’ve been looking into IdentityServer4 but I’m a bit stuck on which authorization flows I would need for this.
Any help is appreciated, as it’s starting to hurt my brain! Do let me know if I need to explain it better.
For flows, there are today only two flows you should consider.
Authorization code flow, this flow is for clients where you want a user to login/signup, like a mobile app or web-application. Meaning, you have a user and a browser involved here.
Client credentials flow, is all about machine to machine communication, where you have no user involved.
In Azure Logic App, I added a Twitter connector, even after Authorizing the same, the Authorize button doesn't go away and I am not able to proceed.
Sajad,
Currently the default application associated with Logic Apps for Twitter is broken -- we are looking to fix it. In the meantime, if you associate the Twitter API App with your own Twitter App information (you can set one up for free), the logic app will run and authorize successfully. Here's some details on how you can do that. Let me know if you have any questions or issues, and apologies for the inconvenience
http://aka.ms/oauth_connectors
I wrote a facebook app that works and am now going through the process of making it available to everyone. It has been repeatedly denied by their vetting team for not using Facebook Login and Facebook Connect.
But I want to use a manual process to login, and on their Facebook Login page, they mention that using a manual login process is still an option.
If for some reason you can't use our JavaScript SDK you can also
implement login without it. We've build a separate guide to follow if
you need to implement login manually.
Also I noticed that Web is no longer an option for Platform, not sure why or if that's needed.
Is there any step or setting I am missing?
I have an packaged app in the Chrome Web Store that I'd like to transition from a paid app to a free one with in app purchases. I need to be able to detect if the current user had paid for the app previously.
To be able to use the licensing API, I need the current user's OpenID URL. I was able to get this to work using chrome.identity and a popup dialog that the user has to authorize. But it is a bad experience and kind of a scary dialog.
For hosted apps, it's possible to get the user's OpenID URL without any user interaction or authorization. (see How to skip the OpenID approval screen). It would be fantastic if somebody knows how to make this work without user interaction for packaged apps.
I've detailed some of the approaches I've tried on this chromium-apps thread. I suspect it may be possible to do this with chrome.identity.launchWebAuthFlow but I wasn't able to discover the exact incantation of parameters to google's oauth/openid endpoints to make this happen silently.
I think you need to refer to this Link1 Parameters
this parameters are different techniques using that you can do this task..
also To bypass the Login/approval screen refer this link2
Here in the section How to skip the OpenID approval screen the details are explained which you can use..
And In case of packaged app this should ask for permanent permission that will help in OAuth throughout the life of app..
Client Library JavaScript Based
Authentication using Library
After your comment I thought this you can bind in your app.!!
Let me know what works for you..
Is it possible to authenticate to facebook without using one of their web page dialogs? I'd like to build a windows service that runs in the background and does a few FB tasks periodically for me.
Depending upon what you're trying to do you should only really need a valid token which you can generate at the developer portal under your application settings. Make sure you enable offline_access to generate a long lasting token.