I need to send a request to a user using my custom dialog (which user has other options). After this, I have 'users_ids' to send requests.
Is it possible do this using Graph API?
(I did not find any way to do this at Requests Dialog.)
There are two types of requests as mentioned in the Social Channels documentation (section Requests): User-generated and App-generated.
You can send App-generated requests to the user both from the server and client side with out the need of using a dialog.
How ever you can send these requests only for a user who authorized your app, as it described in the connection in the user object.
The User-generated requests can only be sent using the dialogs, as the name implies.
The best source for this issue is the Requests documentation.
Related
This got stuck in my head from many days, can anyone help or say at-least this is not at all possible?
I'm working on developing a chat bot using dialogflow which integrates multiple applications along with google home assistant, dialogflow, actions on google and an application which i want to manage using chat or voice commands. Until now its good and got amazed of features providing by google.
But i'm expecting one more feature. Don't know whether any alternatives available for this or not, but i tried exploring and reached to desert. Below are my requirements, if others think this is really unique and useful to them as well then i can say they are improvements or add-ons i'm expecting from DialogFlow.
Let's take an example of a chat bot which is serving users through google assistant and as a web bot as well. Now while conversing, intents may trigger web-hook in fulfillments which may require an authentication like OTP(Nope if anyone thought it for payments) which means registered users or limited users only can perform actions. This is same as we use roles and groups in all the applications.
The way google is sending google prompt to the user for logging into gmail, is there any way that we can collect PIN or OTP or PASSWORD through some notification sent to the users phone as some card's or input box like and html while conversing with chatbot through web or home assistant etc..., so that it helps in adding more security.
I recently worked in a chatbot project where I had to authenticate my users. I'm writing an article about it, but I'll tell you what I did:
First of all, I'm using OAuth 2.0 protocol to authenticate my users, but if you doesn't use OAuth, there's no problem, you could do something equivalent.
I'm using Authorization Code Grand flow.
Let's see the steps:
Step 1 - Authorization Url:
My bot generates an authorization url which contains all needed data to identify the conversation in callback moment. Like this one:
https://authorization-server.com/oauth/authorize
?client_id={your-client}
&response_type=code
&state={conversation_id: 123456789}
&redirect_uri={your-callback-url}
Notice that the state parameter contains the conversation_id which identifies your conversation, this state parameter will be back when users return to your handler.
Step 2 - User Authentication
When users click in this link, they'll be redirected to your login page at your authorization server.
Step 3 - Callback
After users get authenticated, they'll be redirect back to your handler (an endpoint which will receive the authorization code from authentication server and the state parameter).
When it received this authorization code, it'll be exchanged by an access token in authorization server.
Step 4 - Store token
In the final step, you already has an access token and the conversation_id parameter, you can store it in a database, in a cache or be stateless. Your rules!
In my case, I'm using Watson Assistant with Cloudant database, and I store those access tokens in my database. So, when users request something to my bot, it could get this token from database and pass to my back-end servers.
This kind of approach, I call "magic link". And you could improve it by shortening the url as bit.ly does.
I hope it could help you, feel free to ask me if you need.
Best
You probably don't want to implement the OTP scheme yourself. While you could do this, there are other systems already in place that will do this for you.
The best is the one that you reference - Google Sign In.
Fortunately, you can leverage Google Sign In for both your website (where you would get the user to sign in and then pass this information along as you do the Dialogflow calls) and for the Assistant (where Google will pass along an ID token, indicating it has authenticated the user).
I am using webhook to create bot for page. I got everything but not getting where to get Callback URL
I think you're misunderstanding the concept of webhooks. The Callback URL is simply the location that you want Facebook to deliver messages to.
For example: if you are running a server at https://my_awesome_service.com and you want it to receive facebook updates, you would first create a route (let's say /v1/facebook_subscriptions) in your service. Once that's ready, you would insert https://my_awesome_service.com/v1/facebook_subscriptions into that Callback URL field. Facebook will then do a GET on that URL, which your server must reply to correctly. After that's done, Facebook will start sending you POST's, based on the subscription fields you set up.
There's a lot more information about this in the Facebook API Docs.
Callback URL(s)
A callback URL indicates where the user is to be redirected after a successful sign-in. Choose at least one callback URL, and it should:
Be an absolute URI.
Be pre-registered with a client.
Not include a fragment component.
See OAuth 2.0 - Redirection Endpoint.
Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.
App callback URLs such as myapp://example are also supported.
My company is currently writting a REST API where they allow querying for Active Directory specific information via a POST requests.
In the request body the following information gets sent to the API:
Filter (LDAP)
Properties to return (e.g userAccountControl, sAMAccountName)
From a personal point of view I would have definitely realised it via simple GET methods.
Is the POST method approach the recommended way to so? Are there any particular reasons to implement it with POST?
I can see slight advantages of using a POST request. It is certainly more secure for sending any sensitive data, because the body of the request is not cached by the user's browser and other network devices on the way. Also a POST request allows you to send an unlimited amount of data, but that is probably not relevant for this use case.
I'm trying to stream the real time public feeds using Facebook Web-hook API. Here I'm trying to set up a page subscription in Web-hook console. There is a field called Callback URL. What is this URL about?
I have also tried going through the documentation for Setting up callback URL. but I Couldn't figure out.
https://developers.facebook.com/docs/graph-api/webhooks#setup
Cant the callback URL be SSL localhost? Whenever I try to give a localhost URL i get a error message "Unable to verify provided URL".
You can forward the request to localhost with the following:
Download and install ngrok from https://ngrok.com/download
./ngrok http 8445
Subscribe your page to the Webhooks using verify_token and https://<your_ngrok_io>/webhook as callback URL.
Talk to your bot on Messenger!
Facebook will make a request to that URL from their servers to deliver the updates – so of course it has to be publicly reachable over the internet, which a localhost address obviously isn’t.
Facebook will send a request to that URL if any data for the object and fields that you subscribed for changes. And what the data structure looks like, is described in the docs. For page fields it returns the new content directly; for user fields it will only tell you which fields have changed, so that you can then make a request for that data.
You can only get real-time updates for pages that you have admin access to. And the Public Feed API is not deprecated; but access to it is limited to a small set of Facebook partners. You can not apply to become one – if you absolutely need this kind of data, then you’ll have to contact one of those partners and have them develop a solution for you.
I think it means that you need a server which has a fixed IP address. If you want to use the real time update from the Facebook, you need to build a server which receive the post request from Facebook and meanwhile keep a long connection to you endpoint so that the endpoint can receive message pushed by the server.
You have to write a webhook to get the fb request from fb server as well as the webhook should be running in a public ip address, this public url is the one to be filled it out on the callback url box. So that the fb server could update you through the url which is nothing but the url of running webhook. To get the public url address for fb recognising your webhook, you can use ngrok or can host your webook in heroku.
we need a way to provide our clients corporate-website with a list of their social-network activity.
That means that the website should show a list to preview/links to some of the latest posts/messages in our clients facebook-fanpage or twitter tweets whatever.
so i think it is an opportunity to create an HootSuite-Account http://hootsuite.com/, do all relevant posts, centralized by their interface, and then use their Engagement-Api to request the HootSuite-Backend by the Corporate-Website.
i am not sure if we can do that with the EngagementAPI, because of Authentification.
Every visitor of the website should be able to see all the posts/messages without have to connect or authenticate by login.
Is this possible without any token or is there something like an application-token the website can use.
Any experience with that topic are welcome?