I would like to send an invitation request from my Facebook application written in C#.
Here is what I tried:
_fbService.API.notifications.sendEmail(DataList1.DataKeys[e.Item.ItemIndex].ToString(),"Invitation to play a game", "You are invited to play the game","");
This does not work, it only sends a notification, not a request.
What am I doing wrong?
If you are asking how you can send invitations to users who have not authorized your application (i.e. not inviting your application users to use a new feature or participate in an activity), then you can't with the API.
From the API documentation - Notifications.sendEmail:
Sends an email to the specified users, who have both authorized your application and granted it the email extended permission.
The API function that did allow this was Notifications.sendRequest but it has been disabled, perhaps due to consideration of abuse and security. See the documentation for the alternative.
Related
does anybody know if it is possible to create an email client app which retrieves mails from a O365 account via MS Graph without registering the app in Azure AD?
I think there must be, because how could email apps like the in-built email on the iphone connect to O365 accounts without this? There, I enter my email adress, password and one time (each 90 days) my token which I received via phone (and what I think is cached somewhere?)
Any hints or tips are highly appreciated.
Thanks in advance.
The client can send some request header showing they are authorized, but if the app (for eg: email app) sends the same request header, it will be rejected unless it's registered.
Thank you Md Farid for the comment, In most cases, Microsoft Graph API also need required permission along with token.
The below document involves manually registering an app with the Azure AD, using OAuth 2.0 On-Behalf-Of flow
https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-on-behalf-of-flow
Following this github article I am able to authenticate against GMail using OAuth2 and send gmail messages programmatically uisng SMTP and IMAP (clients from MailKit). The link was kindly provided by the author (jstedfast). The problem with the method is that it opens browser popup and requires user to authenticate, at least from time to time. Maybe this is because the method uses "User Secret" and not Service Account and private/public key, but I do not know for sure.
I need to send an email from server-type application, where there is no user to manually push the process forward. So far, the app is using standard SMTP authentication but this requires GMail/GSuite accounts to have "less secure" setting enabled and the customer does not want that.
There is a very old post (also by jstedfast) that shows how to authenticate email client with OAuth2, using Service Account and public/private key. I followed that article to the letter (except that I used json-packaged certificate, instead of p12 and used GMail not GSuite email) but the results are negative. Namely, when I try to execute client.Authenticate(accessToken) the response is exception that reads {"status":"400", "schemes":"Bearer", "scope": "https://mail.google.com/"}
I have access to GSuite and would not mind using it if necessary but, I have not found definite instructions and example that works. Would anyone be able to point at C# example that authenticates with OAuth2 through private/public key encryption and does not require user interaction ?
This is possible with web app type OAuth client ID and manually created refresh token.
How to create correct OAuth client ID and get refresh token: https://stackoverflow.com/a/24123550/6075536
How to send email with MailKit then: https://stackoverflow.com/a/52413127/6075536
And keep in mind Refresh token expiration rules.
I have a website (say website1.com) that wants to let users login via their own corporate Yammer accounts. I signed up for Yammer (Basic/Free) account using my adminuser#website1.com email address. Then created an App and setup the whole OAuth server side workflow.
Now say a user with email address someone#website2.com wants to login to my site using Yammer. They have their own Yammer accounts using the website2.com domain.
Things work perfectly when any user with [xyz]#website1.com email address tries to login.
For other (external Yammer users) things work till the point of getting to the Linking page in OAuth workflow. After user says "Allow" (linking of their Website2.com network) with my App. Yammer redirects to back to website1.com with authorization_code. The next step as per documentation is to do a POST and retrieve the access_token. This request is failing with the following error.
Forbidden (403): Failed to retrieve access token. HttpStatusCode: Forbidden, Your network is not allowed to request an OAuth token for this Application
Initial web search indicates I have to Deploy my app and request for Global Access approval. I have done that but not received any response yet (only been 24 hours).
However Yammer's API documentation states I can create an external network and invite external users into my network to test external network access.
So I created an external network using website1.com's Yammer account, and invited someone#website2.com to my network. However, the user still can't login to Yammer on website1.com. Gets the same 403 error.
I am now worried that free/Basic Yammer networks cannot create Global Access apps and my request to Approve App will go unanswered. So the question to the community is: Has anyone managed to create a Global Access app on Yammer that allows external networks to be used for OAuth, using a free/Basic Yammer account recently (after MS bought Yammer and rolled it into O365)?
We managed to get this sorted with help from the Yammer team. To answer my questions:
1. Yes, free Yammer accounts can request for Global Access.
2. Submit your App through Yammer after putting in all mandatory data.
3. Yammer team with get back with request for further details. Respond to them nicely. (Be prepared for some security related question about your own site/app).
4. In about 5-7 working days, your app will get listed for Global Access and the Yammer team member will inform you once it is done.
5. If you request for Public Directory Listing (where your App is featured along with other apps) there are additional steps that we haven't done yet.
I am writing a small client to sync the outlook calendar on a machine with a user's google calendar. I am using .Net (C#).
I just read about accessing the Google Calendar API using the Google APIs Client Library for .NET and tried some basic stuff.
Now regarding the Authorization, as far as I understood, the new "OAuth 2.0" Authorization requires a "user consent", which means the user is directed to a google page where they must explicitly allow my application access to their calendar.
As if this user interaction is not enough, I as a programmer have to handle "access tokens" or "refresh tokens" and all that stuff.
Now my question is:
Is there really no easier way to have an installed application communicate with the google API to access a user's calendar?
I would like my user to enter his username/password in a "Settings" dialog. His credentials would be stored locally (encrypted of course) and then be used later on every access via google API. I know this can be dangerous and all that however I would like that decision to lie with me.
So, is that possible?
No that is not possible. The entire point of OAuth is the user never gives a 3rd party (you) their username and password. The only thing you get is a token that allows you to connect that the user can revoke at any time. (Also if the user changes his password, you can still use the same saved token and do not need to make the user update their settings).
If you decide to "work around" this by saving the username and pasword and performing the "authorization" yourself you will be in violation with the TOS of the API and will have your application banned by Google (or any OAuth provider if you try it with someone else) for not following the rules.
I am developing a project where I need to send tweets from my web applications. These tweets must be send via my account instead of user's account. The OAuth library forces us to show log-in screen which is not required in this case. I am looking for a way to log-in to twitter via my username and password (we are not asking user to submit username and password) and tweet a user activity or something...
the OOB/Pincode method is not feasible as well as it requires human interaction by entering pin code...
It could achieve if twitter have support for old authentication method (I believe Twitter no more support old auth method) .... Does anyone have idea how can I achieve this by OAuth or anything else?
I believe you need to use Twitter XAuth for this. It will allow you to generate a non-expiring access token for your application using a username/password. Once you have this you can dispose the username/password and use the token to authenticate further requests to the API.
If you want to send the tweets from the same account as the one your application is registered with, I believe you can also just use the access token provided in your app settings page. The documentation is here. You can skip down to the part where you have the OAuth token and need to sign the request.
I've provided an example of how to authenticate against Twitter using oAuth and the application access token here.