Currently we are using "writeToSpulnk" custom policy to export API transaction logs in API Connect. This custom policy we have designed in such a way that it will send request and response headers to Splunk. So here we are not logging header information in API manager Analytics using Activity-log(which is inbuilt in API Connect). Those are set to default only. Now because of some business reasons we decided to remove "writeToSplunk" custom policy and get header information in API manager analytics itself. We want to achieve this task without redeploying any existed APIs.
Could you please suggest us the best way to do this task.
Thanks,
Triveni N.
I tried removing "writeToSplunk" policy by commenting out some code in source file of custom policy and reimported it in API Connect policies. By doing this I am able to stop sending logs to Splunk with out redeploying the APIs. But I want to use same source file to send header information to API manager Analytics. How can I do that?
Thanks,
Triveni N.
Related
I was going through the integration documents available for snowflake & service now. But, all documents are oddly focussed on sf consuming snow data for analytics. Didn't find anything related to creating tickets for failures at snowflake. Is it possible?
It's not about the monitoring & notification aspect of snowflake but connecting with service now and raise a ticket for query failures (tasks,sp etc.)
Any ideas?
There's no functionality like that as of now. I can recommend you open an Idea for it and if enough customers want it our Product Management will review it.
For the Snowpipe, we found a way to use it. We send the error message to SNS and then we can do a Lambda function to call the Rest API of ServiceNow to create a ticket.
For Task, we find that it is possible to use External Functions to notify to AWS whenever the Task fails, but we haven’t implemented it.
Email is a simple way. You need to determine how your ServiceNow instance is processing emails. We implemented incident creation from Azure App Insights based on emails.
In ServiceNow find the Inbound Action you need to process the email or make one.
ServiceNow provides every instance with an email account
Refer to enter link description here
The instance email is usually xxxx#service-now.com.
If your instance url is "audi.service-now.com", the email would be "audi#service-now.com".
For a PDI dev#servicenowdevelopers.com, e.g.; dev12345#servicenowdevelopers.com
Is there a Rest Api call I can make to get the Session Timeout Value under Session Settings in Salesforce ?
Org-level defaults are available in metadata API but it's SOAP based, you'd need to create "package.xml" file and retrieve https://developer.salesforce.com/docs/atlas.en-us.api_meta.meta/api_meta/meta_securitysettings.htm and search for sessionTimeout
And you might need an admin account to do it, mortals typically can't view setup and use such development APIs.
It's not terribly useful anyway because every profile can override the default (Profile -> Session Settings, Profile -> Password Policies). You want ProfileSessionSetting.
Metadata API might be the only way, I don't see anything that would suggest REST API or Tooling API expose this object. I don't see it in https://developer.salesforce.com/docs/atlas.en-us.api.meta/api/sforce_api_erd_profile_permissions.htm
Consider asking on https://salesforce.stackexchange.com/ too?
Ref: Microsoft Graph API : Restrict scope of calendar.readWrite and Audit mailbox access by Application Permission
Same issue here...are there any other solutions besides limiting to a specific email or security group.
Our issue is having the app permissions Calendars.ReadWrite. The main concern is that sensitive attachments are accessible via the API. Is there maybe a way to block specific http requests? Or other way limiting access to such sensitive information
At this point we do not find any way to block specific http requests on your attachment.
By Default when using the Calendars.ReadWrite as a App Permission it allows the App CURD events of all calanders without sighin.
Provide access to the data in the entire tenent.
Best Practice is to Stick with least privilage permissions.
Try to Use Calendars.ReadWrite.Shared delegated permissions to your AAD application.
I am building a form in react and I wanted to send it to my email when the user clicked the submit button.
I was looking at Microsoft Graph API for sending the email (https://learn.microsoft.com/en-us/graph/api/user-sendmail?view=graph-rest-1.0&tabs=javascript), but checking it, seems that it needs a temporary token, so I can't use it as I would need to be changing the token every hour or so.
So, I'm basicaly trying to find an API like the Gmail but for office 365 accounts (https://developers.google.com/gmail/api/guides/sending), as we can create a gcp project and use the keys that it generates for us, instead of using a token like the MS Graph API
Generaly I would use a route in my API, but this site is static, so I do not have any API (neither serverlets, cloud functions or other stuff like it).
Is there any away to send an email through a Microsoft API from my web client in react, using only a token specific to the domain? Or is there a better away to acomplish this same result?
I highly recommend using https://formsubmit.co/. It's free and I personally use it in many projects. Works flawlessly with many features like email templating, captcha, reply_to, etc.
No backend knowledge is required. Can set it up in like 1 minute.
One option would be to authenticate on behalf of the user.
You can also have a small proxy API, dedicated for the purpose of allowing the users to send an email.
Our current process is BizTalk expose a web service for vendor to call in, where the request header contains pre-assigned user name and password. Upon receiving service call, BizTalk validates the credential against the database, extract and attach some metadata from db record to the inbound message (e.g. city, vendor level etc)
Question,
can we replace this process with Azure Active Directory? Heard it does provide a restful API, but get confused everytime reading the documentation when talk about JWT token... Does it have a straight forward restful endpoint to call to validate and extract user information?
can we customize the metadata within the AAD user?
Thanks for the help!!
1 - sure you can. There is no endpoint to perform validation, but it's easy to validate incoming tokens - we offer components that automate it. See https://github.com/AzureADSamples/NativeClient-DotNet for an example. The same location on guthub has lots of other samples demonstrating different scenarios.
2 - I am not certain I understand what you mean with metadata here. If you are referring to the info you can specify about the user: you can customize the user scheme. See https://msdn.microsoft.com/en-us/library/azure/dn720459.aspx