I have a requirement to connect a new QuickBooks company to salesforce.
the setup of sync invoices and payments from salesforce to QuickBooks is done and working correctly.
recently we have had a new company sync data in that company.
we are doing this using named credentials and use different named credentials for each company.
but after putting the required information in the named credential the option to choose a company is not appearing and it directly says authenticated.
Not sure it happens because of any new update from quickbook
Check below Images
All Named credential
Named credential
Thanks, In advance
Related
I'm using Strapi V4 and have configured Microsoft Azure Active Directory as the provider to login. By default, this extracts basic information like the users email and saves it to the Strapi User. Active Directory provides additional fields, like user groups and roles, and I'd like those values to be saved on the Strapi User too. Each time the user logs in I'd like it to update the Strapi user record in case the users Active Directory values change.
How do you modify the core user record information that is saved when using a custom provider?
You can set up a webhook that will periodically sync the group membership from Azure AD to Strapi.
To set up a webhook that will periodically sync the group membership from Azure AD to Strapi, you will need to follow the steps which include installing and configuring the Azure AD integration plugin for Strapi, creating a subscription using the Azure AD Graph API, and creating a server-side script to handle the incoming webhook request and update the user roles in Strapi.
You would like to connect with Strapi for the script and webhook setup.
Thanks
I am setting up a new company and we are using Azure AD. We are remote-first and cloud-only. We do not and will not have an on-premises Active Directory controller.
How is it recommended to store employee data such as birthday, hire date, and social security number? It is unclear how to extend the schema. When I try to fetch a birth date using the Graph API, I get "Error message: This operation target is not yet supported.". When I extend the schema using "External Identities -> Custom User Attributes", I don't see a way to edit those inside the Azure AD portal.
My administrative interface is a Java application built using the Microsoft Graph API. It works fine for the standard fields (e.g., displayName, givenName, surname, etc.).
I am currently integrated with a PostgreSQL database in Azure using the authentication that works against the Azure AD API. That works fine and I can put employee metadata there, but is is not clear if I should.
We can store the employee data like birthday and hire date in azure AD through couple of ways.
One way is to use azure ad connect (if you have on premise active directory) and the other way is using schema extensions. You need to use Microsoft Graph API to work with azure ad schema extension, there is no direct option to extend the schema from azure portal.
Please follow the steps in this doc to Create schemaExtension
Schema extensions are supported for following resource types.
1.contact
2.device
3.event on a user or Microsoft 365 group calendar
4.post of a Microsoft 365 group
5.group
6.message
7.organization
8.user user resource type
Here is the reference article written by #Toni PohI, About Azure AD schema extension Working with Azure AD schema extensions and Microsoft Graph
Using AAD Connect you can flow an extension attribute from AD to the MV attribute employeeHireDate which will export successfully to AAD.
Make sure your extension attribute uses Generalized-Time syntax. These dates are strings in the format "YYYYMMDDhhmmss.0Z".
Then create an inbound sync rule to populate employeeHireDate
This will flow to AAD. This was completed with AAD Connect Version: 2.1.16.0
I have a specific problem to which I couldn't find any answer online.
The situation is the following:
We created a Canvas app that connects to the Azure SQL database. We set the connection type to be AAD integrated.
Users that are members of the AD can see the data in the app, but guest users, even though we gave them all the rights and PowerApps plan, cannot see the data. they recieve the same authorization window as members, but when they click on allow, the app starts but no data is being pulled from the SQL database.
When we try to connect directly to the Azure SQL database with the guest user email and credentials (via SQL server management studio), everything works as expected and the guest can see all the tables.
When we use implicitly shared connection (with SQL server authentification), guests can see the data, but we need to use AAD integrated due to its security.
So far we tried:
Changing PA environment from sandbox to production
Adding special permissions in SQL database like database owner etc
Trying out different AAD guest user settings, eq- setting that guest users have the same privileges as members (picture below).
Nothing seems to work. I would be more than happy if you could tell me how to make this work or even push me in the right direction.
I've reproduced your problem in my side. Here's my experience.
After assigning powerapp license(I use O365 E5 here) to guest account and share the app to this account, I can visit the app but can't see the data in the table. I assume that it resulted from the connector hasn't been shared, but it's true that this connector can't be shared because of no 'share button'.
Then I tried to add access policy to my guest account with these two sql:
CREATE USER [tiny-wa_outlook.com#EXT##xx.onmicrosoft.com] FROM EXTERNAL PROVIDER;
GRANT SELECT ON dbo.tinyTest TO [tiny-wa_outlook.com#EXT##xx.onmicrosoft.com];
Pls note here, I used the User Principal Name here(can find the principal name in azure ad->users), I also tested to use 'tiny-wa#outlook.com' in the sql but after executing successfully, it didn't work.
So I think you can try to use the sql above to add your guests accounts and make them can access the powerapp.
Here's some related docs:
create contained users mapped to azure ad identities
Share app resources
add table permission to user
==========================UPDATE==========================
Share my experience of this troubleshot.
First I need to create a power app but I found that after creating the connector with sql server azure ad authentication, it can't connect to the sql server, the error message is like 'Credentials are missing or not valid. inner exception: The credentials provided for the SQL source are invalid', solution is add my admin account as sql server instance Active Directory Admin.
Then I choose a table and successfully create a sample app. With the creating account, I can visit the app but other accounts can't. Here needs to share the app and it's related connectors to other users. But other accounts still can't reach the app because of no license. Because sql server connector is premium connector, so I assign O365 E3 license here. I met an error when assign license, the user's 'Usage location' can't be null or it can't assign license in M365 admin center.
Then I met similar error with Op, the difference is that both member account and guest account can't see the data in app. I try to find the way to share the connector to these uses but failed, I haven't made sure if those connectors without share button can be shared to others. So I have no options to study if this kind of connectors are authenticated in other ways so they don't need to be shared at all.
Next actions is using the account which used to create the sql server and database to sign in database and execute the sqls above.
Then the member account can see data in the power app while the guest account can't see. The reason is I used xx#outlook.com as the parameter in the sql, when I used xx_outlook.com#EXT##xx.onmicrosoft.com, it worked finally.
Hope this can also help you.
===================================================
For creating my demo app: First, I'm sure my environment isn't a sandbox(the environment in the screenshot below). And I think it's easy to create a demo app, and my app is simple, just choose to create an app from data and then select sql server as the connector, next I choose auzre ad auth and click the connector, enter server name and database name then choose a table, after that my app has created. That table has one row of data so when I signed in the app with the creating account, I see it in the screen while other accounts(member or guests) can't.
My sql server instance and database are created long time ago, but I'm sure I followed this tutorial to create them.
This appears to still be a limitation to access to Azure SQL via PA connector for guest users:
https://powerusers.microsoft.com/t5/Power-Apps-Ideas/Azure-SQL-to-PowerApps-Connector-AAD-doesn-t-work-for-guest/idi-p/1637817
If the "guest" does NOT have a PowerApps Per-App/Per-User plan, they cannot use your PowerApps with SQL data source (Note: SQL is a premium connector).
Determine exactly which type of license the guest has. Then, either your organization or the guest (or guest's org) must purchase one of these licenses. $5/$10/$20 per month depending on your use case.
REF
How to find out which account was used to register outlook app in azure?
I have app name, creation date, api client id and and api secret id but cannot find account which was used to register the app to be able to manage it.
It's production app with thousands of users connected so disconnecting all users and creating new one is the last option...
You can login in azure portal by using any user account which belongs to your AD.
Go to Azure Active Directory->App registrations->find your application by using app name or client id->click Owners under Manage part->you will find the owner of the application.
Update:
I created a Google Data Studio Connector that gets data from an rest api I built. Is there a way to get the email address of the Google Account that is seeing the report, which can be different from the user that created the report and datasource?
I can authenticate my connector with my credentials to access the datasource (through OAuth), but I need to be able to get the email of the viewer of the report.
I know this could be resolved by sharing the Data Studio Connector with the viewers, so each viewer can authenticate when creating the datasource, but I don't want to share the Connector with all my viewers, to be sure there's only one person managing the datasource configuration.
Thanks!
https://developers.google.com/apps-script/reference/base/session#geteffectiveuser
// Log the email address of the user under whose authority the script is running.
var email = Session.getEffectiveUser().getEmail();
Logger.log(email);