I have configured a python script that changes Email Signature of the user using gmail API. But the problem is by default it has the name as My Signature. Is there any way that I can use custom name instead of My signature?
And also is there anyway to create a new signature rather than updating My Signature. (Using GMAIL API)?
Using Gmail API to update/modify signatures will always apply to 'My Signature' which is the default signature for a gmail account.
If your only concern is changing/creating a new signature, you can always do it via Gmail directly.
Related
I want to trigger a Supabase function whenever a new email arrives in Gmail.
If I understand Google's Instructions correctly, this needs to be done using Google's Pub/Sub service.
However, Supabase requires an authorization header to be sent with the POST request to the webhook, and while Pub/Sub allows for authorization, it only seems to support service accounts, and not just setting a simple Bearer token.
It seems like either polling or setting up a proxy webhook would be the only feasible options left—unless I'm missing a simpler way?
Thanks!
You can deploy the function to not require the auth headers by adding the --no-verify-jwt flag when deploying your functions.
From the edge functions docs
By default, Edge Functions require a valid JWT in the authorization header. This header is automatically set when invoking your function via a Supabase client library.
If you want to use Edge Functions to handle webhooks (e.g. Stripe payment webhooks etc.), you need to pass the --no-verify-jwt flag when deploying your function.
I am using a HTTP Function App, I would like to authenticate it using client id and function keys (inside my function) using python.
I have a API Management setup for the current service but would like to authenticate on function app level.
Thanks
For this one of the workaround is that you can set its Authorization level to Function.
Note: Make sure you are providing function key as a URL query string parameter in code property (i.e., https://< Your Function App>.azurewebsites.net/api/< Your Function Name>?code=< Your Function Key>). Alternatively, If you are calling function from postman you can just add x-functions-key header and set function key to it.
You can find all the function keys from Trigger >> Function Keys
but from the Official Documention you can see that it is not a good practice to distribute shared secret in public apps.
If your function is being called from a public client, you may want to consider implementing another security mechanism
Alternatively, you can use AAD to authenticate your Function App (i.e., Through App registration).
For more information, you can refer Azure Function authentication using Azure Active Directory
I'm new to .Net, so I'm struggling a bit to understand how to approach the machine 2 machine authentication and authorization. Here's what I'm trying to do.
We have a Library that will call an API for a resource but the call must be authorized, so there's also an IS4. Each part is a separate project in a solution and runs in Docker.
We'd like enforce the Library to provide an API Key with every request to API in Authorization header. Then we'd like the API to check for
API Key is valid
API Key belongs to a user with correct set of claims and/or scopes
If that's all OK then accept the incoming request or send 401 Unauthorized otherwise.
We're trying to do this with IS4, because in the future we'd like to use features like Single Sing-On, delegation, etc.
This m2m is the first step and even though it looks simple, we're having a hard time making it work.
By default m2m communication requires ClientCredentials Grant Type in IS4. But using it requires 2 steps: make a request for access token and then use this access token to access API resource.
Getting access token requires providing the ClientId, ClientSecret and Scope but we want to use a single API Key instead.
Is it possible to wrap those 2 things together somehow?
I created a loopback api ('http://localhost:8100/api/insertsubmitorder/insertOrders') . this api is not Secure . Can we Secure and Authenticate this API using OAuth2 or Other . I go through the looback docs for Authentication http://loopback.io/doc/en/lb3/Authentication-authorization-and-permissions.html#preparing-access-control-models .
but i can not get the soluition. Please tell me how can i add Security my loopback APIs.
If you have a user-database with already existing users, I'd suggest writing a custom login with LoopBacks built in user-functionality. Otherwise, just create a user and do a login-post to the /login-endpoint. This will return an accesstoken (and also the user object if you wish to include it) which you can use against the endpoints for validation. The validation is setup through the ACL in the models json-objects.
according to Google cloud endpoint documentation, in #Api annotation (or #ApiMethod), we can use a "scope" parameter, that is:
If not supplied, the default is the email scope (https://www.googleapis.com/auth/userinfo.email), which is required for OAuth. You can override this to specify more OAuth 2.0 scopes if you wish. However, if you do define more than one scope, note that the scope check will pass if the token is minted for any of the specified scopes. To override the scopes specified here for a particular API method, specify different scopes in the #ApiMethod annotation.
Reading this docs seems that we can ask, for example, for drive scopes.
In fact, if we put here https://www.googleapis.com/auth/drive.file, the endpoint will ask the user for the drive auth.
But, how can I get the valid token to make a call to the google api? I mean, this scope parameter is intended only for login purpose, or I can use it to obtain Oauth2 tokens to call Google Apis?
I think is only for login purpose (just because I haven't found something about using endpoint to connect to google api) but I need a confirmation.
Thanks in advance