I got 2 Azure subscription under 1 account. I do experience strange behavior around Azure API management when creating new API for Azure LogicApps. Here is the scenario
I got Subscription A and Subscription B (sub A/sub B from now).
I got Resource Group A in sub A and Resource Group B in sub B (rg A and rg B from now)
Both resource groups are in the same region.
I got Azure Managed API service in rg B. I have deployed all the services needed by the solution into rg B and the same region. So API and Logic App and other supporting services are only in rg B and same region.
What is happening that if I want to create new API for LogicApp in the gui when I pick browse to pick the LogicApp the list is empty. None of the Logic Apps is showing off even if they are in the same subscription and resource group.
When I'll try deployment of the Logic App to the rg A on the sub A or I migrate existing Logic Apps in rg B from sb B to rg A on sub A. Then I can see the logic apps in new API from LogicApp menu even if i kept the API service under rg B and sub B.
I have tried many things but I cannot crack this out.
Any thoughts will be much appreciated.
Best regards,
quark
Related
My company owns several (verified) facilities and using my company's email i can see those locations (business.google.com).
Now, my company would like to fetch the reviews in each location and present it in our company website. Before we're using the Google Place API but since it only returns the latest 5 reviews we opt to using Google My Business API to retrieve a location's complete reviews. We'd like our backend (PHP) to retrieve the reviews so using the same email I created a service account (console.developers.google.com/apis/credentials) because we don't need the end user to allow/interact anything when browsing our website.
Using postman (with my signed JWT) I have managed to get a valid access token
...that I use to retrieve the lists of accounts (mybusinessaccountmanagement.googleapis.com/v1/accounts) I could see the service account itself alone in the response.
Now, I tried calling the account locations api (mybusiness.googleapis.com/v4/accounts/{MY_ACCOUNT_ID_HERE}/locations) but it only returns and empty object response.
Can someone help me resolve this issue. Why my service account can't see the verified locations under my company's email. Is this even possible? Thank you.
Even that this is an older question - I run into the same issue calling the new Google My Business Information v1 API (getting empty results) using a service account.
It seems, that it is not recommended to use Service Accounts, I found this support article on Google: https://support.google.com/business/thread/8281160/cannot-get-access-to-gmb-locations-with-service-account-with-nodejs?hl=en
The "official" recommendation is to use OAuth.
But we finally made it using Service Account. The following steps are necessary to resolve it (at least for us it is working now):
Add a project in Google Cloud Platform
Add and enable the Account Management and Business Information API's.
Add the service account and generate a key (https://developers.google.com/identity/protocols/oauth2/service-account#creatinganaccount)
Make the Business Profile API request (you need the approval made by Google to be able to make requests against the two API's; otherwise you may run into quota exceeds as "Request per minute" is set to 0 by default). Important: It may take up to 2 weeks until, but we received the approval within about 5 days
Enable domain-wide delegation for the service account using the scope "https://www.googleapis.com/auth/business.manage". More about domain-wide-delegation: https://developers.google.com/identity/protocols/oauth2/service-account#delegatingauthority)
Add a user identity in GCP. This user also needs to be added in Google My Business for editing locations. When creating your ServiceAccountCredential object, impersonate this user.
Security concerns:
Domain-wide-delegation enables that everyone knowing/having the credentials of the service account could impersonate any person (identity) from withing GCP. At least in this case only for Business Profile API, but anyway, keep this in mind.
Also using private keys for authenticating the service account is not recommended, you should be aware to regularly change / create a new private key or there would be a solution with Identity Workload.
Hope this helps everyone facing the challenge with GMB / GCP / service accounts :-)
I am trying to pull data from salesforce marketing cloud object using API calls.
data: all available instances for the passed object.
I did this for salesforce objects using bulk api call.
I am very new to sfmc.
Glad if someone can share the example link.
Not sure if this is what you want, there are several trailheads to get started with MC.
Log in to your MC account
Hover on Audience Builder
Click Contact Builder
Click on tab Data Sources
Click sub tab Synchronised
(if you have already connected your CRM to MC) A box with your connected user should appear. Click on it.
Here you can see all your sObjects that are connected and synced. If you dont have any or want to connect some or more then:
click Set up Object button on the top right
Now all the sObjects that are available will appear and you can sync them. This will make them available in the MC environment.
Some will be unavailable at the moment, this is because they require others to be synced first. Once you start syncing the most basic ones, others will become available.
Hope this is what you were looking for.
I have a bunch of microservices (10 to be precise), each with it´s own database, own code repo, own deployment pipeline, and all the recommended stuff for microservices architecture.
However, I dont have a clue on how to build the front end pieces, which are about to be developed by front end programmers.
Should I have 10 of them, one for each backend microservice?
Or should I have just one?
Maybe I can group some microservices, related to ADMIN role for instance, and create a single frontend for it? And another for another ROLE? Since I have about 4 ROLES, I may have 4 frontend apps?
For the final user, app (ui) should look like a monolithic.
What can you tell??
Briefly speaking, the services are (ADMIN, CLIENT, DISTRIBUTOR and RESPONDENT as roles):
1) oauth server (ADMIN, DISTRIBUTOR)
2) users service (ADMIN)
3) products service (ADMIN)
4) survey service (CLIENT)
5) jobposition service (DISTRIBUTOR)
6) answer service (RESPONDENT)
7) Email template service (ADMIN)
8) Credit/transaction service (ADMIN)
9 and 10) Batch services, but UI for showing batch status and result (ADMIN)
Thanks
It is not necessary that you need to have 10 front end services one for each backend service but try to have as many front end service as possible to fully utilize the advantages of microservices.
I don't think separating the front end based on the role is a good idea. Separation should be done based on the domain, products & sub products.
I am not completely aware of what those 10 services are so it is very difficult to say how to separate the front end service.
My App engine is running in project-1. I want to access the BQ present in project-2. How can i make app engine in project-1 access the BQ present in project-2?
You should request "can view" (or "can edit") permissions on the dataset of your interest. Owner of project-2 (or respective dataset) will be able to do so.
You don't need to be present on project level and in some cases it is not even appropriate - but you must have appropriate permissions on dataset level
If, by chance, you are the owner of project-2 or respective dataset - you can easily do this by following below instructions
https://cloud.google.com/bigquery/bigquery-web-ui#sharedataset
The easiest way to accomplish this is to add the default service account of "project-1" to the permissions list of "project-2":
within the cloud console go to the permissions section of project-1
select the service accounts sub tab
look for the default service account (or create a new one)
add the service account to the permissions of project-2
EDIT
You need to create your client in a fashion that uses the applications default service account. For example if you're using python it would look something like:
# Grab the application's default credentials from the environment.
credentials = GoogleCredentials.get_application_default()
# Construct the service object for interacting with the BigQuery API.
bigquery_service = build('bigquery', 'v2', credentials=credentials)
Now with your PK file you can launch the dev appserver in a fashion that the same client client will work correctly: Unable to access BigQuery from local App Engine development server
I'm trying to use exchange web services impersonation to add appointments into calendars. I am using Exchange Web Service Manager API and it worked fine when I tested with one account. Since my application will have to do this operation with about 20 000 accounts I am wondering what is the most efficient way to do it? (if it's possible)
Thanks in advance.
Only option you have is to call CreateAppointment in loop. Each iteration has to have the appropriate user impersonation before creating the appointment using Appointment class
Check this URL for more details: http://msdn.microsoft.com/en-us/library/dd633661%28v=exchg.80%29.aspx