Is it possible to get user identity from ID4 as an administrator.
For example, Bob logs in and consents to access "My Movie App". When Bob logs in, his clientid and profile are saved independently into the My Movie App DB.
Later, the "My Movie App" needs to contact bob at bobs email or phone because bob forgot to pay and accounting is now catching up. However, Bob has changed his email and phone with the identity provider.
The "My Movie App" has Bobs clientid but would like to ask identity server if there are any changes to Bobs profile before it generates the Past Due contacts list.
Is there a way to get clients new profile without having Bobs user name and password but having only the userid or clientid?
Is there a way to ask Identity Server to see a list of Customers that have consented to using "My Movie App"?
After looking at the source code and poking around I believe the answer is you must extend ID4 itself.
For example, you can extend users to hold information such as ADMIN and when you log into ID4 directly you could use that information to authorize a controller.
Keep in mind that one instance of ID4 is designed be used by multiple companies.
URL Path could like this:
http://myid4:5000/BusinessName/MyMoviePhoneApp/GetCustomers
The Controller could be tagged with [Authorize(Admin)] and return json result of Customers.
Related
so this is my first question here in stackoverflow, i always find the answer by looking here... so.
I have this issue, I have a Model named Company, which can have many users, which would be the "best approach" to create and activate a user account within this newly created Company.
Here is the process i am following:
Platform Admin creates a company, the company serves as a grouping account in which i will have a number of users, but i need to send an Email after company creation to the Company admin in order to have him create his account so that he can manage the other company users, this email needs to have a hash so that it has some kind of reference to the company (avoiding the company selection in the form).
Im using Rails 4.2.6 and Angular 1.5
so im stuck after the company creation form.
In an email send the angular route url which got the company hash that just created. When admin user clicks on that link your angular route gets called and then before it render the view , i mean use resolve in angularjs route, get the list of all the user and company that just got created where admin user can select user that he or she want to activate.
What is the best method for updating a registered user's email and/or names in Backand? How can I make sure that if I'm changing the email address that I'm not also disconnecting the registered user from their object in the users table (since the server side Update uses the email address to locate the user object in the table)?
I'm using the Backand SDK in my Ionic/AngularJS app.
Thank you for your help. I know it's probably simple but I'm just missing it.
user email is the UserId in Backand, so you can't change it.
It's like you will try to change your email address in gmail, it's impossible.
But you can change firstName and lastName.
To do that go to you app dashboard in backand.com and in enter to "Securtiy & Authorization" > "Registered users", in this tab you can change first and last name of your registered users.
I am building a web app with go and GAE. I would like to use Google Accounts for authentication. The appengine/user package contains a type, User. I was planning on using ID property of User as the ancestor to descendent entities in the Datastore. However I'm confused by the comments in this section of documentation:
type User struct {
Email string
AuthDomain string
Admin bool
// ID is the unique permanent ID of the user.
// It is populated if the Email is associated
// with a Google account, or empty otherwise.
ID string
FederatedIdentity string
FederatedProvider string
}
Source: https://cloud.google.com/appengine/docs/go/users/reference#User
Under what circumstances might an email not be associated with a google account and therefore ID be empty?
I'm very new to go and GAE so please excuse my ignorance.
There are several key differences between email and id. E.g. "The app can also access a user ID that identifies the user uniquely, even if the user changes the email address for her account." Also "Every user has the same user ID for all App Engine applications."
Like ThunderCat said, if you use a Federated Login (OpenID was the only one supported, but is no longer), then you will not get a user id.
See the docs for more info.
currently I need to provide web site logging for different social accounts (facebook, google, twitter and so on).
I know that stackoverflow has same system and I wonder if there is stackoverflow database model in public access. So I can find right way to store user data in my db.
Currently I have next problems.
So, I have my table for users:
UserID
UserName
RegistrationDate
Email
Rating
For users who create account with web site form I use next additional info:
Password
FirstName
LastName
Avatar
I stock in question how to store data for users who login with social networks and what should I store.
It seems that I dont need to store facebook name, surname and so on. I thought about getting it with js on pages where I need it.
Also I am thinking how to provide user with adding facebook, twitter references and so on for his profile.
P.S.
I am using DotNetOpenAuth for user authentication via social networks. Working with asp.net MVC 3.
About functionality on my web site:
just adding articles and rating for user.
For comments I use https://disqus.com/.
Ideally, you should have two tables. One for Users and one for Identities. In the Users table, you store things like your application user id, name, emails, etc. In the Identities table, you link back to the person in the User's table, but have a 'network' field that says which network the Identities row is for (e.g. Facebook, Google, Twitter, etc).
The Identities table can store the User ID and details specific to that platform, e.g. User_ID for Facebook, Twitter username, etc. The user will have one entry in the Users table, but can have many entries in the Identities table, depending on how many networks the user has connected with.
I have few tables like example.
Users Books UsersBookPurchase
UID BookId UserId
UName Name BookId
Password Price
Email
This is fine. I am having my own login system but i am also using some 3rd party to validate like OpenID or facebook Authetication. My question is if the user is able to log in successfully using OpenID or facebook Authentication, what steps do i need to do i.e do i have to insert one fake row in Users table because if i do not insert how will integrity be maintained. I mean what user id should i insert in UsersBookPurchase when the person who has logged in using Facebook Authentication has made a purchase because the UserId is reference key from Users table. Please give me a high level overview of what i need to do because this is fairly common scenario.
Thanks in advance :)
Basically yes. Don't think of it as a fake row. What you should do is to create an actual user account based on the data provided by Facebook API (I am not that familiar with OpenID)
Facebook API will provide you with first and last name, email address, maybe some other data
Facebook does not have the concept of login name, users login by email address.
What you do is just create a new user from the data provided by API.
There are some things to watchout for: it is possible that user is already registered on your site. When you get data from Facebook you should search your own user table to see if the email address already belongs to your own registered user and it that case you can do some fancy things like mark that user as also having a facebook login.
If I were to do that, I'd abstracted login info into a separate table and have some sort of type in the User table. The type is used to identify what auth method is used, i.e. your own, Google, etc. If a user does select using alternative methods, you do need to have association but with a different type. But yes it is a new record.