I need to entered invoices and purchases into live company file. Created account but when I logged in to https://my.myob.com.au/bd/Pages/Home.aspx URL I did not see any developer tab for register API.
Please help me to implement myob API.
Thanks in advance
You need to express your interest to access the cloud hosted companyfiles
http://developer.myob.com/contact/register-for-myobapi-access/
you need to register your app via MYOB with your developer account.
you need to setup call back url within your application config page. It can be a localhost url
you need to install the offical sdk (c# or ruby) to your application.
from the local
a. init the sdk client with access key, secret key and call back url
b. redirect the customer to the myob auth page (the url can be auto generated from sdk)
c. after the auth operation, a code will be send to your callback url
d. use the code to init the myob sdk and get the list of company files
e. select a company file and get information you need
Related
I have web app written in react which is Single Page Application. Then I have back end API written in .NET core 3.1.
As I mentioned earlier I have web app written in react so this react web app has to call one more API to read some configs. This third application is also a API application written in .NET core 3.1. As soon as web app spins up, it will call this third APP and read configs like API URL of second application and other azure related details. Now this third API app should be protected. Only web app should access this app and not any other users.
So I am trying to find what are the best scenarios available in azure AD. Can someone help me to understand the possible scenarios to handle this?
What you seem to want to accomplish at the moment is for the web application to access the third API application. If this is the case, it is simple. The steps are as follows:
First, you need to expose the api of the third API application protected by Azure, which can be configured according to the following process
Azure portal>App registrations>Expose an API>Add a scope>Add a client application
Next, you need to define the manifest of api applications and grant application permissions to your client applications (this is the role permissions you define yourself, you can find it in My APIs when you add permissions). This is the process of defining the manifest.
This is to grant permissions for the client application (You can find your expose api permissions in My APIs.):
Finally, you need to obtain an access token using the client credential flow where no user is logged in:
Parse the token:
so as per you description It seems you want to permit only API application to access your third application.
One thing you can do you can create a user group and give acess to your API only and put application restricted to this group only.
See this hope it will help
https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/users-default-permissions
I have a React app that needs to communicate with several AWS services, each requiring secret keys and I know that I should not hard-code them into the JS.
I found this:
How do I hide API key in create-react-app?
Which basically confirms the following:
* Do not store true secrets in your JS
* Do not use env files either, because they are added to the JS at compile time.
* Use server-side code to deal with secret server-to-server communications, i.e. use a proxy
But my question is now one of clarity on this or "next step". My proxy server now handles all of the private communications with AWS. However, how do I confirm my app's identity to the server? In other words, if open the proxy up, anyone will have access to my AWS content. However, my actual users are not authorized to access my external services directly, so I can't just pass through those credentials.
My idea is to set up an application ID that will redirect only to the associated URL, but is that secure enough? The appID is in the JS, but the ID will only allow the proxy to send information back to the URL on record.
Thank you,
Wayne
I think your best bet would be to use AWS Cognito.
Users will auth with it, get back a token which can have IAM access rights attached to it if that is what you desire
I am trying to integrate a Google service account to my reactjs-Firebase project but I seem to not understand how to do it.
What I have tried:
I selected JSON as my KEY type for the service account and downloaded it to my system and tried to set it using Application default credentials. (didn't work)
but nothing seems to work.
and I don't understand how to use the service account to call API in this react-firebase project.
am I supposed to authenticate it using Application default credentials or some other method.
Expected result: Want to integrate service account to my reactjs-firebase project so that I can call API's without an API key
Actual result: not able to do that.
Thank you for your help.
You should never put a service account embedded on your front-end or any other secrets as anyone using developer tools in browser can see them.
The best approach for you should be the end user providing their credentials that need to be authenticated against your backend. In the backend if the user is authorized you can have access the service account information and make the calls you need.
Specifically on your Firebase you should use the Cloud Secret Manager and access if like this:
const functions = require('firebase-functions');
const { defineSecret } = require('firebase-functions/params');
const serviceAccount = defineSecret('SERVICE_ACCOUNT_KEY');
// get other secrets and do whatever you need...
There is a tutorial here on secrets.
Or you can go straight to the documentation here.
First of all, I am very new to the Salesforce platform. So apologies in advance if this is very straight forward and obvious.
So we are migrating our old app (based on .net platform) to Salesforce Community Cloud. One of the components in the app connects to the third party API service. The third party API endpoint uses Basic Authentication. We use service account credentials to generate basic authentication header.
We want to insert this component in a page using community builder. So whenever users visit the page, the component will pick the properties from logged in user, hit the third party API, get the required information and show on the page.
Is this doable in Salesforce? If yes, what is the best preferred way of achieving this?
Code-based approach - If your API is HTTP-based it's easy to implement in Salesforce via Apex callouts. The service account credentials should live in an instance of a Named Credential, it works together with a callout. Named Credential will automatically generate a Basic Auth header for you; this option in the Named Credential config screen is unhelpfully called "Password Authentication".
Declarative-ish approach: take a look at External Services:
With External Services, you use SF tools to import Swagger or
Interagent-based API definitions right into Salesforce using a schema.
Once you import the definitions, you can create a flow based on the
Apex classes generated from your External Services registration.
I am trying to take a GAE app and have it upload logging data, in CSV format, into Google Storage, and then into Big Query (via an upload job). The documentation says that the proper way to authorize a GAE app to have write permission in an API project is to add the GAE application as a team member in the API project.
However, there is a domain restriction in the API Team panel, that makes it impossible for us to add the '#appspot.gserviceaccount.com' address that the documentation says we need to. I talked with our IT department (who setup the API Project to being with) and they aren't sure how to circumvent that restriction.
I must be missing something, but how should we authorize our GAE App to push data into our API Project when we cannot add the account in this manner?
Thanks.
Create a Google group on your domain.
Add that group email address to the team editors in your Google Developers project.
Then add the Google App Engine application email address to that Group.
You might have to wait a short time before the permissions kick in.