Simple Authentication for API App

Similar Messages

• Use node.js for API Apps

  From the description for API Apps, it appears as though node.js is supported, but there is no documentation on how to use node.js.  The existing documentation shows how to use Visual Studio and c#.  I understand this is a preview, but was wondering
  if I can bring over a node.js app that has been built using the hapi framework.  If not yet, will node support be expected prior to GA?
  Thanks,
  Alex

  Thanks for the question, Alex.
  You can definitely implement an API app in Node.js. We'll add articles and samples soon. Following is what you can do.
  Create an empty API app from Azure portal. It's in the +New button. In Azure Portal, you can navigate to the API app blade, then navigate to the host of it from the essential UI to its hosting web app.
  Use your favorite Node.js framework to implement your REST API. Add an apiapp.json file to the root folder of your project. Configure it as show in "Review apiapp.json" section of
  http://azure.microsoft.com/en-us/documentation/articles/app-service-dotnet-create-api-app-visual-studio/.
  For getting Swagger 2.0 in Node.js, you may want to check out
  https://github.com/krakenjs/swaggerize-express.
  Use your favorite deployment option to deploy your Node.js app to the hosting web app.
  Restart the gateway in Azure portal to have it refresh the registration of the API app

• Is Hybrid Connection supported for API APP?

  If one is building a custom connector using API app, most likely, one would have the need to access on premise resources, web services or SQL. Hybrid connection seems like the perfect fit here to enable for API app.
  Since it's available on Azure Website and AMS, it is currently also available on web app and mobile app, why not enable it for API app?

  Hybrid connection is supported on API App since API App is hosted on Web App directly. You can navigate to the hosting Web App from Azure Portal by clicking
  API App blade -> Essentials part -> API App Host

• How to implement OData based BASIC Authentication using HTML, JavaScript for Mobile Apps using Apache Cordova/PhoneGap and datajs-1.1.1.js library

  Hello,
  I have an issue with OData based BASIC authentication for iOS App created using HTML, JavaScript, SAP UI5, OData and Apache Cordova/PhoneGap.
  Please check the post here http://scn.sap.com/thread/3527245
  Request you to kindly reply on the above given link.
  Thanks and Regards,
  Suraj Kumar

  Hello Prathik,
  The code which I am using for OData based BASIC Authentication, for my Mobile App is as below.
     var onSuccess = function(data) {
     alert("We are Through"); //Just to check that the OData request was sucessful
     var onError = function(err) {
     switch(err.response.statusCode) {  
     case 403 : {
     window.alert("Error Code - 403, Service unreachable ");
     break;
     case 401 : {
     window.alert("The credentials are incorrect or missing!");
     break;  
  // dataUserName and dataPassword are the two variables, in which I am storing my Username and Password, respectively.
     var connectionRequest = {
     requestUri: "ODATA SERVICE URL GOES HERE/",
     headers: { Authorization : 'Basic ' + Base64.encode(dataUsername + ":" + dataPassword) },
     method: "POST"
     OData.request( connectionRequest, onSuccess, onError);

• I have one apple ID for multiple devices in my family.  I'd like to keep it that way for itunes/app purchases.  I would like a simple step 1, step 2, step 3 response on what I need to do to separate all other features like imessage, contacts, emails, etc.

  I have one apple ID for multiple devices in my family.  I'd like to keep it that way for itunes/app purchases.  I would like a simple step 1, step 2, step 3 response on what I need to do to separate all other features like imessage, contacts, emails, etc.
  I have been reasearching how to do this on the internet, but I haven't found an easy explanation yet.  My family is going crazy over each others imessages being sent to others in the family and not being able to use FaceTime because of conflicting email addresses.  I have read that if each person gets their own iCloud account, this would work.  However, I need to know what to do after I set everyone up with their own iCloud account.  Do I make that the default email address to be contacted or can they still use their hotmail email addresses.  Any help- with easy explanation- would be much appreciated!!

  We do this in my family now.  We have one account for purchases, so it is used to share music and apps (I think that is in Settings/iTunes & App Stores).  Each iDevice has this configured.
  Then, each of us has our own iCloud account that is configured under Settings/iCloud.  That then allows us to have our own Mail/Contacts/Calendars/Reminders/Safari Bookmarks/Notes/Passbook/Photo Stream/Documents & Data/Find My iPhone/and Backup.  That Backup piece is pretty sweet and comes in handly if you replace your iDevice.  You can just restore from it.
  So we all share the Apple Store account but we all have our own iCloud accounts to keep the rest seperate or things like you mentioned are a nightmare.
  In answer to what iCloud does for you: http://www.apple.com/icloud/features/
  Think of it as an internet based ("cloud") area for all of those items listed in my response.  What you need to remember is photo stream only maintans the last 1000 pictures so don't count it as a complete backup solution for your pictures.  Even though I rarely sync with a computer these days, I do still try to sync my phone with iPhoto (I have an iMac) so that I have copies of all of my pictures.  1000 may not stretch as far as it sounds.
  Message was edited by: Michael Pardee

• Will Apple offer a simple downgrade for those with messed up apps?

  I wonder If perhaps Apple can give me a simple way to Downgrade my iPhone back to 3.13 and keep my settings and apps intact. The new software screwed up 2 apps that I not only bought the iPhone for but spent 100.00 on cable acessories specificly for these apps, Tv out. OK I love the phone now for many other reasons but the 100 bucks is in the trash. All I wanted was folders. I will give up the folders to get my Air Video Tv out back

  No, you cannot go back.
  Apple are in the market for sales. Its all money. The likes of you and I do not count. They want you to make the mistake and then throw the old phone away in favour of a new one.
  Do not despair! there is a jailbreak just being released that will get you back to 3.1.3. If I give you the link, the little spies at Apple will zap my post - but if you google iphone and unlock, the chances are it will be top of the list...

• Authentication for Stream Analytics REST Api

  Hi there,
  I am trying to use the stream analytics rest api from a java client. For other services (storage services for example), I am able to successfully use mutual certificate authorization. I create a management certificate using keytool and upload it through
  the settings tab in azure portal. I then create an SSLContext from this certificate. This all works and I am able to get access to the storage services api.
  The same flow does not seem to work for stream analytics api. When attempting to make an api call, I get 401 error code with the following response authorization header.
  GET https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.StreamAnalytics/streamingjobs?api-version=2014-10-01-preview
  WWW-Authenticate=[Bearer authorization_uri="https://login.windows.net/{...}", error="invalid_token", error_description="The access token is missing or invalid."]
  The result is the same whether or not I configure the certificate on the client side. So, it seems like the mutual certificate authorization is not supported in stream analytics as it is in the other management APIs. Can you confirm if this feature is not
  supported? If it is not supported, can you please provide some information on how we should be authenticating for stream analytics REST api?
  Thanks

  I did some more investigating. The Azure Stream Analytics REST Api documentation uses
  https://management.azure.com/
  as the base uri for managing stream analytics service. The .NET azure sdk source code on github, however, uses
  https://management.core.windows.net/  
  for the same. So, I have tried accessing some different variations of resources.
  https://management.core.windows.net/{my subscription id}/services/storageservices
  Response: 200 OK
  Here, I am using mutual certificate authorization to successfully reach storage services at management.core.windows.net. This verifies that the certificate authorization flow works for other services in the same subscription. 
  https://management.azure.com/subscriptions/{my subscription id}/resourcegroups/StreamAnalytics-Default-Central-US/providers/Microsoft.StreamAnalytics/streamingjobs?api-version=2014-10-01-preview
  Response: 401 Unauthorized
  Message: {"error":{"code":"AuthenticationFailed","message":"Authentication failed. The 'Authorization' header is not present or provided in an invalid format."}}
  Now I attempt to use the same mutual certificate authorization on the management.azure.com base uri for stream analytics management. The request fails and the error message notes that an expected Authorization header is missing. This leads me to
  believe that mutual certificate authorization is not supported on management.azure.com.
  The Authorization header makes sense for OAuth2 flow, so I am thinking that management.azure.com
  might only support OAuth2. I need server to server management, so OAuth2 flow will not work because it requires interactive browser redirect to work with management api. Active
  Directory only gives delegate permissions to management services, not application permissions. I believe this rules out using OAuth2 / Active Directory for headless
  authorization - please correct me if I am wrong.
  https://management.core.windows.net/subscriptions/{my subscription id}/resourcegroups/StreamAnalytics-Default-Central-US/providers/Microsoft.StreamAnalytics/streamingjobs?api-version=2014-10-01-preview
  Response: 403 Forbidden
  Message: <Error xmlns="http://schemas.microsoft.com/windowsazure" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"><Code>ForbiddenError</Code><Message>The server failed to authenticate
  the request. Verify that the certificate is valid and is associated with this subscription.</Message></Error>
  Here I try to use the mangagement.core.windows.net base uri that is used in .net sdk. I get a 403 forbidden response. The error message indicates that the server attempted to complete the mutual certificate authorization. The server complains, though,
  that the certificate is invalid. This is the same certificate used successfully to manage storage services, so I know the certificate is valid and the client flow works.
  It would be great if someone could expand on the discrepancy between the base uri in the documentation vs .net sdk and provide some guidance on server to server authorization to stream analytics management api.
  Thanks,
  Dave

• Entered Domain Credentials for SQL Simple Authentication Run As Accounts

  In troubleshooting an issue, I mistakenly entered a domain account under the "Data Warehouse SQL Server Authentication Account" and "Reporting SDK SQL Server Authentication Account" Simple Authentication run as configuration accounts.
   I'm now trying to get them back to the way they were, blank.  I found an older article for SCOM 2007 that mentions that just entering a space for the account name and password fields will get it blanked out again, this apparently doesn't work in
  SCOM 2012 as it gives me "The length of the string cannot be zero. "
  I think this may be contributing to my 31557 errors.
  Could I just delete the two simple auth account listed under Profiles?

  To fix error 2115, you can check below links
  https://support.microsoft.com/kb/2681388?wa=wsignin1.0
  http://blogs.technet.com/b/kevinholman/archive/2008/04/21/event-id-2115-a-bind-data-source-in-management-group.aspx
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question, please click "Mark As Answer"Mai Ali | My blog:
  Technical | Twitter:
  Mai Ali

• Simple question! Is it possible to have a custom icon for an app part?

  Hi All
  Title says it all: is it possible to have a custom icon for an app part / client web part?
  It used to be straightforward with the previous dev tools, but the ImageUrl was typically to a hive folder (which is obviously out of bounds now).
  I've "Binged" with no joy. None of the samples I've seen have a custom icon.
  So - can it be done?
  Regards
  Nigel

  Hi Nigel,
  Updating the AppIcon.png in Napa
  You can upload a new AppIcon.png in into the /Images folder in the file tree in Napa:
  Updating the AppIcon.png in Visual Studio 20102
  You can update a new AppIcon.png in into the Images folder in your Visual Studio solution:
  Keith Tuomi | Twitter: @itgroove_keith | Blog:
  http://yalla.itgroove.net
  Please click "Propose As Answer" if a post solves your problem or "Vote As Helpful" if a post has been useful to you.

• Server-side authentication for web services

  I was hoping to use Azure's server-side authentication for a HTML/JS web app. Some things are a bit unclear. For example, if a new user authenticates via Facebook, I want to create an associated record on the server-side and associate extra data with the
  user, irrespective of the service used to log in. If they log in again, I want the client to be able to get this extra data (eg preferences) from the server. On the back-end, I also want to be able to update particular fields of this record that the user cannot
  change themselves. I know how to go about this in a plain Node.js backend, but not sure how some of these basic things map to using Azure's services.

  Once the user logs in, you will have their information available to your server scripts. So one option is to use a custom API (or a Mobile Services Table) to insert/read/update the user data. You would protect this endpoint so that only logged-in users can
  access it, and then access the
  user object to obtain an ID an associate it in a table row. Lookups could be performed by similarly querying for the ID.
  In terms of some fields being restricted, you could remove these from the update request itself.
  Some pointers that might be helpful:
  http://azure.microsoft.com/en-us/documentation/articles/mobile-services-html-get-started-data/
  http://azure.microsoft.com/en-us/documentation/articles/mobile-services-html-call-custom-api/
  http://azure.microsoft.com/en-us/documentation/articles/mobile-services-html-authorize-users-in-scripts/

• Simple Authentication Problem

  Hi I am using suin direcory server 6.0 with my application. To test my connection I supplied the rootDN, userDN, host, port and password with 'simple' authentication mode but my test fails with following exception on console;
  SunOS-/export/home1/tecapp/TCS/tcserver/directory/INFOBASIC: testLDAP
  com.temenos.tocf.security.TCSecurityException: The authentication mechanism simple not supported by LDAP Server : ldap://hml-newsunt2a:389/uid=myT24,cn=T24,cn=Application,o=temenos,c=ch with user t24userid=inputter,uid=myT24,cn=T24,cn=Application,o=temenos,c=ch
          at com.temenos.tocf.security.common.LdapUtilities.getDirContext(LdapUtilities.java:447)
          at com.temenos.tocf.security.management.T24User2Directory.connect(T24User2Directory.java:255)
          at com.temenos.tocf.security.management.T24User2Directory.connect(T24User2Directory.java:185)
          at com.temenos.tocf.security.management.T24User2Directory.getSysDNListImpl(T24User2Directory.java:330)
          at com.temenos.tocf.security.management.T24User2Ldap.getSysDNList(T24User2Ldap.java:84)
  ------------- GETSYSDN  -------------------
  Time for call of CALLJ : 4820 [ms]
  20üError connecting LDAP server : The authentication mechanism simple not supported by LDAP Server : ldap://hml-newsunt2a:389/uid=myT24,cn=T24,cn=Application,o=temenos,c=ch with user t24userid=inputter,uid=myT24,cn=T24,cn=Application,o=temenos,c=ch
  Log File (access) in My LDAP Server recorded following at the same time;_
  [10/Nov/2009:15:35:21 +0000] conn=171 op=-1 msgId=-1 - fd=22 slot=22 LDAP connection from 10.44.5.69:53988 to 10.44.5.69
  [10/Nov/2009:15:35:21 +0000] conn=171 op=0 msgId=1 - BIND dn="" method=128 version=3
  [10/Nov/2009:15:35:21 +0000] conn=171 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn=""
  [10/Nov/2009:15:35:21 +0000] conn=171 op=1 msgId=2 - SRCH base="uid=myt24,cn=t24,cn=application,o=temenos,c=ch" scope=0 filter="(obj
  ectClass=*)" attrs="supportedSASLMechanisms"
  [10/Nov/2009:15:35:21 +0000] conn=171 op=1 msgId=2 - RESULT err=0 tag=101 nentries=1 etime=0
  [10/Nov/2009:15:35:21 +0000] conn=171 op=2 msgId=3 - UNBIND
  [10/Nov/2009:15:35:21 +0000] conn=171 op=2 msgId=-1 - closing from 10.44.5.69:53988 - U1 - Connection closed by unbind client -
  [10/Nov/2009:15:35:22 +0000] conn=171 op=-1 msgId=-1 - closed.
  [10/Nov/2009:15:35:24 +0000] conn=172 op=-1 msgId=-1 - fd=22 slot=22 LDAP connection from 10.44.5.69:53989 to 10.44.5.69
  [10/Nov/2009:15:35:24 +0000] conn=172 op=0 msgId=1 - BIND dn="t24userid=inputter,uid=myT24,cn=T24,cn=Application,o=temenos,c=ch" met
  hod=128 version=3
  [10/Nov/2009:15:35:24 +0000] conn=172 op=0 msgId=1 - RESULT err=48 tag=97 nentries=0 etime=0
  [10/Nov/2009:15:35:24 +0000] conn=172 op=1 msgId=0 - RESULT err=80 tag=120 nentries=0 etime=0
  [10/Nov/2009:15:35:24 +0000] conn=172 op=-1 msgId=-1 - closing from 10.44.5.69:53989 - A1 - Client aborted connection -
  [10/Nov/2009:15:35:24 +0000] conn=172 op=-1 msgId=-1 - closed.Please help me and suggest a workaround please as I couldn't found any information regrading this on google.
  Thanks
  SJunejo

  [10/Nov/2009:15:35:24 +0000] conn=172 op=0 msgId=1 - RESULT err=48 tag=97 nentries=0 etime=0err=48 is "inappropriate authentication". Maybe you don't have SASL configured properly.
  Please have a read of the admin guide.
  [http://docs.sun.com/app/docs/doc/820-2763/bcave]

• Help me in embedding a map for mobile app

  I have built a basic simple iphone app in flash cs5.Now I want to create a new scene in flash cs5 to show this map fully funtional along with markers in a small resolution for mobile app.(iphone)
  link of the map:
  http://maps.google.com/maps/ms?ie=UTF8&hl=en&msa=0&msid=100795895206195398252.00044490e878 965c7dd91&t=p&om=0&ll=12.340002,77.409668&spn=4.989012,7.404785&source=embed
  Pls help me out in sorting this problem out

  You need to sign up for google maps API here : http://code.google.com/apis/maps/signup.html, get your API key. You need this otherwise it will not work. Thendownload the SDK, from here:http://code.google.com/apis/maps/documentation/flash/ its on the right, on step 2, "SDK"
  the set up flash with the SDK, and then in your components inspector there will be a new folder saying google.
  Drag that component onto the stage. Then add this code: information  will need to be changed to suit your location and API KEY
  package {
  import flash.display.Sprite;
  import flash.events.Event;
  import flash.geom.Point;
  import com.google.maps.LatLng;
  import com.google.maps.Map;
  import com.google.maps.MapEvent;
  import com.google.maps.MapType;
  public class googlemap extends Sprite {
  var map:Map = new Map();
  public function googlemap() {
  map.key = "ABQIAAAAF5GHwa7hgxz5etSP-jJVwhSK_rP-_Usta8fEpiVtC50gLzF69hQ6_VK0zgpArekpmdsRCJK2Vnp60A";
  map.setSize(new Point(stage.stageWidth, stage.stageHeight));
  map.addEventListener(MapEvent.MAP_READY, onMapReady);
  this.addChild(map);
  function onMapReady(event:Event):void {
  map.setCenter(new LatLng(45.436319770227,12.33638048172), 13, MapType.SATELLITE_MAP_TYPE);

• AAD for API Management

  Hi.
  I'm trying to configure ADD and Api Management son I'm not so sure that is the right place where send the issue.
  When I try to set the Authentication type to 'Authorization code' I'n receiving this message:
  No permission to access user information is configured for 'GUID-APP' application, or it is expired or revoked
  The 'GUID-APP' is the client-id of a new app I have registered especially for 'API management' (is not the app where the real API is implemented). The name of the app is: apimanagement. For this app I have configured :
  Application permissions: 2
  Delegate permissions:4
  Which kind of permission shoud I configure to remove the issue ?
  Thanks.

  Hi,
  The issue should possibly be a replication delay in Azure AD, when the Permission Object that the application creates to access the Azure Management API (RDFE) does not replicate quickly enough to the authentication endpoint. The app currently does include
  a 5 sec delay before requesting an authorization code, but this delay may not to consistent. The workaround would be to sign out of the app and then sign back in. (Quoted from below thread)
  Source: 
  Azure AD OpenId Multitenant invalid_grant error
  https://social.msdn.microsoft.com/Forums/vstudio/en-US/dd289578-5d04-4ce0-a533-0505f8a8bedd/azure-ad-openid-multitenant-invalidgrant-error?forum=WindowsAzureAD
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• OneDrive for business App- On premises installation (Sharepoint 2013)

  Hi, 
  Just needed clarification regarding One Drive for Business application on iPhone/iPad. 
  When I connect to internal corporate network, the application works fine. However when I go on external network, it gives an error that 'You are logged in but we can't access your settings'. Is there something I am missing? Same with One Drive for business
  application for laptop. 
  It also works fine when I connect my iPhone/laptop on VPN. 
  We are using SharePoint 2013 (on premises installation). Do I need to get some subscription for business in order to get the app working over the internet? I know we need Office365 or sharepoint online in order to get the app working but it works fine when
  I am connected to internal network or VPN. 
  We do have a public IP and URL for One Drive which works fine on any browser from external internet. So the problem is only limited to the application on Apple and Laptop (windows). We are using TMG.
  Any info would be appreciated!
  Thanks

  Hi aso,
  You may want to check the authentication types for SharePoint on-premise site internal and internet access, some authentication types are not supported, you can check if it is the case.
  http://office.microsoft.com/en-001/office365-sharepoint-online-enterprise-help/use-the-onedrive-for-business-app-on-an-iphone-or-ipad-HA104005688.aspx#_Toc383014604
  http://social.technet.microsoft.com/Forums/en-US/3ad5b8ca-37e9-43b2-9201-9c5c339d157c/onedrive-for-business-ipad-app-with-onpremise-sharepoint-2013?forum=sharepointadmin
  Thanks
  Daniel Yang
  TechNet Community Support

• Welcome to the Azure App Service API Apps Preview Forum!

  Welcome to the forum! This forum is for support of our customers who are using API Apps. Feel free to post any questions you have related to API Apps.
  The Azure App Service API Apps Team
  Jim Cheshire | Microsoft

  Hey Mikael!
  I actually was struggling through pretty much the same things at the same time that you were.
  The EventTriggered extension is actually in the Microsoft.Azure.AppService.ApiApps.Service namespace, so without a using directive for that it will not be happy.
  I created a library to help with the metadata generation required for Triggers, and did a write-up on exactly what it takes to create both a polling and push trigger (with a few more samples) here: https://github.com/nihaue/TRex#building-a-polling-trigger-api-app
  Hopefully having that combined with
  the official docs, and also
  Sameer's sample can get you on the right track.
  Hope that helps!