The document provides an overview of the Box platform and common use cases for application development. It describes user types, authentication methods, scopes, and four common application patterns: the classic user model, app user model, service account model, and system-to-system model. It also covers topics like error handling, collaboration and permissions, and best practices.
Better Data with Machine Learning and ServerlessJonathan LeBlanc
Creating valuable insights out of raw data files, such as audio or video, has traditionally been a very manual and tedious process, and has produced mixed results due to an influential human element in the mix.
Thanks to enhancements in machine learning systems, coupled with the rapidly deployable nature of serverless technology as a middleware layer, we are able to create highly sophisticated data insight platforms to replace the huge time requirements that have typically been required in the past.
With this in mind, we’ll look at:
- How to build end-to-end data insight and predictor systems, built on the back of serverless and machine learning systems.
- Best practices for working with serverless technology for ferrying information between raw data files and machine learning systems through an eventing system.
- Considerations and practical examples of working with the security implications of dealing with sensitive information.
Best Practices for Application Development with BoxJonathan LeBlanc
Covering the best practices for building new applications on top of Box platform, including token management, error condition and program flow, architecture, and other such topics.
Live Identity Services Drilldown - PDC 2008Jorgen Thelin
Live Identity Services enables developers on any platform to choose the identity integration model that best enables their scenarios, including: web or client authentication, delegated authentication, or federated authentication. Learn how to build seamless, cobranded, and customized sign-up and sign-in experiences.
Microsoft PDC 2008 - Session BB22
Microsoft Sharepoint 2013 : The Ultimate Enterprise Collaboration PlatformEdureka!
Microsoft SharePoint 2013 is an Enterprise Collaboration Platform which offers a wide range of integrated solutions including Enterprise Content Management (ECM), Enterprise Social Networking, Business process management (BPM), Web Content Management (WCM), Business Intelligence (BI), Enterprise Search etc. Currently more than 80% of Fortune 500 companies are using Microsoft SharePoint solutions and the numbers are growing with the new Cloud Based SharePoint Online. Developers can use Cloud App Model and leverage familiar programming models and development tools to create custom solutions for Mobility, Social and Collaboration Search and Workflows.
Better Data with Machine Learning and ServerlessJonathan LeBlanc
Creating valuable insights out of raw data files, such as audio or video, has traditionally been a very manual and tedious process, and has produced mixed results due to an influential human element in the mix.
Thanks to enhancements in machine learning systems, coupled with the rapidly deployable nature of serverless technology as a middleware layer, we are able to create highly sophisticated data insight platforms to replace the huge time requirements that have typically been required in the past.
With this in mind, we’ll look at:
- How to build end-to-end data insight and predictor systems, built on the back of serverless and machine learning systems.
- Best practices for working with serverless technology for ferrying information between raw data files and machine learning systems through an eventing system.
- Considerations and practical examples of working with the security implications of dealing with sensitive information.
Best Practices for Application Development with BoxJonathan LeBlanc
Covering the best practices for building new applications on top of Box platform, including token management, error condition and program flow, architecture, and other such topics.
Live Identity Services Drilldown - PDC 2008Jorgen Thelin
Live Identity Services enables developers on any platform to choose the identity integration model that best enables their scenarios, including: web or client authentication, delegated authentication, or federated authentication. Learn how to build seamless, cobranded, and customized sign-up and sign-in experiences.
Microsoft PDC 2008 - Session BB22
Microsoft Sharepoint 2013 : The Ultimate Enterprise Collaboration PlatformEdureka!
Microsoft SharePoint 2013 is an Enterprise Collaboration Platform which offers a wide range of integrated solutions including Enterprise Content Management (ECM), Enterprise Social Networking, Business process management (BPM), Web Content Management (WCM), Business Intelligence (BI), Enterprise Search etc. Currently more than 80% of Fortune 500 companies are using Microsoft SharePoint solutions and the numbers are growing with the new Cloud Based SharePoint Online. Developers can use Cloud App Model and leverage familiar programming models and development tools to create custom solutions for Mobility, Social and Collaboration Search and Workflows.
This was a multi-phase project in the various .NET technologies using C# and Visual Studio. This set of projects was created to support the principal functions of a lending library’s day-to-day operations. TECHNOLOGIES USED: .NET with C#; Windows Forms Programming; Regular Expressions; ADO.NET; SQL Server 2000; Transact SQL (Stored Procedures); ASP.NET; ASP.NET Security; Web Services; XML; SOAP; WSE 3.0.
Implement Authorization in your Apps with Microsoft identity platform-June 2020Microsoft 365 Developer
Learn about the features of the Microsoft identity platform available to developers to implement authorization in their applications that developers have integrated with the platform. In this session, Kalyan Krishna (@kalyankrishna1), Identity Platform Program Manager covers four of these available options in detail: App roles, Security groups, Scopes and Directory roles.
Watch the recording: https://youtu.be/LRoc-na27l0
This was a multi-phase project in the various .NET technologies using C# and Visual Studio. This set of projects was created to support the principal functions of a lending library’s day-to-day operations. TECHNOLOGIES USED: .NET with C#; Windows Forms Programming; Regular Expressions; ADO.NET; SQL Server 2000; Transact SQL (Stored Procedures); ASP.NET; ASP.NET Security; Web Services; XML; SOAP; WSE 3.0.
Implement Authorization in your Apps with Microsoft identity platform-June 2020Microsoft 365 Developer
Learn about the features of the Microsoft identity platform available to developers to implement authorization in their applications that developers have integrated with the platform. In this session, Kalyan Krishna (@kalyankrishna1), Identity Platform Program Manager covers four of these available options in detail: App roles, Security groups, Scopes and Directory roles.
Watch the recording: https://youtu.be/LRoc-na27l0
final Year Projects, Final Year Projects in Chennai, Software Projects, Embedded Projects, Microcontrollers Projects, DSP Projects, VLSI Projects, Matlab Projects, Java Projects, .NET Projects, IEEE Projects, IEEE 2009 Projects, IEEE 2009 Projects, Software, IEEE 2009 Projects, Embedded, Software IEEE 2009 Projects, Embedded IEEE 2009 Projects, Final Year Project Titles, Final Year Project Reports, Final Year Project Review, Robotics Projects, Mechanical Projects, Electrical Projects, Power Electronics Projects, Power System Projects, Model Projects, Java Projects, J2EE Projects, Engineering Projects, Student Projects, Engineering College Projects, MCA Projects, BE Projects, BTech Projects, ME Projects, MTech Projects, Wireless Networks Projects, Network Security Projects, Networking Projects, final year projects, ieee projects, student projects, college projects, ieee projects in chennai, java projects, software ieee projects, embedded ieee projects, "ieee2009projects", "final year projects", "ieee projects", "Engineering Projects", "Final Year Projects in Chennai", "Final year Projects at Chennai", Java Projects, ASP.NET Projects, VB.NET Projects, C# Projects, Visual C++ Projects, Matlab Projects, NS2 Projects, C Projects, Microcontroller Projects, ATMEL Projects, PIC Projects, ARM Projects, DSP Projects, VLSI Projects, FPGA Projects, CPLD Projects, Power Electronics Projects, Electrical Projects, Robotics Projects, Solor Projects, MEMS Projects, J2EE Projects, J2ME Projects, AJAX Projects, Structs Projects, EJB Projects, Real Time Projects, Live Projects, Student Projects, Engineering Projects, MCA Projects, MBA Projects, College Projects, BE Projects, BTech Projects, ME Projects, MTech Projects, M.Sc Projects, Final Year Java Projects, Final Year ASP.NET Projects, Final Year VB.NET Projects, Final Year C# Projects, Final Year Visual C++ Projects, Final Year Matlab Projects, Final Year NS2 Projects, Final Year C Projects, Final Year Microcontroller Projects, Final Year ATMEL Projects, Final Year PIC Projects, Final Year ARM Projects, Final Year DSP Projects, Final Year VLSI Projects, Final Year FPGA Projects, Final Year CPLD Projects, Final Year Power Electronics Projects, Final Year Electrical Projects, Final Year Robotics Projects, Final Year Solor Projects, Final Year MEMS Projects, Final Year J2EE Projects, Final Year J2ME Projects, Final Year AJAX Projects, Final Year Structs Projects, Final Year EJB Projects, Final Year Real Time Projects, Final Year Live Projects, Final Year Student Projects, Final Year Engineering Projects, Final Year MCA Projects, Final Year MBA Projects, Final Year College Projects, Final Year BE Projects, Final Year BTech Projects, Final Year ME Projects, Final Year MTech Projects, Final Year M.Sc Projects, IEEE Java Projects, ASP.NET Projects, VB.NET Projects, C# Projects, Visual C++ Projects, Matlab Projects, NS2 Projects, C Projects, Microcontroller Projects, ATMEL Projects, PIC Projects, ARM Projects, DSP Projects, VLSI Projects, FPGA Projects, CPLD Projects, Power Electronics Projects, Electrical Projects, Robotics Projects, Solor Projects, MEMS Projects, J2EE Projects, J2ME Projects, AJAX Projects, Structs Projects, EJB Projects, Real Time Projects, Live Projects, Student Projects, Engineering Projects, MCA Projects, MBA Projects, College Projects, BE Projects, BTech Projects, ME Projects, MTech Projects, M.Sc Projects, IEEE 2009 Java Projects, IEEE 2009 ASP.NET Projects, IEEE 2009 VB.NET Projects, IEEE 2009 C# Projects, IEEE 2009 Visual C++ Projects, IEEE 2009 Matlab Projects, IEEE 2009 NS2 Projects, IEEE 2009 C Projects, IEEE 2009 Microcontroller Projects, IEEE 2009 ATMEL Projects, IEEE 2009 PIC Projects, IEEE 2009 ARM Projects, IEEE 2009 DSP Projects, IEEE 2009 VLSI Projects, IEEE 2009 FPGA Projects, IEEE 2009 CPLD Projects, IEEE 2009 Power Electronics Projects, IEEE 2009 Electrical Projects, IEEE 2009 Robotics Projects, IEEE 2009 Solor Projects, IEEE 2009 MEMS Projects, IEEE 2009 J2EE P
JavaScript App Security: Auth and Identity on the ClientJonathan LeBlanc
The story is always the same; if you want to create a JavaScript centric app with API and identity security, you’re told that you need to have a server-side component for handling your identity and application security. That’s simply not the case in modern development.
In this session we'll look at client-side identity, API, and token security, exploring token downscoping methodologies, key management tools, and security on the client.
Improving Developer Onboarding Through Intelligent Data InsightsJonathan LeBlanc
A developer platform lives and dies by it's developer community. When huge problems need to be solved, it's easy to make valuable improvements, but what do you do when those are solved and you still see high bounce rates on your site, low developer application completion, and generally poor adoption of your product? This is where your data can save you.
In this talk we'll run through:
- How to track valuable developer path insights, from moments of anxiety to time to first valuable call.
- Overlaying support and ticketing information on top of developer path data to decrease developer friction.
- How to create automated analytics systems to measure success.
- When these systems should be built, before it's too late.
This topic will go through current standards and future trends for building a scalable security model for distributed cloud based data. We’ll look into practices and considerations behind handing highly privileged data globally, diving into topics such as:
- How global compliance and regulations affect security practices.
- Handling data permissions, identity, and security with application access to data.
- Considerations, trends, and standards for global data availability.
Building a modern API architecture is a constant struggle between ease of development and security. JSON Web Tokens (JWTs) introduce a means of building authentication into JSON objects being transmitted through APIs.
In this session we’ll explore how JWTs work to build verifiable and trusted objects, allowing them to be combined with standards such as OAuth 2 for capturing access tokens, leading to a secure means of JavaScript SDK dev.
Creating an In-Aisle Purchasing System from ScratchJonathan LeBlanc
The future of retail is in removing the divide between the offline shopping state and the enhanced online buying experience. To create this type of enhanced retail experience, we can remove complexities in the process, such as simplifying checkout.
In this session we’ll learn how to use internet-connected microelectronics to attach to a buyer’s mobile device to provide the functionality to buy products right from the aisle.
As web enabled systems become an integral part of everything we interact with, how do we secure data in potential unsecure environments?
In this session you'll learn how to apply fundamental security precepts in potentially insecure environments. Topics include:
Securing identity and payment data through voice commands or text
Tokenization and encryption security
Triggering secure transactions from communications media
We are in an age where more people have phones than toilets, and there are more active cell phones than people on the planet. How do we protect all of these devices roaming around unsecured locations, especially when they want to pay for something. Learn the secrets behind building a secure mobile backbone, as we explore how to harden security, build systems based on identity confidence, and work towards a future proofed mobile framework.
The arena of proper auth & data security standards is often some of the most misunderstood, confusing, and tricky aspects of building Node apps. Using open source auth techniques and proper data encryption standards, we’ll learn how to make intelligent decisions on creating a solid infrastructure to protect our users and data. We’ll dive into auth systems, data attack vectors, how to protect your systems, and common security pitfalls in Node.
The screencast of this presentation can be found at https://youtu.be/o3uy7dgG_n4
There is an assumption in the industry, amongst companies large and small alike, that if they store sensitive user data (and sometimes do some mild encryption) in their database, it's locked in and secured from potential attacks. People rely too heavily on their false assumptions of security, and it usually ends up costing them extensively when that is proven wrong.
In this session, Jonathan will build a foundation for identity and data security that everyone dealing with sensitive data should understand. We'll break down concepts of identity security, common attack vectors and how to protect yourself, and how to harden your web application.
Web enabled systems are now an integral part of everything we interact with, from microelectronics to voice enabled hardware, from text messages and phone calls to email, and really we’re just limited by our imaginations as to what we can connect. As we explore vast new realms of communication over mixed digital media, we have to ask ourselves how we protect our critical data within potential unsecure environments. Going beyond that, how do we protect some of our more critical data, payment information, in this same realm.
As we look at a multitude of different environments, we’ll be exploring how to secure user identity and payment information through the communication channels, covering topics like:
* Securing identity and payment data through voice commands or text.
* Tokenization and encryption security.
* Techniques for triggering secure transactions from communications media.
At the end of the session, we’ll have a stronger understanding of proper techniques for working with new communication media sources, and see how we can apply fundamental security precepts in potentially insecure environments.
Audio from the session at OSCON (Portland, OR) on July 22nd, 2015 is available at https://archive.org/details/protecting_future_mobile_payments
We are now in an age where more people have phones than toilets, and there are more active cell phones than people on the planet. How do we protect all of these devices as they’re roaming around unsecured locations, especially when we want to pay for something.
In this talk we’re going to rip apart the illusion of mobile security and explore some of the most difficult to secure experiences: payments. We’ll cover the concepts of building a rich feature set to protect the user, how to encrypt all interactions, building scalable trust zones, and extending identification with wearables and biometrics.
In a world where technology is transforming with mobile devices and wearables, its key to have a solid security backbone. From having a strong password to using biometrics, companies are finding ways to help consumers protect themselves without impacting the experience. We'll take a look at the current landscape of passwords, the importance of proper systems and how we can use wearables and mobile devices to build trust systems.
You have a solid security infrastructure, all user data is encrypted, your users are protected right? As long as passwords remain the standard methods for identifying your users on the web, people will still continue to use "letmein" or "password123" for their secure login, and will continue to be shocked when their accounts become compromised.
Passwords are not secure, they need to be replaced. In this talk we're going to explore the pitfalls of a system designed around a username and password, then dive into the ways that technology is giving us a slew of new ways to build a secure user identity system. From biometrics to wearables, hardware to tokens, we'll explore a multitude of ways that we can finally kill all passwords.
Building a Mobile Location Aware System with BeaconsJonathan LeBlanc
Audio from talk (OSCON - July 22nd, 2015): https://archive.org/details/oscon_mobile_location_aware_systems_with_beacons
What if instead of a broad location, you could have pinpoint location awareness of someone in a physical space. How could this change everything about how we interact with the physical world? In this session we will be exploring Beacon technology, which enables this, the underlying Bluetooth Smart standard, and how we can use these systems to change everything from shopping, to accessibility for the disabled, all built on top of a mobile device.
Identity in the Future of Embeddables & WearablesJonathan LeBlanc
The audio recording of this talk is available at https://archive.org/details/identity_wearables_embeddables
Ways of identifying a person to the technology around them is shifting from antiquated external body definitions, to internal body functions. In this session, we'll explore how the technology behind this embeddable and wearable movement works, exploring vein recognition biometrics, heartbeat identification, and going into embeddable body modifications as sources of identification.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
3. 3Box Platform Developer Workshop
Prerequisite Box Platform Knowledge
Managed User
App User
External User
User / Account Types
Service Account
Auth Systems
JWT/OAuth 2
OAuth 2
Developer Token
4. 4Box Platform Developer Workshop
Pattern 1: Classic User Model
(Vault portals, doc submission, field worker apps)
5. 5Box Platform Developer Workshop
Classic User Model
Application needs to handle internal and external users
External: App Users
Internal: Managed Users
Content: Owned by App or Managed Users
Description: External end users of the application are App users and the internal audience are
Managed Users.
Benefits:
• Allows you to provide a custom experience for end users.
• No need to build additional functionality for internal users, they can use the Box web application.
• The App user model allows you to interact with end user accounts in a headless manner. This
means you can bring your own identity system (e.g. Auth0 / Netlify) and map the ids.
• API actions taken on behalf of users are recorded in the event stream, meaning that user events
can be stored, connected to other systems, and retained for compliance.
6. 6Box Platform Developer Workshop
Pattern 2: App User Model
(Vault portals, doc submission, field worker apps)
7. 7Box Platform Developer Workshop
App User Model
Application needs to handle internal and external users
External: App Users
Internal: App Users
Content: Owned by App Users (Internal and External)
Description: Much like the classic user model, but all users (internal and external) are App
users.
Benefits:
• Allows the creation of custom experiences for both internal and external users.
• Good for instances where the Box web app is too permissive. This guards internal behavior.
• Segmentation of content for managed accounts. This can allow a managed user to have
application specific content through an App user account as well.
• The App user model allows you to interact with end user accounts in a headless manner.
This means you can bring your own identity system (e.g. Auth0 / Netlify) and map the ids.
• API actions taken on behalf of users are recorded in the event stream, meaning that user
8. 8Box Platform Developer Workshop
Pattern 3: Service Account Model
(When existing user object models already exists)
9. 9Box Platform Developer Workshop
Service Account Model
Application needs to handle internal and external users, but a user object already exists
External: Managed by Customer’s Application
Internal: Managed Users
Content: Owned by Service Account
Description: Best used when a company user model already exists, or if you have users that
are transient in nature with content that needs to be persistent.
Benefits:
• Useful when our app user model will complicate existing applications.
• Useful in instances where there is not a good 1:1 end user / app user mapping, such as if
end users are mapped as groups.
• When the idea of folders don’t fit perfectly with the permission model the customer desires.
• Can implement the Box token exchange model to ensure that broad scoped access to the
service account doesn’t occur.
10. 10Box Platform Developer Workshop
Pattern 4: System to System Model
(Back office apps and integrations, content ingestion)
11. 11Box Platform Developer Workshop
System to System Model
No user content needs to be handled
External: N/A
Internal: N/A
Content: Owned by Service Account
Description: Service accounts are used here as the de-facto user object for system to system
interactions and back office workflows.
Benefits:
• Perfect for apps where a user construct isn’t needed (e.g. departmental or company owned
content that transcends user ownership).
• Service account auth is cleanly handled by the JWT process.
• Because a service account can be granted elevated scopes, this model allows you to tightly
control what activities that the service account can perform. This gives you complete control
of assigning permissions to different backend services.
14. 14Box Platform Developer Workshop
Managed UserApp User External User
Same as a managed user, but is
not part of the same enterprise as
the app. These are users that have
been collaborated into content by a
user in the enterprise.
A regular Box user that is part of the
same enterprise as the app. This
user account can be accessed by the
API or by logging in to box.com
Users created by an app that may
only be accessed by that app. This
user account can only be accessed
through API calls.
Types of Users Defined within Box
16. 16Box Platform Developer Workshop
JWT / OAuth 2OAuth 2 Developer Token
Short lived developer
prototyping token
Use an existing identity system
without logging into Box
Use a user’s Box login as the
identity system
Types of Auth Systems Box Platform Employs
17. 17Box Platform Developer Workshop
OAuth 2
• User types: Managed users.
• Requires that users be forwarded to
Box to log in with their Box account
to accept app permissions.
• Access token that is generated is
bound to the user who logged in.
18. 18Box Platform Developer Workshop
JWT / OAuth 2
• User types: Managed and app
users.
• Allows the use of an existing identity
management system.
• Allows the app to manage all user
and config content.
• Runs behind the scenes.
19. 19Box Platform Developer Workshop
Developer Token
• User types: None.
• Short lived (1 hour) token generated
in the application config.
• Cannot be refreshed
programmatically, only manually.
• Should only be used for quick testing
& API requests, never in production.
21. 21Box Platform Developer Workshop
Application
Scopes
What your application will have
permission to do on behalf of the
application, enterprise, and
users.
23. 23Box Platform Developer Workshop
Manage Users
/ Create / Read / Update / Delete /
Activate / Disable Users (app and
managed).
/ Change primary login, reset password,
change role for managed users and
enterprise content.
24. 24Box Platform Developer Workshop
/ Create / Read / Update / Delete groups
and group memberships for users.
Manage Groups
25. 25Box Platform Developer Workshop
/ App can programmatically control
webhooks (referred to as webhooks
v2).
/ Create / Read / Update / Delete new or
existing webhooks on files and folders.
Manage Webhooks
26. 26Box Platform Developer Workshop
Manage Enterprise
Properties
/ Read / Update enterprise attributes
and reports.
/ Edit / Delete device pinners (what
devices can use native Box
applications).
27. 27Box Platform Developer Workshop
Manage Retention Policies
/ Create / Read / Update data retention
policies.
/ Feature is tied to Box Governance
service package.
29. 29Box Platform Developer Workshop
• Creating a JWT app client with the downloaded Box application config file
https://github.com/jcleblanc/box-workshops/blob/master/app-auth/jwt-auth-config.js
• Creating a JWT app client with manually created public/private keys: https://github.com/jcleblanc/box-
workshops/blob/master/app-auth/jwt-auth-keys.js
• Manually constructing the JWT claims process (no SDK):
https://github.com/jcleblanc/box-examples/blob/master/node/samples/auth_jwt_api.js
Code Samples
Authentication and Authorization (JWT / OAuth2)
30. 30Box Platform Developer Workshop
• Create a new app user:
https://github.com/jcleblanc/box-workshops/blob/master/app-auth/create-app-user.js
• Create a new managed user:
https://github.com/jcleblanc/box-workshops/blob/master/app-auth/create-managed-user.js
• Delete a user by ID:
https://github.com/jcleblanc/box-workshops/blob/master/app-auth/delete-user.js
Code Samples
User Management
33. 33Box Platform Developer Workshop
Service Account Details
• A user account that represents your application in an
enterprise.
• Can only be accessed programmatically.
• Has its own file storage.
• Generated automatically with a new JWT application.
• By default, a service account only has access to its
own data store.
• Access to app users / managed users has to be
explicitly enabled and requested.
Access Rights
35. 35Box Platform Developer Workshop
Service Account User Account
Maintain all user an application
data within the service account.
Users will be collaborated in
on content.
User specific data is maintained
in the individual user account. All
data access requests are made on
behalf of the user.
Where to Store User and Application Data
36. 36Box Platform Developer Workshop
Storing Data in the Service Account (Overview)
• Improved data security due to tight controls
over data location and sharing
• Data retention and migration improves
following customer deletion, as the user
collaboration is simply removed.
Benefits
• Architecture complexity increases as a
separate user folder structure needs to be
maintained in the service account.
• Single point of failure.
Concerns
37. 37Box Platform Developer Workshop
Storing Data in the User Account (Overview)
• Data is retained and owned by each user.
• Simple repeatable architecture on each
user account.
Benefits
• Data retention after customer deletion
requires data migration or loss.
• App has no control over data integrity.
Concerns
39. 39Box Platform Developer Workshop
App UsersNo User Access All Users
Service account can access
its own content, app user
content, as well as content of any
users in the enterprise
Service account can access
its own content and content for
any app users it creates
Service account can only
access its own content
User Access Levels for a Service Account
40. 40Box Platform Developer Workshop
Application
Access
• Application: Only access data
and users within the JWT
app.
• Enterprise: Access data and
users within the app as well
as the entire enterprise that
the app is a part of.
41. 41Box Platform Developer Workshop
Advanced
Features
• Perform actions as users: Use
an As-User header with each
request to act on behalf of a
user. Access token passed is
for service account.
• Generate user access tokens:
Create an access token
scoped to a user account and
use that token for each
request.
42. 42Box Platform Developer Workshop
User Access Application Access Advanced Features
No User Access Application None set
App Users Only Application One or both set
App and Managed Users Enterprise One or both set
Setting User Access for the Service Account
Settings to use to get the desired level of user access for a service account
44. 44Box Platform Developer Workshop
• Uploading file to service account:
https://github.com/jcleblanc/box-workshops/blob/master/service-accounts/service-account-upload-sa.js
• Uploading file to user account using As-User header:
https://github.com/jcleblanc/box-workshops/blob/master/service-accounts/service-account-upload-
asuser.js
• Uploading file to user account using user access token:
https://github.com/jcleblanc/box-workshops/blob/master/service-accounts/service-account-upload-
usertoken.js
Code Samples
Service Accounts
47. 47Box Platform Developer Workshop
/ Waterfall permission model for folders
/ When users are collaborated in on a
folder they can view all files / folders
under that folder.
Folder Permission Model
48. 48Box Platform Developer Workshop
Common Folder Models
Duplicate Folders for each User
A folder model is created and duplicated for each user. Collaborators or groups are added at each level.
App User 1 App User 2
Config
User Data
Personnel
Operations
Config
User Data
Personnel
Operations
49. 49Box Platform Developer Workshop
Common Folder Models
Business Level Ownership
The Box enterprise admin, or appropriate
leadership level, would maintain the root folder
level.
Each business level is maintained under that
level, where major business units may have
minor units located underneath.
Enterprise Admin
Marketing
Sales
Products
Parts & Services
Engineering
51. 51Box Platform Developer Workshop
Collaboration System
• Service accounts and users start by
only being able to access content in
their own accounts.
• For those accounts to access content
from other accounts they will need to
be collaborated in on content.
• Users can be collaborated via ID,
email, or group ID.
52. 52Box Platform Developer Workshop
/ co-owner: Full access
/ editor: Full access minus invites / settings
/ previewer: Basic view and edit
/ previewer uploader: Previewer + uploader
/ uploader: Upload, basic metadata, and
view
/ viewer: Preview + download and send
links
/ viewer uploader: Viewer + uploader
Collaboration Types
57. 57Box Platform Developer Workshop
Causes of Unauthorized Errors
Access token maintenance
/ Access tokens expire after 1 hour. At that point they must be refreshed using
the refresh token.
/ The .Net, Java, and Node SDKs handle this refresh action automatically. For
any other SDK or direct API integration token expiration responses (401:
unauthorized) will need to be handled through the app.
59. 59Box Platform Developer Workshop
Causes of Insufficient Permissions Errors
User and application scoping
/ There are typically two causes of a 403:
access_denied_insufficient_permissions error, either the user an access
token is scoped for doesn’t have permission to perform an action, or the
application doesn’t.
/ For user permissions, try logging in as the user via the “Log in as this User”
option in the admin console. Attempt to access the content manually.
/ For an application, ensure that the application has the correct scopes defined
for the action that it is trying to perform.
61. 61Box Platform Developer Workshop
Causes of Not Found Errors
Access Token Scoping
/ This may be encountered when trying to work with files and folders within Box when
using a JWT / OAuth 2 based application with a service account. If the ID of the file /
folder that is being accessed has been verified as present, this error will typically be
caused by the account that the client is pointing to. For instance, if a file exists on a
user account but the access token client is scoped for the service account, then a
404 error may be produced.
/ In cases of an access token that is scoped to the wrong account, use the As-User
header or user scoped access token for user access, or a service account scoped
access token for service account files.
63. 63Box Platform Developer Workshop
Causes of Name Conflicts
Checking name uniqueness
/ File / folder names within a given folder must be uniquely named. When there is an
attempt to create a new file / folder with a name that already exists, a 409:
item_name_in_use, or a standard 409: conflict may be produced.
/ In case of a duplicate user login information being used when creating new
managed users, a 409: user_login_already_used error would be produced.
/ These errors should be handled. Possible next steps in the program flow would be
to attempt the same API request / login with revised information.
65. 65Box Platform Developer Workshop
Causes of Metadata Conflicts
Checking if metadata is already present on a file
/ If metadata for a template is already present within a file and a request to add
metadata is made, the API will return a 409: tuple_already_exists error.
/ This error should be handled in a try / catch. When found, a request to update the
existing metadata should then be made.
/ Update requests will need to use a JSON patch object.
67. 67Box Platform Developer Workshop
Causes of Rate Limiting
Check Retry-After header for amount of time until next call
/ Making requests to auth a user each time they visit. Access tokens should be stored
for future use.
/ Polling the event stream too often. Cache results when possible.
/ Producing too many requests from a single user (e.g. a service account). Limit is 10
API calls per second per user.
/ Making too many simultaneous upload requests from a single user. Limit is 4
uploads per second per user.
72. 72Box Platform Developer Workshop
/ Manually created through the app
dashboard:
https://app.box.com/developers/console
/ Cannot be adjusted programmatically
/ Produces webhook events for all
actions in an app and cannot be
bound to a file / folder.
Webhooks V1 Details
74. 74Box Platform Developer Workshop
/ Programmatically created and
maintained through the Webhooks
APIs.
/ Create, Read, Update, and Delete
endpoints.
/ Can be bound to a single file or folder
Webhooks V2 Details
80. 80Box Platform Developer Workshop
Downscoped TokenAccess Token Client-Side Code
Downscoped token is deployed to
client-side code, mobile
environment, or UI tool.
New access token that is tightly
restricted in access rights (read /
write) for a file or folder.
Standard OAuth2 access token
that is fully scoped for an
enterprise or user.
Token Downscoping Process
84. 84Box Platform Developer Workshop
Box UI Elements
• UI components build with React
(JavaScript library).
• Authentication and token agnostic:
Works with JWT and OAuth flows.
• Use type agnostic: Works with app,
managed, and external user types.
85. 85Box Platform Developer Workshop
Content Explorer
Navigate Box files and
folders within your app.
Content Picker
Select Box files and folders
within your app
Content Preview
View docs, images, videos,
3D files, and more within
your app
Content Uploader
Drag and drop files from a
device into your app / Box.
86. 86Box Platform Developer Workshop
Base Scopes for Token
/ base_explorer
/ base_picker
/ base_preview
/ base_upload
91. 91Box Platform Developer Workshop
Custom SkillsFoundational Skills
Extends upon the platform event
pump / webhook system to hook to
machine learning system with the
intent of enhancing file metadata.
Turned on manually through
Box site account. Provides
enhancements for images,
video, audio, etc.
95. 95Box Platform Developer Workshop
MiddlewareFile Upload Machine Learning
The machine learning system will
take in the contents of a Box file,
run analysis of the data, and
respond with the enhanced
metadata to the middleware layer.
The middleware layer works as an
intermediary between the Box file
and ML system. It sends the file info
the the ML system and updates the
Box file metadata with its response.
The skills process is triggered when
a new or updated file is uploaded to
Box. An event is sent to a specified
endpoint with file access
information.
Skills Workflow
Event
Metadata
Execute
Callback
96. Box Platform Overview
Jonathan LeBlanc
Director of Developer Advocacy, Box
Twitter: @jcleblanc
Github: https://github.com/jcleblanc
Editor's Notes
Full description of roles: https://community.box.com/t5/Collaborate-By-Inviting-Others/Understanding-Collaborator-Permission-Levels/ta-p/144
Review webhooks V1 by clicking on your app at https://app.box.com/developers/console then select “Webhooks” from the left menu.