We Keep Coding

how to use azure ad without client secret just with client id and tenant id?

My question is how to apply user authentication in web application using azure ad in case I don't have client secret. I just have client-id and tenant-id. I would appreciate your swift response.

AFAIK there is no need to use client secret in web application while we are authenticating with Azure AD.
While authenticating your App with Azure AD, your code snippet will be something like below:
{
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"ClientId": "*******************************",
"TenantId": "*******************************",
"CallbackPath": "https://localhost/signin-oidc"
}
If you want to get access token via Postman without using client secret, you can make use of ROPC flow like below:
In Postman, Go to Authorization tab and select type as Oauth2.0
Go to Headers tab and include Content-Type key and give value as application/x-www-form-urlencoded
In Body tab, include parameters like client_id, grant_type, username, password and scope as below:
And you will get the access token like below:

Not Able to create Subscription to mailbox using Microsoft graph API

Getting Subscription validation failed.Must respond with 200 OK error
I was trying to create a subscription using Microsoft graph API. We have exposed a notification URL which on receiving the post-call from the graph API will respond with the validation token and also status code: 200 OK.
When I tried hitting the subscription API for creating subscription it is showing "Getting Subscription validation failed. Must respond with 200 OK"-error. And At the same time, we are getting Status: 400 Bad request in postman.

Microsoft Graph validates the notification endpoint provided in the notificationUrl property of the subscription request before creating the subscription.
If validation fails, the request to create the subscription returns a 400 Bad Request error.
Please make sure that you provide a valid notificationUrl in the body. See Notification endpoint validation to see how Microsoft Graph handles the validation process.

LinkedIn API with /v2/clientAwareMemberHandles?q=handleString

I have requirement to get the person ID from the linkedin API
https://api.linkedin.com/v2/clientAwareMemberHandles?q=handleString&handleString=test123#gmail.com
but receiving response below
{
"serviceErrorCode": 100,
"message": "Not enough permissions to access: GET-handleString /clientAwareMemberHandles",
"status": 403
}
I have the application permissions in the application r_liteprofile/w_member_social/r_emailaddress
Additionally when I requesting a access token I send these three as scope parameters.
Appreciate your guidance.

This response is from linked in api and not from API manager. Basically, this means that the call from api manager to LinkedIn api does not have a token with the correct permission.
The token which is generated by API Manager is only for authentication with api manager. If the backend server expects a token as well, you should send that particular token in the request from API-M to the backend.
You can achieve this by adding a meditation sequence to your api. Follow the example below.
https://medium.com/#menakajayawardena/wso2-how-to-using-oauth2-protected-back-ends-with-api-manager-5d7e234c61c

Android app, Error when try to send email

I downloaded the example:
https://dev.office.com/Getting-Started/office365Apis?platform=option-android#register-app
clicking on send button throws this error:
RetrofitError: 404 Not Found
{
"error": {
"code": "InvalidAuthenticationToken",
"message": "Bearer access token is empty.",
"innerError": {
"request-id": "951626d4-0168-4b58-a78a-1fdd3bd322f2",
"date": "2016-04-29T18:34:05"
}
}
}

It looks like perhaps you did not register your app before downloading the sample. The readme instruction in the sample should walk you through registering and configuring an app, at which point the login should succeed and you will get a bearer token.

You are missing an access token. From https://msdn.microsoft.com/en-us/office/office365/api/discovery-service-rest-operations:
Discovery Service operations
Initial sign in
This brings the client to a web page where the user enters account information. It returns the endpoints needed to continue with Discovery Service. This is used the first time a user tries your application. It tells your application:
what cloud the user belongs to
where the app can send the user to log in
where to go to get a token
you can continue reading it on the official site.

Facebook graph api. App notifications: A client gets notification, but server gets error in the response: Unsupported post request

I'm developing backend by Java of an online game for facebook. I need to send app notifications using "facebook graph api". When I try to send a notification, facebook returns the next response:
{
"error": {
"message": "Unsupported post request. Please read the Graph API documentation at https://developers.facebook.com/docs/graph-api",
"type": "GraphMethodException",
"code": 100
}
}
My request looks like this:
https://graph.facebook.com/0123456789/notifications?access_token=9876543210|DJaspodJDduSkskaurrbqdd&template=Test+message
Most strange thing is I get notifications in my facebook account but my server side gets error after sending one and I can't understand if a user has gotten a notification. I wander if someone had problem like this. I will appreciate your help! Thank you!

I've resolved my problem! I just added parameter "href" to the request. Tell the truth I don't need that parameter but facebook wants it so that I added to it value similar to a link.
Now it looks like this: https://graph.facebook.com/0123456789/notifications?access_token=9876543210|DJaspodJDduSkskaurrbqdd&template=Test+message&href=fbWantsThisLink.html?butIDontNeedIt=123
Maybe this solution will be helpfull to someone!