I successfully implemented Google Sign-in button where I log in using Gmail accounts from a hosted domain (HD) of mine: with Javascript I retrieve user's data, but the only infos about his/her HD is just the name (by using getHostedDomain()).
So I made a Service Account in order to get more infos about my HD (using Python API): by using HD name, I retrieve groups and members of the HD.
So far so good, but the process of information collection is not one: it is splitted in two different files executed at different times. For now, I sign-in with a Gmail account on a web page and I take note of the HD returned to which the logged user belongs; then I run my Python script in a terminal that examines the given HD name in order to retrieve groups and members.
I'm trying to implement a single execution collector where only a file is executed and possibly only one language is used: the web page is the file I cannot give up since I'd like to offer Google Sign-in, so I'm trying to access other HD infos (besides its name) from the web page with Javascript, without using my other Python script.
Is it possible to retrieve everything only using Javascript?
I think what you are looking for is to retrieve all groups for a domain or the account. Also to retrieve the data you needed for a specific user, you can use the method Users: get.
Related
As you know currently a user needs to access https://myapps.microsoft.com/ then select an organization and then a list of applications is displayed.
I'm trying to re-build that portal in a single JS page. The user already authenticates with Azure to reach this JS page, and my target is to make a call to microsoft and retrieve the list of applications available for this specific user.
All I found in microsoft docs is how to retrieve data and access token for a specific application using the client secret and details about this application. But in my case I don't have an application all I have is a tenant id.
Is this feasible? keep in mind I can only use JS not nodejs or angular etc.
You can use below graph api to list all of the apps which the specific user be assigned a role.
https://graph.microsoft.com/beta/users/{userId}/appRoleAssignments
The resourceDisplayName is the name of the app shown in the page you provided and the resourceId is the objectId of the app(service principal) in azure.
By the way, it seems the page you provided doesn't show all of the apps which the specific user be assigned a role. I'm not sure if there is bug in that page, but the graph api I provided shows all of the apps for the specific(the user is assigned a role in the app).
Hope it helps~
SITUATION
I have a main public Liferay website, that is therefore accessible both by intranet and not-intranet (i.e. public) users.
I also have a Liferay intranet website, which is accessible only to intranet users because is protected via a login page.
The login page to the intranet website is public.
After you successfully login, the intranet website is loaded.
EXPECTED:
In my Google Analytics account for the main website, I want to differentiate intranet users from public users (e.g. in order to understand how the 2 categories behave).
Questions
Can I use a custom dimension to solve this problem, or is there a better way?
Custom dimension data has to be sent via hits (UPDATE: by "hits" I meant either pageview or event hits, I am not referring to the dimension scope, cfr. https://developers.google.com/analytics/devguides/collection/analyticsjs/custom-dims-mets), therefore I should:
load the Google Analytics tracking code of the main website on the intranet website (the site displayed after successfully logging in)
send a pageview hit from this Intranet website to the main website together with a custom dimension, e.g.
ga('send', 'pageview', {
'dimension1': 'I am a intranet user'
});
Is this correct?
Does the above mentioned solution have any impact on my Analytics data in the main website (e.g. more pageviews due to the tracking code added to the intranet website, or strange behaviours in counting user sessions, etc.)?
Thanks a lot.
UPDATE:
Actually, the solutions proposed below would not work because the 2 websites (intranet and not-intranet) are considered different domains.
So, even if I had the following domains
intranet website: http://intranet.mycompany.com
company website: http://www.mycompany.com
and I sent data to the same UA account (i.e. the company website UA account), they would be counted as different visits.
Quoting Google (see https://developers.google.com/analytics/devguides/collection/gajs/gaTrackingSite#profilesKey)
If a user independently visits two sites that are tracking in the same
view (profile), such as through a bookmark, these visits will still be
counted under separate sessions. In this scenario, the linking methods
are not invoked, and thus there is no way to determine the initiating
session for a given user.
So, how could I solve my problem?
Would it be possible to solve it by implementing cross-domain tracking (https://support.google.com/analytics/answer/1034342?hl=en), and how?
Thanks a lot.
Can I use a custom dimension to solve this problem, or is there a better way?
Yes, custom dimension is perfect for this.
Custom dimension data has to be sent via hits
The User-level scope is more appropriate than the hit-level one for what you want to achieve. The linked document explains in detail why, and gives an example similar to your use case.
Does the above mentioned solution have any impact on my Analytics data in the main website
Yes, impact is mainly that you will have extra data corresponding to the visits to the intranet.
A custom dimension works well for your purpose. You will get additional hits for visits on your intranet site, but you can segment them out via the custom dimension to separate between inter/intranet.
Since the intranet requires a login there is one other way you could try, which would have the additional benefit of allowing for cross-device tracking (if that is beneficial to you).
Google calls this "userID", despite the fact that it must not be used to identify individual users. On login you pass in a unique value per user that is set by your backend system (UUID format is suggest but any unique string would work). Since it is not assigned by the tracking code but set by your system it will be the same id on every device. It is used to de-duplicate users, i.e. persons that log in from multiple devices will be recognized as single users (also useful if people delete their cookies - the userID can be used to aggregate sessions into unique visitors).
To make this work you need to set up a special view that contains only data from visits where the userId is set (so you would have a view for your public site and a view only for your logged-in users). You get a few special reports, for example one to tell you how many users log in from different device categories.
What the userID should not do, and in fact must not do according to Googles terms of service, is to identify individuals. The userId is not exposed in the Interface, and you must not store it as a custom dimension. If you store it on the client side in a cookie you must unset it once the users log out. It is merely there to allow continuous tracking of users independently from cookies (plus you need to amend your privacy policy if you want to use this).
Of course you can combine both approaches to get even more insights.
I am looking to query Piwik API in real-time to get stats on the current visitor. For example, I have a javascript file that'd I'd like to fetch Piwik API JSON with to get info on the visitor who is using the page which contains the javascript file (referrer, mobile/desktop, location etc.)
As far as I understand Piwik must have this data to generate analytics on per-user basis. My fear is that it might not actually allow querying this info in the way I've described above. If that's the case, what can I do to obtain it from PW? Obviously API method would be better, but if not I'd like to use the same system to make real-time reports as the one I use to generate stats on the groups of the users this particular one belongs to.
According to their API page, the PIWIK Live! widget refreshes every 5 seconds, and displays new visits. For each visitor, you can see:
date
number of actions
time spent on the site
country
browser
operating system
whether the visitor is new or a returning visit
the referrer used to access your site (Search engine & keyword, Campaign,
or Referrer website)
whether the visitor converted a goal
You can query the Live! API Module and the use the Live.getLastVisitsDetails method to get the data you asked about.
Most 3rd party analytics services that rely on client-side tracking (i.e. Javascript tags) are built around the assumption that you want to push data to the third party's servers, and then use their reporting front-end.
For a company with a large data warehouse, there is often a requirement to join the web (or mobile) events data to offline data on a persistent unique user id. From there, the company will have it's data scientist/devs/analysts build custom reports and front end dashboards.
I'm looking for a solution that handles all client-side tracking, but assumes you want to push the data to a local data warehouse. The solution must allow for a persistent unique user id to be associated with each event (unlike Google Analytics). I am NOT concerned with a reporting front end.
EDIT: the real limitation seems to be exporting data at per-event, per-user granularity from an API call, intra-day. Mixpanel allows this level of granularity, but only every 24 hours as a data dump.
edit based on clarification in comments
A couple clarifications: 1. I'm looking to push web event data to my
own servers, not push offline data to Google's Servers. 2. Google does
not allow for export of data at per user id granularity. 3. Mixpanel
does allow for export at per user id granularity, but only every 24
hours as a giant data dump
Here are the 2 that I have seen come up most often in my web analytics adventures:
Piwik is an open source tracking solution that you install and collect data on your own server. The main advantage to this one is that it's free. But it is also really popular and has a robust community.
Alternatively, WebTrends, has a version that can be installed on your own server (Analytics on Premises). Personally I'm not a fan of WebTrends, but I've had some clients swear by it for reasons unknown to me.
Can I use a Google Drive spreadsheet as if it were (similar to) a MySQL database?
I'm thinking of using it as a player database for an HTML/JavaScript web game. The player's username, password, and score among other things would be saved in the database. It would be really interesting if it could actually work, however it of course has to be secure and private so that no player (or anyone on the internet for that matter) can access it except the owner of the spreadsheet which would be me for example.
I know that Google Apps Script allows a user to access their own spreadsheet and read/write to it, but is there a way that I could allow other users to "save their score" to MY spreadsheet WITHOUT giving them permission to view/edit the spreadsheet directly?
Also, i'm assuming PHP/Python/some other server-side language would have to be used in order to hide my account info which I also assume would be needed to open and close the connection with my spreadsheet.
Anyways, I'm just wondering if this is feasible.. literally turning a Google Drive spreadsheet into a database that players can update their score to but not have direct access to it.
This may be a stupid idea, so your opinions are welcome!
Thanks in advance!
This is the right way to do it.
Another post explaining the same idea.
Essentially, we publish the spreadsheet and query it using a "select"-like syntax. For instance:
this query which reads something like:
https://spreadsheets.google.com/tq?tqx=out:html&tq=select+B,C,I&key=phNtm3LmDZEObQ2itmSqHIA
This is for querying data (reading). For inserting, you can use google forms (create a form, see its html and submit using a http post request). I have not explored update yet.
And yes, this has to be done server side.
Answers saying you need an extra server or oauth are incorrect.
Just publish an appscript (anonymous public) service using your permissions. For all operations always pass the username and password thus you validate users on every call. Call the service from client js using ajax.
Store it in scriptdb [update: scriptDb is deprecated now]. If you use spreadsheet for storage it will get slow with many rows.
In any case it will be slow if you use appscript.
Without a server-side service that implements another authentication layer for client libraries and use Google auth to talk to Drive, this is not possible.