Firebase Authentication provides backend services to authenticate users in Single Page Applications (SPA). To implement, initialize Firebase SDK in your SPA. Use the ‘firebase.auth()’ function for authentication. For sign-up, use ‘createUserWithEmailAndPassword(email, password)’ method. It creates a new user account using an email and password and returns user data. To log-in existing users, use ‘signInWithEmailAndPassword(email, password)’.… Continue reading How would you implement User Authentication using Firebase in a Single Page Application?
Tag: authentication
Understanding Webhook Verification Methods in Celigo
Webhooks are an essential part of automation and integration in Celigo, allowing applications to communicate in real time. To ensure security and authenticity, Celigo provides multiple verification methods when setting up webhook listeners. Here’s an overview of four common verification types: 1. Basic Authentication Basic authentication requires a username and password to verify incoming webhook… Continue reading Understanding Webhook Verification Methods in Celigo
Understanding Bearer Tokens
Bearer tokens are a widely used method for securing API access, particularly in modern web applications and services. They offer a simple yet effective way to authenticate and authorize users. Here’s an in-depth look at what bearer tokens are, how they work, and why they are essential for secure API communication. A bearer token is… Continue reading Understanding Bearer Tokens
NetSuite Discontinues Support for RSA PKCSv1.5 Scheme in OAuth 2.0 from March 1, 2025
As of March 1, 2025, NetSuite will no longer support the RSA PKCSv1.5 scheme for token signing in the OAuth 2.0 client credentials flow. This change is being made for security reasons, as the RSA PKCSv1.5 scheme has known vulnerabilities. This will impact all existing integrations that rely on this deprecated scheme. What Does This… Continue reading NetSuite Discontinues Support for RSA PKCSv1.5 Scheme in OAuth 2.0 from March 1, 2025
Does Celigo Webhook Listener Support Bearer Token Authentication?
What I’m Trying to Do: Receive a webhook POST request with a Bearer Token in the header. Validate the token. Send the data to NetSuite. The Solution: Three ways you could do this without an enhancement (which we should do): Use a MyAPI – since MyAPIs are behind a bearer token only, this could work if you… Continue reading Does Celigo Webhook Listener Support Bearer Token Authentication?
Secrets Management: Filtering Secrets
The API Secrets page provides an overview of the secrets that are stored in NetSuite at Setup > Company > Preferences > API Secrets. You can enter keywords in the Search field to search for a secret by name, description, ID, application ID or owner. There are also filters available to narrow down your choices when searching for… Continue reading Secrets Management: Filtering Secrets
Secrets Management: Creating Secrets
Warning: Do not use sensitive or private information in any of the informational fields in the UI. This information is visible to other users. You can store, manage, and reference API secrets securely in NetSuite at Setup > Company > Preferences > API Secrets. You can then reference these secrets in third party integrations, preventing the need… Continue reading Secrets Management: Creating Secrets
SuiteScript 2.x modules for Secrets Management
SuiteScript 2.x APIs exclusively support the use of secrets for added security in scripting. Here is a guide to the modules and their respective methods or properties that allow access to secrets within SuiteScript 2.x: Module and Method (or Property): N/sftp: sftp.createConnection(options) N/https https.createSecretKey(options) https.createSecureString(options) N/crypto crypto.createSecretKey(options) SecretKey.secret N/keyControl keyControl.createKey(options) Key.password N/certificateControl certificateControl.createCertificate(options) Certificate.password
Securing API Routes in Next.js
Next.js allows us to create API routes that can handle server-side logic. We need to protect these routes by ensuring that only authenticated users can access them. Step 1: Protecting API Routes We can create a middleware function to check for authentication before allowing access to certain routes: // middleware/auth.js import { verify } from… Continue reading Securing API Routes in Next.js
Middleware in Next.js
What Is Middleware? Middleware is a piece of code that runs before a request is completed. It acts as a bridge between the incoming request and your application. By leveraging middleware, you gain flexibility and control over how requests are handled and responses are modified. Use Cases for Middleware: Authentication and Authorization: Middleware ensures user identity… Continue reading Middleware in Next.js