Curtis Minns

My feedback

  1. 87 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    47 comments  ·  Wishlist » Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
    Curtis Minns supported this idea  · 
  2. 20 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments  ·  Wishlist » Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
    Curtis Minns supported this idea  · 
  3. 26 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    21 comments  ·  Wishlist » Contacts  ·  Flag idea as inappropriate…  ·  Admin →

    This is on hold as of now. We analyzed and even prototyped a solution some time ago, but our priorities changed and now we’re focusing top-voted items – and this one has to wait its turn. But we will get back to it at some point, just cannot tell when yet.

    Curtis Minns supported this idea  · 
  4. 34 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    14 comments  ·  Wishlist » Security / Privacy  ·  Flag idea as inappropriate…  ·  Admin →
    Curtis Minns supported this idea  · 
  5. 2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    21 comments  ·  Developers » API  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Curtis Minns commented  · 

    Hi Robin,

    You're right, I could probably get away with security by obscurity for the scenario I mentioned. I had started designing something like that last year but didn't get around to implementing it. It's less desirable since the javascript code is visible to any member and we have an international community.

    I also have another case where I want to store a custom dates that display when a member has last received specific annual gifts. I don't mind if the member can see the date fields but the organization doesn't want this information shared with other members.

    For you, I'd recommend looping through the array returned by data.FieldValues and search for the SystemCode that matches your custom Home Phone field.

    for (var i in data.FieldValues) {
    if (data.FieldValues[i].SystemCode == "custom-3107385") {
    var homePhone = data.FieldValues[i].Value;
    // value for Home Phone is now stored as homePhone
    break;
    // break out of for loop once Home Phone field is found
    } else {
    // Do something if Home Phone field is not found
    }
    }

    An error occurred while saving the comment
    Curtis Minns commented  · 

    I need application credentials (ID + secret) for each member so they can authenticate against an external public web application. This is what I am envisioning:

    • WA app gets member ID --> sends to external app --> external app sets secret key for member using the WA admin API --> sends challenge response back to WA app

    • WA app gets member ID + secret key --> sends to external app --> external app verifies ID + secret key (completes authentication) --> sends session key + expiration date back to WA app

    • WA app is now authorized to send member specific data to external app using session key until expiration date

    • Once expiration date is reached, authentication process must repeat to obtain new session key

    An error occurred while saving the comment
    Curtis Minns commented  · 

    Hi Robin,

    I think I may have found the answer for accessing the current user's custom fields here: https://app.swaggerhub.com/apis-docs/WildApricot/wild-apricot_api_for_non_administrative_access/1.0.0#/Contacts/get_accounts__accountId__contacts_me

    If you make a call using the following:
    /sys/api/publicview/v1/accounts/{accountId}/contacts/me?includeDetails=true

    (note: without ?includeDetails=true, it will not return custom fields)

    This should get back all the fields and values to which the current user has view only or edit access. If the custom field is set to "No access - Internal use", it will not be returned with this call. The only issue is they're all under the "FieldValues" array so you'll need to loop through this to find the one you need.

    Not sure if this resolves your problem. It gets me much closer but I still have the issue that if a field has member access permissions of "edit" or "view only", each member has the ability to change the default setting for how others can access that field. I need a "view only - internal use" option where the user can never change the value (only set/changed by an admin) and no one else can ever view the field.

    Let me know if it works for you.

    An error occurred while saving the comment
    Curtis Minns commented  · 

    No worries! I was hoping maybe I had missed something. Hopefully Dmitry or one of the other product owners can provide an update. It's been almost a year since I initially posed this.

    An error occurred while saving the comment
    Curtis Minns commented  · 

    I have been dumping out the entire data object to the browser console: console.log(JSON.stringify(data))

    The only values I can retrieve are:
    "AdministrativeRoleTypes"
    "FirstName"
    "LastName"
    "Email"
    "DisplayName"
    "MembershipLevel"
    "Status"
    "Id"
    "Url"
    "IsAccountAdministrator"
    "TermsOfUseAccepted"

    I'm not sure why the Phone field does not appear. I just tried a couple of test accounts and haven't been able to get this to work. I also don't have Organization or PendingRenewal.

    An error occurred while saving the comment
    Curtis Minns commented  · 

    The issue with reusing one of the current systems fields is that members have the ability to modify this data under their profile and make it viewable to others. I really need a field that cannot be modified by anyone other than an Administrator, is view only to the member, and can never be viewed by others (member cannot change this).

    It might be helpful to see the custom code. I wasn't aware that fields like phone number could be pulled using JavaScript. I'm using the code as described here: https://gethelp.wildapricot.com/en/articles/1705-working-with-api-from-javascript

    An error occurred while saving the comment
    Curtis Minns commented  · 

    Hi Robin,

    No, I haven't received any update from WA about retrieving custom fields using calls to the API from JavaScript. If there's any way of retrieving custom field data from within a WA site page, that would be really useful.

    Curtis Minns shared this idea  · 

Feedback and Knowledge Base