This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to use OAuth 2.0 with Application Server via RESTful API

Hi,

Currently we have an application that communicates with the 1IM system via the RESTful API provided by the application server. This communication is currently done via the RoleBasedEmployee Authentication Module. 

We are looking into changing this so the application uses the OAuth2.0Rolebased Authentication Module.

I have managed to enable the OAuth2.0 authentication module itself, this was easy enough. However the next step seems to be rather unclear in the current documentation. Within designer > configuration parameters > Person there is a parameter called OAuthAuthenticator, followed by many OAuth specific parameters. I know I have to enable this to allow a user to login via the RESTful API using OAuth2.0.
Where I am getting stuck / failing to understand is what I need to get OAuth2.0 working with those configuration parameters. 

Does 1IM come with an identity provider / service internally for OAuth2.0? Or do we need to implement one / use an external provider such as google etc...?

Any insight or help is greatly appreciated.

Thank you.

Ash

Parents
  • Thanks again for the quick response Markus, its greatly appreciated.

    I have read and used the technical documentation for Dell STS.
    I have successfully performed a full OAuth workflow with only the Dell STS, by that I mean direct HTTP requests and such with the dell sts.
    Now the last part that I seem to not quite get working is authenticating with the RESTful API (on applcation server) using the OAuth Authentication Module.

    I shall describe my attempts:

    I Perform the Authentication with STS to obtain OAuthCode.
    I do this forexample over dell2012svr2.dell.iamdemo.int/.../login

    I get the code which starts with eyJ0eXAiOi.... (wont list out the whole thing)

    Now I want to use the oauth code with the OAuth module for authenticating via the API:
    The OAuth Authentication module details:
    [
    {
    "id": "OAuth",
    "caption": "OAuth 2.0 / OpenID Connect",
    "authTemplate": "Module=OAuth;(OAuth2Code)Code=;(Hidden)AppUrl=;(Hidden)ClientId=;(Hidden)Nonce=;(Hidden)RedirectUri=",
    "passwordBased": false,
    "isDefault": false
    }
    ]

    I do a POST call to 192.168.42.176/.../apphost with the body of
    {"authString":"Module=OAuth;Code=eyJ0eXAiOi..."}

    However at this point the API responds with:
    {
    "responseStatus": {
    "message": "An error occured."
    },
    "errorString": "An error occured.",
    "exceptions": [
    {
    "number": 2072000,
    "message": "An error occured."
    }
    ]
    }

    I have also tried:
    {"authString":"Module=OAuth;Code=eyJ0eXAiOi...;RedirectUri=urn:InstalledApplication"}

    As state before I have succefully performed the whole OAuth workflow (authenticate, get code, get token ...) with purely talking to the Dell STS but my current use case is to authenticate with the RESTfulAPI on the application server using OAuth.

    I feel like I am very close to reaching the end goal.

    Thanks again

    Ash
Reply
  • Thanks again for the quick response Markus, its greatly appreciated.

    I have read and used the technical documentation for Dell STS.
    I have successfully performed a full OAuth workflow with only the Dell STS, by that I mean direct HTTP requests and such with the dell sts.
    Now the last part that I seem to not quite get working is authenticating with the RESTful API (on applcation server) using the OAuth Authentication Module.

    I shall describe my attempts:

    I Perform the Authentication with STS to obtain OAuthCode.
    I do this forexample over dell2012svr2.dell.iamdemo.int/.../login

    I get the code which starts with eyJ0eXAiOi.... (wont list out the whole thing)

    Now I want to use the oauth code with the OAuth module for authenticating via the API:
    The OAuth Authentication module details:
    [
    {
    "id": "OAuth",
    "caption": "OAuth 2.0 / OpenID Connect",
    "authTemplate": "Module=OAuth;(OAuth2Code)Code=;(Hidden)AppUrl=;(Hidden)ClientId=;(Hidden)Nonce=;(Hidden)RedirectUri=",
    "passwordBased": false,
    "isDefault": false
    }
    ]

    I do a POST call to 192.168.42.176/.../apphost with the body of
    {"authString":"Module=OAuth;Code=eyJ0eXAiOi..."}

    However at this point the API responds with:
    {
    "responseStatus": {
    "message": "An error occured."
    },
    "errorString": "An error occured.",
    "exceptions": [
    {
    "number": 2072000,
    "message": "An error occured."
    }
    ]
    }

    I have also tried:
    {"authString":"Module=OAuth;Code=eyJ0eXAiOi...;RedirectUri=urn:InstalledApplication"}

    As state before I have succefully performed the whole OAuth workflow (authenticate, get code, get token ...) with purely talking to the Dell STS but my current use case is to authenticate with the RESTfulAPI on the application server using OAuth.

    I feel like I am very close to reaching the end goal.

    Thanks again

    Ash
Children
No Data