Solved

How to make an outbound rest call from FSM after retrieving the token

  • 10 May 2021
  • 4 replies
  • 437 views
M
Rank
Userlevel 4
Badge +9
  • Miraj
  • Sidekick (Partner)
  • 59 replies

I am trying to make an outbound post request from FSM to an external api using OAuth2.
There is an endpoint to call in order to retrieve the token, and then we can use the token to make calls on other resources.
I tinkered around this with Postman where I can get this to work with two calls (one for the token and then the resource).

Once I have a token(via postman) I can use that token and make the resource related calls from FSM as well. But How do I setup FSM so that I can get the token and call the resource in one go?

I attempted using a process to retrieve a token before the call, but to no avail.

 


Any help would be greatly appreciated

icon

Best answer by Saranga Amaraweera 17 May 2021, 16:18

View original
This topic has been closed for comments

4 replies

Saranga Amaraweera
Rank
Userlevel 7
Badge +22

Hi @Miraj ,

 

Have you already created a valid XML map for outbound message with FSM Connect? 

Assuming that you have already created the xml map, as the second step you need to create a message routing rule.

1. Create the new message routing rule
2. For Routing Type you need to select - ‘Send Message
3. For the Handler select - "Metrix.Integration.Handlers.OAuth2ExtractHandler".
4. For the Dataconnector select - "Metrix.Integration.JSONOutboundConnector".
5. For the Map ID you need to select your desired map id.
6. Save screen and it will populate with routing arguments.

7. For "AccessTokenURL" you need to set the correct token endpoint address (OIDC AD in Azure).

8. For "AuthenticationMode" set "Bearer".
9. For "ClientId" set value of app param OPENID_WEB_APPLICATION_ID.
10. For "ClientSecret" set value of app param OPENID_SECRET.
11. For "HTTPHeaders" set "Content-Type: application/json"
12. For "HTTPMethod" set "POST".
13. Set the correct URL to send.
15. Save and verify that AccessTokenURL, ClientId and ClientSecret arguments are encrypted.
16. Refresh integration cache.

Then you might need to test this in XML poster and check whether this is working fine

SAAALK
M
Rank
Userlevel 4
Badge +9

Hi @Saranga Amaraweera 

Thanks a lot for the detailed response. I followed those steps and tried again.
I’m now running into the following issue,

 


Following is my how my routing rule is setup,

 


When I execute the map with “Test Integration Map” in the Integration Map screen, the routing rule picks up the the message and throws the aforementioned error.

Couple of points to highlight,
You mentioned ​​​​​​​to set certain app params for Client_id, Client_secret etc..Although I just directly added the values for those on the routing rule for testing purposes. Hope this wouldn’t have caused any issue?

You mentioned to specify the correct token endpoint address (OIDC AD in Azure). The token endpoint address I have is an AWS url. Would this be a problem?

Thanks again for the help. Greatly appreciate it :).

Cheers,
Miraj

Saranga Amaraweera
Rank
Userlevel 7
Badge +22

@Miraj ,

 

I’m not quite sure about AWS with this particular method. I have only used this with Azure AD application for the AccessTokenURL. If you have already setup SSO in FSM, then you might be familiar with OIDC implementation. OpenID Connect (OIDC) is a public standard for authentication that enables FSM to use a corporate identity provider to authenticate users of FSM. For more information on OpenID Connect, see https://openid.net/connect/faq

OIDC requires the use of an Identity Provider. FSM supports two specific identity providers:
• Azure Active Directory (Azure AD)
• Active Directory Federated Services (AD FS)
Other OIDC identity providers are not supported by FSM

Therefore, I’m not quite sure about your approach here because you will clearly need to connect with Azure.

OPENID_WEB_APPLICATION_ID, OPENID_SECRET are the application parameters that we setup in FSM for SSO. Therefore, you can’t simply bypass these values in the OAuth2ExtractHandler

SAAALK
F
Rank
Userlevel 2
Badge +4

Did you ever manage to make the first of the calls from IFS FSM instead of from Postman?

We did not succeed in doing just that, and our token expires every 24h, so we need some automation within FSM...

https://community.ifs.com/ifs%2Dfield%2Dservice%2Dmanagement%2Dfsm%2Demployees%2Dpartners%2Donly%2D103/making%2Dan%2Darbitrary%2Doutgoing%2Dintegration%2Dcall%2D14337

 

Terms & ConditionsCookie settings