Is there a available REST API we can use to authenticate IFS user. Basically give ifs user id and password as basic auth and check user is a valid ifs user or not. I’m using App10 UPD9.
Solved
Authenticate IFS user via Available REST API
Best answer by Rifki Razick
There is no API to authenticate a user, there shouldn’t be. The HTTP basic authentication flow works by embedding the auth information in the request header of the API call used to perform some (business) operation. In other words both authentication and business operation happens via a single HTTP request. Using a separate (dedicated) API to check if a user is authenticated/valid is not a good pattern IMO. Ideally authentication should be done using OAuth/OpenID instead of Basic wherever possible.
This topic has been closed for comments
+9There is no API to authenticate a user, there shouldn’t be. The HTTP basic authentication flow works by embedding the auth information in the request header of the API call used to perform some (business) operation. In other words both authentication and business operation happens via a single HTTP request. Using a separate (dedicated) API to check if a user is authenticated/valid is not a good pattern IMO. Ideally authentication should be done using OAuth/OpenID instead of Basic wherever possible.
Rifki Razick wrote:
There is no API to authenticate a user, there shouldn’t be. The HTTP basic authentication flow works by embedding the auth information in the request header of the API call used to perform some (business) operation. In other words both authentication and business operation happens via a single HTTP request. Using a separate (dedicated) API to check if a user is authenticated/valid is not a good pattern IMO. Ideally authentication should be done using OAuth/OpenID instead of Basic wherever possible.
Going off this, then, couldn’t someone perform any REST API call (a simple data gather would suffice), and if it fails, the login is known to be inadequate. If it succeeds, the login credentials must be good.
Would that be an acceptable answer for the originally posted question?
Thanks,
Joe Kaufman
+21Hi
What are you trying to accomplish using the REST API to authenticate an IFS user? Are you trying to integrate another system with IFS to exchange data or are you trying to create a mobile application to provide users with some sort of functionality within IFS. As
Regards,
William Klotz
Hi William,
Yes I’m trying to create external web application and read write data to IFS and facilitate IFS users to log in and see data and do necessary functions according to their access level in IFS. As an initial step I’m trying to give user login and check the user is valid IFS user here.
Thanks!
djay wrote:
Hi William,
Yes I’m trying to create external web application and read write data to IFS and facilitate IFS users to log in and see data and do necessary functions according to their access level in IFS. As an initial step I’m trying to give user login and check the user is valid IFS user here.
Thanks!
Then I think the idea to do a really simple REST API call and just see if it works is your best route.
Though, you could just write your app, and when they try an operation they will immediately know if their login works or not. *smile* Not really any need to check separately, is there?
Thanks,
Joe Kaufman
sutekh137 wrote:
djay wrote:
Hi William,
Yes I’m trying to create external web application and read write data to IFS and facilitate IFS users to log in and see data and do necessary functions according to their access level in IFS. As an initial step I’m trying to give user login and check the user is valid IFS user here.
Thanks!
Then I think the idea to do a really simple REST API call and just see if it works is your best route.
Though, you could just write your app, and when they try an operation they will immediately know if their login works or not. *smile* Not really any need to check separately, is there?
Thanks,
Joe Kaufman
Hi William,
Yes. That’s correct since there’s no general that should be the possible alternative.
Thanks !
Something ive found is when you log into the IFS cloud environment via web browser.
Credentials entered are submitted to an authenticate path and a html is returned containing a redirect to the internal IFS cloud system.
The html returned from the auth url states a 302 response “found” which could be handled to allow progression in your application to a different screen.
I am currently working on this process within power apps and using an Iframe component + flow to handle a 302 response and navigate to another screen within the power app.
There could be a similar process when using aurena for apps 10, i haven’t tested this as of yet.
Hope this guides you,
Kind regards,
Brian
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.