Solved

Authenticate IFS user via Available REST API

  • 18 August 2021
  • 7 replies
  • 639 views
D
Rank
Userlevel 3
Badge +7
  • djay
  • Hero (Customer)
  • 27 replies

Is there a available REST API we can use to authenticate IFS user. Basically give ifs user id and password as basic auth and check user is a valid ifs user or not. I’m using App10 UPD9.

icon

Best answer by Rifki Razick 18 August 2021, 08:06

View original
Thilina Jayasinghe
This topic has been closed for comments

7 replies

Rifki Razick
Rank
Userlevel 4
Badge +9

There is no API to authenticate a user, there shouldn’t be. The HTTP basic authentication flow works by embedding the auth information in the request header of the API call used to perform some (business) operation. In other words both authentication and business operation happens via a single HTTP request. Using a separate (dedicated) API to check if a user is authenticated/valid is not a good pattern IMO. Ideally authentication should be done using OAuth/OpenID instead of Basic wherever possible.

Rifki
S
Rank
Userlevel 6
Badge +12

There is no API to authenticate a user, there shouldn’t be. The HTTP basic authentication flow works by embedding the auth information in the request header of the API call used to perform some (business) operation. In other words both authentication and business operation happens via a single HTTP request. Using a separate (dedicated) API to check if a user is authenticated/valid is not a good pattern IMO. Ideally authentication should be done using OAuth/OpenID instead of Basic wherever possible.

 

Going off this, then, couldn’t someone perform any REST API call (a simple data gather would suffice), and if it fails, the login is known to be inadequate. If it succeeds, the login credentials must be good.

Would that be an acceptable answer for the originally posted question?

 

Thanks,

Joe Kaufman

Just because something is part of a plan doesn't make it right.
william.klotz
Rank
Userlevel 7
Badge +21

Hi @djay ,

 

What are you trying to accomplish using the REST API to authenticate an IFS user?   Are you trying to integrate another system with IFS to exchange data or are you trying to create a mobile application to provide users with some sort of functionality within IFS.   As @Rifki Razick  stated you have two choices to authenticate using REST API either Basic or OAuth/OpenID.  Using Basic Authentication would be acceptable if integrating systems but I would recommend using OAuth/OpenID if creating a mobile application for example.

 

Regards,

William Klotz

D
Rank
Userlevel 3
Badge +7

Hi William,

Yes I’m trying to create external web application and read write data to IFS and facilitate IFS users to log in and see data and do necessary functions according to their access level in IFS. As an initial step I’m trying to give user login and check the user is valid IFS user here. 

 

Thanks!

Thilina Jayasinghe
S
Rank
Userlevel 6
Badge +12

Hi William,

Yes I’m trying to create external web application and read write data to IFS and facilitate IFS users to log in and see data and do necessary functions according to their access level in IFS. As an initial step I’m trying to give user login and check the user is valid IFS user here. 

 

Thanks!

Then I think the idea to do a really simple REST API call and just see if it works is your best route.

Though, you could just write your app, and when they try an operation they will immediately know if their login works or not.  *smile*  Not really any need to check separately, is there?

 

Thanks,

Joe Kaufman

Just because something is part of a plan doesn't make it right.
D
Rank
Userlevel 3
Badge +7

Hi William,

Yes I’m trying to create external web application and read write data to IFS and facilitate IFS users to log in and see data and do necessary functions according to their access level in IFS. As an initial step I’m trying to give user login and check the user is valid IFS user here. 

 

Thanks!

Then I think the idea to do a really simple REST API call and just see if it works is your best route.

Though, you could just write your app, and when they try an operation they will immediately know if their login works or not.  *smile*  Not really any need to check separately, is there?

 

Thanks,

Joe Kaufman

Hi William,

Yes. That’s correct since there’s no general that should be the possible alternative.

Thanks !

 

Thilina Jayasinghe
B
Rank
Badge +3

Something ive found is when you log into the IFS cloud environment via web browser.

Credentials entered are submitted to an authenticate path and a html is returned containing a redirect to the internal IFS cloud system.

The html returned from the auth url states a 302 response “found” which could be handled to allow progression in your application to a different screen.

 

I am currently working on this process within power apps and using an Iframe component + flow to handle a 302 response and navigate to another screen within the power app.

 

There could be a similar process when using aurena for apps 10, i haven’t tested this as of yet.

 

Hope this guides you,

 

Kind regards,

 

Brian 

Terms & ConditionsCookie settings