Skip to main content

How to enable AD authentication on REST API? is there any documentation for this?

Hi,
Can you provide more information please?  What product is this for?
I don’t know if this is possible though there are alternative options like token authentication for both FSM and PSO.

If you can provide further information I can look into this further.


Hi,
Can you provide more information please?  What product is this for?
I don’t know if this is possible though there are alternative options like token authentication for both FSM and PSO.

If you can provide further information I can look into this further.

This is for IFS application V10 UPD7 version. We want to check if we develop any REST web service or API and third party wants to call it by passing Azure token then how this can be achieved? Azure token validation needs to be happen and then authorized user will be able to access our IFS rest web service. 

This will help us to track and record the data updated on IFS via integration by whom.  

hope it helps to understand my query. 


I’d be interested in this answer, too.

Rephrasing the question, you’d like Active Directory to serve as the authorization server, correct? It would then hand out an authorization grant to the application and an access token with each login.


Not sure if REST framework can handle that yet. Thought that is what “Configuring compatibility mode” (from F1 docs) is all about?


Hello. Since a while back, there is a part in the technical documentation about obtaining access tokens for use with the non-compatibility IFS REST API:s and how to use the tokens. If I understand correctly that you want to use tokens for the IFS Rest APIs, it may be of help to you.

https://docs.ifs.com/techdocs/Foundation1/010_overview/210_security/030_authentication/oauth2.htm


Thanks Björn. that is great news.


Hi

I would like to do the same.

Do you have oauth2 working with IFSRoot/main/  rest endpoint with the ad users rights.

As I understand it here is my simple cookbook:

  1. Create Azure Application
  2. Allow impersonation
  3. scope: user.read 
  4. Login in to azure application. Get the token.
  5. Use the token with IFS rest interface

Is this correct?

Anyone used Azure on Behaf of on the IFS main rest interface?

Microsoft identity platform and OAuth2.0 On-Behalf-Of flow - Microsoft Entra | Microsoft Learn


Reply