Solved

IFS 10 Rest API authentication

  • 7 December 2021
  • 3 replies
  • 1658 views
DomCotton
Rank
Badge +3

I am trying to use the Rest API in IFS 10.  Currently I am struggling with the authentication.  I have found various posts which some say you can use basic authentication, others say it must be oAuth.  However using basic I am constantly receiving a 401 Unauthorized, i can’t find any official documentation explaining how to authenticate using oAuth.

Can anybody help?

Thanks

icon

Best answer by Charith Epitawatta 7 December 2021, 16:07

View original
This topic has been closed for comments

3 replies

Charith Epitawatta
Rank
Userlevel 7
Badge +31

Hi @DomCotton,

Please have a look at following article that explains how to invoke REST endpoints using Postman with basic authentication:

The reason you are getting the 401 error should be because you haven’t added the projection to compatibility application type.

For OAuth2, you can read this informative article written by @dsj in his blog:

https://dsj23.me/2021/01/08/ifs-authentication-flow-with-oauth-and-openid-connect/

Hope this helps!

Charith - https://charith.xyz
DomCotton
Rank
Badge +3

Perfect, solved the issue - thanks!

Only note for future viewers, using a cloud hosted demo IFS10 instance when I clicked on the Compatibility API Doc it asked me for username/password.  However the only difference seems to be the URL, default is “main”, compatibility type is “int”.  Switching this made everything work.

Charith Epitawatta
Rank
Userlevel 7
Badge +31

Hi @DomCotton,

I am glad you were able to make it work. 

It would be worth being aware of security implications of using compatibility application type too, so let me add some info about that as well.

Enabling compatibility application type exposes the projection to be used with basic authentication. By default, only projections of Integration category are exposed through basic authentication. 

For projections that do not have this enabled by default, it should be done selectively when OAuth is not an option and after carefully considering the network security as well. Basic authentication is a legacy technology and does not meet current security or compliance requirements, therefore it is advised to use OAuth as much as possible.

You can find this in following documentation as well:

https://docs.ifs.com/techdocs/foundation1/045_administration_aurena/240_integration/020_api_explorer/default.htm

 

Hope this helps!

Charith - https://charith.xyz
Terms & ConditionsCookie settings