Solved

OAuth2 authentication and projections access failing

  • 14 February 2022
  • 2 replies
  • 277 views
M
Rank
Userlevel 2
Badge +5

I am able to generate and use a token with Postman but I cannot replicate that behavior in .NET code.
1. In Postman, I first generate a new token. 

2. Authentication worked so I can proceed. 

3. I copy the id_token in the clipboard and click on the 'Use Token' button.   

4. Instead of using the access-token directly, I paste the id_token in the token box of a get request and send it.  

5. If I do not execute step 4, the rest of the procedure does not work.

6. After that step, I can query data from projections or metadata.  

 

When replicating this programmatically, I tried many different variations without success (one of my multiple attempts in image below). 


How can this kind of authentication be done?

icon

Best answer by Ravi De Silva 25 February 2022, 12:12

View original
This topic has been closed for comments

2 replies

Ravi De Silva
Rank
Userlevel 2
Badge +4

Hi,

I am not sure whether this will help you. But below link is having much more information.

 

https://docs.ifs.com/techdocs/Foundation1/010_overview/210_security/030_authentication/oauth2.htm

 

Best regards,

Ravi

 

M
Rank
Userlevel 2
Badge +5

Thank you for the link. I finally found a solution in a blog from Damith Jinasena https://dsj23.me/2021/01/08/ifs-authentication-flow-with-oauth-and-openid-connect/

Trying in my app using the details provided on this webpage did not work so I tried with his Sample app to demo OAuth2 from with PKCE in IFS 10 at the end of his blog: https://dsj23.me/2021/01/08/ifs-authentication-flow-with-oauth-and-openid-connect/#sample-app-to-demo-oauth2-flow-with-pkce-in-ifs-10

If that link above is broken, it opens this GitHub page: https://github.com/knakit/IFS-OAuth

That app was working with our own IFS instance but not with the IFS instance of our customer who was using ADFS as described in the link sent in the response of Ravi De Silva (I tried with the information in that page but same result: ok here but not working with our customer’s IFS).

Displaying a browser is required (as in solution from Damith Jinasena) but I realized that the corrent callback URL to use is not the one calculated by his sample app but is the one that Postman used (discovered after using Fiddler). I do not know how Postman calculate or find that URL but I put a patch in my code to use an alternate callback URL in the case of an OAuth2/ADFS connection.

I will mark the answer from Ravi De Silva as the Best Answer so that topic will be marked as solved.

Terms & ConditionsCookie settings