This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SecurID® Governance & Lifecycle 7.2 Enablement

SunitaBhat
Beginner
Beginner
‎2020-03-11 06:30 PM

Rest Connectors with OAUTH2.0

Jump to solution

Hello All,

I am trying to integrate an endpoint with RestWebservice Connector. I am using RSAIG&L 7.1.0.169169 P09_HF04.

 

Note: I have a OAUTH2.0 server from where I get access token and I have a separate server which is my application endpoint.

 

Setup: The connector settings are correct and I am able to generate the OAuth2.0 access token when I use the button "Get OAuth2.0 acess token". I can verify this by looking at the database record in the table T_OAUTH_RECORD.

 

Issue: My trouble starts when I am testing a capability.

1>I am not sure how and where this Access Token gets passed at run time. I have enabled all the logging (ACM and AFX) but can't see this data.

2> Support team tells me that it goes though a variable called ${setting.access_token} but I am unable to see its content even through I tried to add this to the request body.

3> I am not sure where my login capability should point to? The command path is relative to endpoint but I think I should be go to OAUTH server.

 

Any one has used this connectors successfully?

0 Likes
Reply
1 Solution

Accepted Solutions
MHelmy
Moderator Moderator
Moderator
‎2020-03-12 05:38 AM

Jump to solution

Hi Sunita,

 

  1. The OAuth 2.0 token is not passed at run-time automatically. You need to explicitly add the Authorization Header to all your connector capabilities.

 

  1. Note that the variable name is case-sensitive. Please use it as follows. For each used capability, add the following header:

Name: Authorization

Value: Bearer ${Settings.access_token}

 

  1. If you use OAuth 2.0 and the endpoint only requires the OAuth 2.0 token, then you do not need to use the login capability.
    • The login capability is if you use any other token-based authentication that needs to be called before each capability (for example: IGL's own Web Services).
    • I've seen some endpoints that have a 2-step authentication. 1St Step is getting an OAuth 2.0 token, then they use that token to generate another Session token that is required on the capability level. Those endpoints would required both OAuth 2.0 and the Login capability.

 

Hope this helps!

View solution in original post

Reply
2 Replies
MHelmy
Moderator Moderator
Moderator
‎2020-03-12 05:38 AM

Jump to solution

Hi Sunita,

 

  1. The OAuth 2.0 token is not passed at run-time automatically. You need to explicitly add the Authorization Header to all your connector capabilities.

 

  1. Note that the variable name is case-sensitive. Please use it as follows. For each used capability, add the following header:

Name: Authorization

Value: Bearer ${Settings.access_token}

 

  1. If you use OAuth 2.0 and the endpoint only requires the OAuth 2.0 token, then you do not need to use the login capability.
    • The login capability is if you use any other token-based authentication that needs to be called before each capability (for example: IGL's own Web Services).
    • I've seen some endpoints that have a 2-step authentication. 1St Step is getting an OAuth 2.0 token, then they use that token to generate another Session token that is required on the capability level. Those endpoints would required both OAuth 2.0 and the Login capability.

 

Hope this helps!

Reply
NeerajaMahajan
Frequent Contributor
Frequent Contributor
In response to MHelmy
‎2020-04-03 12:09 PM

Jump to solution

Hello Mostafa Helmy‌,

 

Could you please share RESTful Web Service Connector Settings tab's sample screenshot, to know what configuration parameters must be filled in order to get the OAuth2.0 access token.

 

Thanks,

Neeraja Mahajan 

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.