AnsweredAssumed Answered

Rest Connectors with OAUTH2.0

Question asked by Sunita Bhat on Mar 11, 2020
Latest reply on Apr 3, 2020 by Neeraja Mahajan

Like • Show 0 Likes0
Comment • 2

Hello All,

I am trying to integrate an endpoint with RestWebservice Connector. I am using RSAIG&L 7.1.0.169169 P09_HF04.

Note: I have a OAUTH2.0 server from where I get access token and I have a separate server which is my application endpoint.

Setup: The connector settings are correct and I am able to generate the OAuth2.0 access token when I use the button "Get OAuth2.0 acess token". I can verify this by looking at the database record in the table T_OAUTH_RECORD.

Issue: My trouble starts when I am testing a capability.

1>I am not sure how and where this Access Token gets passed at run time. I have enabled all the logging (ACM and AFX) but can't see this data.

2> Support team tells me that it goes though a variable called ${setting.access_token} but I am unable to see its content even through I tried to add this to the request body.

3> I am not sure where my login capability should point to? The command path is relative to endpoint but I think I should be go to OAUTH server.

Any one has used this connectors successfully?

Mostafa Helmy

Mar 12, 2020 5:38 AM

Correct Answer

Hi Sunita,

The OAuth 2.0 token is not passed at run-time automatically. You need to explicitly add the Authorization Header to all your connector capabilities.

Note that the variable name is case-sensitive. Please use it as follows. For each used capability, add the following header:

Name: Authorization

Value: Bearer ${Settings.access_token}

If you use OAuth 2.0 and the endpoint only requires the OAuth 2.0 token, then you do not need to use the login capability.
- The login capability is if you use any other token-based authentication that needs to be called before each capability (for example: IGL's own Web Services).
- I've seen some endpoints that have a 2-step authentication. 1^St Step is getting an OAuth 2.0 token, then they use that token to generate another Session token that is required on the capability level. Those endpoints would required both OAuth 2.0 and the Login capability.

Hope this helps!

See the reply in context

No one else had this question

Outcomes

2 Replies

Mostafa Helmy Mar 12, 2020 5:38 AM
Unmark Correct
Correct Answer
Hi Sunita,

The OAuth 2.0 token is not passed at run-time automatically. You need to explicitly add the Authorization Header to all your connector capabilities.

Note that the variable name is case-sensitive. Please use it as follows. For each used capability, add the following header:

Name: Authorization
Value: Bearer ${Settings.access_token}

If you use OAuth 2.0 and the endpoint only requires the OAuth 2.0 token, then you do not need to use the login capability.
The login capability is if you use any other token-based authentication that needs to be called before each capability (for example: IGL's own Web Services).
I've seen some endpoints that have a 2-step authentication. 1^St Step is getting an OAuth 2.0 token, then they use that token to generate another Session token that is required on the capability level. Those endpoints would required both OAuth 2.0 and the Login capability.

Hope this helps!
Like • Show 1 Like1
Actions
- Neeraja Mahajan @ Mostafa Helmy on Apr 3, 2020 12:09 PM
  Mark Correct
  Correct Answer
  Hello Mostafa Helmy,
  
  Could you please share RESTful Web Service Connector Settings tab's sample screenshot, to know what configuration parameters must be filled in order to get the OAuth2.0 access token.
  
  Thanks,
  Neeraja Mahajan
  Like • Show 0 Likes0
  Actions

Rest Connectors with OAUTH2.0

Outcomes

Related Content

Recommended Content