ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum IndexWebSphere Message Broker Supportmultiple authentication methods with same REST resources

Post new topicReply to topic
multiple authentication methods with same REST resources View previous topic :: View next topic
Author Message
abtimo
PostPosted: Tue Sep 08, 2020 6:52 pm Post subject: multiple authentication methods with same REST resources Reply with quote

Novice

Joined: 24 Mar 2015
Posts: 13

Hello. i am curious if there is any chance to discuss here questions related to multiple authentication methods with same REST resources implemented on IBM API Connect ? Otherwise which forum would be most appropriate ? Thank you in advance.
Back to top
View user's profile Send private message
Vitor
PostPosted: Wed Sep 09, 2020 4:55 am Post subject: Re: multiple authentication methods with same REST resources Reply with quote

Grand High Poobah

Joined: 11 Nov 2005
Posts: 26041
Location: Texas, USA

abtimo wrote:
if there is any chance to discuss here questions related to multiple authentication methods with same REST resources implemented on IBM API Connect ?


If this is the wrong place, we can always move the thread later.
_________________
Honesty is the best policy.
Insanity is the best defence.
Back to top
View user's profile Send private message
abtimo
PostPosted: Sun Sep 13, 2020 7:18 pm Post subject: Re: multiple authentication methods with same REST resources Reply with quote

Novice

Joined: 24 Mar 2015
Posts: 13

Thanks. The original problem was my unability to configure APIC Third Party OAuth provider by using AzureAD as third party provider.

The issue with AzureAD was for me the lack of introspection URL so i was unable to verify validity of the AzureAd tokens and retreive the Ressource Owner original id from the token.

It looks like there is some way to validate AzureAD token just by signin it with public key from AzureAd

https://stackoverflow.com/questions/39866513/how-to-validate-azure-ad-security-token

but even with this rather brittle solution to invent some homemade service that must return the information APIC would require, we will still be unable to get real data corresponding to introspection result

So we came up with the idea to be able to authenticate the same api with different methods, like basic authentication, client_id/client_secret and APIC based Native OAuth Provider without duplicating API interface definition.

Alternatively maybe i just do it wrong and APIC third party provider with AzureAD is possible just my usecase is not clear ?

Maybe there is a code snippet available that permits to the custom Native Oauth provider use AzureAD as backend database to retrieve all necessary informations directly using secure trusted connection ?
The reason to use AzureAD and not local repository is the fact that we have got hundreds of thousands profiles there and wanted to keep these profiles in the AzureAD

Vitor wrote:
abtimo wrote:
if there is any chance to discuss here questions related to multiple authentication methods with same REST resources implemented on IBM API Connect ?


If this is the wrong place, we can always move the thread later.
Back to top
View user's profile Send private message
Display posts from previous:
Post new topicReply to topic Page 1 of 1

MQSeries.net Forum IndexWebSphere Message Broker Supportmultiple authentication methods with same REST resources
Jump to:



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP


Theme by Dustin Baccetti
Powered by phpBB 2001, 2002 phpBB Group

Copyright MQSeries.net. All rights reserved.