cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Connect API Using Windows Credentials

Highlighted
Regular Member

Connect API Using Windows Credentials

Is it possible to connect the API using Windows credentials? For example, if you are using SharePoint, you can send credentials using System.Net.CredentialCache.DefaultNetworkCredentials which sends a "security package" or something like that with your WIndows logon credentials.

Tags (1)
11 REPLIES 11

Re: Connect API Using Windows Credentials

Hello Nolin,

I'm not sure on this, since I've never had a situation in which I could test this, but on the server, if you edit <ServerRoot>/config/client/IntegrityClientSite.rc, looking at the daemon.authenticationPolicy setting.  If this can work, I think you need to take a look at setting it to "mks.ic.common.policy.ICAuthenticatedSessionPolicy", then setting daemon.authenticationURL=<YourAuthenticationURL>.  I'm not sure what the authentication URL would be in the case of a Windows domain, though.

If you get stuck, it may be worth opening a case.

Regards,
Kael


Kind Regards,
Kael Lizak

Senior Technical Support Engineer
PTC Integrity Lifecycle Manager

Re: Connect API Using Windows Credentials

Kael,

I'm not sure I completely follow, but if I did, how would I connect with the API once the authentication url was entered? Would I just leave out user name and password from API calls? I did find the file and the section you're talking about.

Thanks,

Nolin

Re: Connect API Using Windows Credentials

Kael,

I talked to our guy in IT that deals with the back end and he seems to understand this. Next week we're going to try it out so I'll let you know how that goes. One question though, what is <YourAuthenticationURL>? Is this IntegrityURL:Port/im or something like that? Or is the URL not related to Integrity?

Thanks,

Nolin

Re: Connect API Using Windows Credentials

Hi Nolin,

<YourAuthenticationURL> is an external (non-Integrity) page--which you specify--that will return "200/OK" if the user is valid, or "403/Forbidden" otherwise.  It can be literally any web page you can direct users to, so any web page that will return "200/OK" for authenticated users, and "403/Forbidden" otherwise would work.

As I mentioned before, I've never had a situation in which to test this, although looking at it some more, it should be easy to just create a web page to return either header response all the time.  Getting it to return "200/OK" only for valid users is a bit trickier, but should still be relatively simple if you know what you're doing, know how the authentication system works, and know how to access it.  I don't know how your authentication system works, and don't know how to access it via an API, so I'm probably not going to be able to help, but I'd love to hear how you made this work, even in general terms.

Regards,
Kael


Kind Regards,
Kael Lizak

Senior Technical Support Engineer
PTC Integrity Lifecycle Manager

Re: Connect API Using Windows Credentials

Ah, OK. I think I follow now. I'll pass on this info and let you know how it works out.

Re: Connect API Using Windows Credentials

Thanks for replying Nolin - we are looking forward to knowing the result.

Best,

Toby

Re: Connect API Using Windows Credentials

Hi Nolin Borrero Jr.‌,

How did this work out?

Regards,

Kael


Kind Regards,
Kael Lizak

Senior Technical Support Engineer
PTC Integrity Lifecycle Manager

Re: Connect API Using Windows Credentials

The person in IT that's going to help me with this has been swamped with Windchill stuff so we haven't been able to try this out yet. We still plan on trying it out though. I'm hoping we will have it setup before the end of November though.

Re: Connect API Using Windows Credentials

Thanks Nolin,

We're still looking forward to hearing about your results.

Regards,
Kael


Kind Regards,
Kael Lizak

Senior Technical Support Engineer
PTC Integrity Lifecycle Manager