cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Help us improve the PTC Community by taking this short Community Survey! X

Connect API Using Windows Credentials

nborrerojr.
7-Bedrock

Connect API Using Windows Credentials

Is it possible to connect the API using Windows credentials? For example, if you are using SharePoint, you can send credentials using System.Net.CredentialCache.DefaultNetworkCredentials which sends a "security package" or something like that with your WIndows logon credentials.

11 REPLIES 11
KaelLizak
14-Alexandrite
(To:nborrerojr.)

Hello Nolin,

I'm not sure on this, since I've never had a situation in which I could test this, but on the server, if you edit <ServerRoot>/config/client/IntegrityClientSite.rc, looking at the daemon.authenticationPolicy setting.  If this can work, I think you need to take a look at setting it to "mks.ic.common.policy.ICAuthenticatedSessionPolicy", then setting daemon.authenticationURL=<YourAuthenticationURL>.  I'm not sure what the authentication URL would be in the case of a Windows domain, though.

If you get stuck, it may be worth opening a case.

Regards,
Kael


Kind Regards,
Kael Lizak

Senior Technical Support Engineer
PTC Integrity Lifecycle Manager

Kael,

I'm not sure I completely follow, but if I did, how would I connect with the API once the authentication url was entered? Would I just leave out user name and password from API calls? I did find the file and the section you're talking about.

Thanks,

Nolin

Kael,

I talked to our guy in IT that deals with the back end and he seems to understand this. Next week we're going to try it out so I'll let you know how that goes. One question though, what is <YourAuthenticationURL>? Is this IntegrityURL:Port/im or something like that? Or is the URL not related to Integrity?

Thanks,

Nolin

KaelLizak
14-Alexandrite
(To:nborrerojr.)

Hi Nolin,

<YourAuthenticationURL> is an external (non-Integrity) page--which you specify--that will return "200/OK" if the user is valid, or "403/Forbidden" otherwise.  It can be literally any web page you can direct users to, so any web page that will return "200/OK" for authenticated users, and "403/Forbidden" otherwise would work.

As I mentioned before, I've never had a situation in which to test this, although looking at it some more, it should be easy to just create a web page to return either header response all the time.  Getting it to return "200/OK" only for valid users is a bit trickier, but should still be relatively simple if you know what you're doing, know how the authentication system works, and know how to access it.  I don't know how your authentication system works, and don't know how to access it via an API, so I'm probably not going to be able to help, but I'd love to hear how you made this work, even in general terms.

Regards,
Kael


Kind Regards,
Kael Lizak

Senior Technical Support Engineer
PTC Integrity Lifecycle Manager

Ah, OK. I think I follow now. I'll pass on this info and let you know how it works out.

Thanks for replying Nolin - we are looking forward to knowing the result.

Best,

Toby

KaelLizak
14-Alexandrite
(To:nborrerojr.)

Hi Nolin Borrero Jr.‌,

How did this work out?

Regards,

Kael


Kind Regards,
Kael Lizak

Senior Technical Support Engineer
PTC Integrity Lifecycle Manager

The person in IT that's going to help me with this has been swamped with Windchill stuff so we haven't been able to try this out yet. We still plan on trying it out though. I'm hoping we will have it setup before the end of November though.

KaelLizak
14-Alexandrite
(To:nborrerojr.)

Thanks Nolin,

We're still looking forward to hearing about your results.

Regards,
Kael


Kind Regards,
Kael Lizak

Senior Technical Support Engineer
PTC Integrity Lifecycle Manager

Kael,

Unfortunately we haven't been able to set this up yet. I'm hoping we'll be able to try within the next two weeks but the IT guy hasn't been able to work this yet.

Thanks,

Nolin

KaelLizak
14-Alexandrite
(To:nborrerojr.)

Hi Nolin Borrero Jr.‌,

Based on previous general experience, I suspect we'll have to wait until next calendar year.

Thanks for updating us!

-Kael


Kind Regards,
Kael Lizak

Senior Technical Support Engineer
PTC Integrity Lifecycle Manager
Top Tags