Skip to main content
N
nborrerojr.1-Visitor
1-Visitor
September 15, 2015
Question

Connect API Using Windows Credentials

  • September 15, 2015
  • 1 reply
  • 6333 views

Is it possible to connect the API using Windows credentials? For example, if you are using SharePoint, you can send credentials using System.Net.CredentialCache.DefaultNetworkCredentials which sends a "security package" or something like that with your WIndows logon credentials.

    1 reply

    K
    KaelLizak16-Pearl
    16-Pearl
    September 17, 2015

    Hello Nolin,

    I'm not sure on this, since I've never had a situation in which I could test this, but on the server, if you edit <ServerRoot>/config/client/IntegrityClientSite.rc, looking at the daemon.authenticationPolicy setting.  If this can work, I think you need to take a look at setting it to "mks.ic.common.policy.ICAuthenticatedSessionPolicy", then setting daemon.authenticationURL=<YourAuthenticationURL>.  I'm not sure what the authentication URL would be in the case of a Windows domain, though.

    If you get stuck, it may be worth opening a case.

    Regards,
    Kael

    N
    nborrerojr.1-VisitorAuthor
    1-Visitor
    September 17, 2015

    Kael,

    I talked to our guy in IT that deals with the back end and he seems to understand this. Next week we're going to try it out so I'll let you know how that goes. One question though, what is <YourAuthenticationURL>? Is this IntegrityURL:Port/im or something like that? Or is the URL not related to Integrity?

    Thanks,

    Nolin

    K
    KaelLizak16-Pearl
    16-Pearl
    September 18, 2015

    Hi Nolin,

    <YourAuthenticationURL> is an external (non-Integrity) page--which you specify--that will return "200/OK" if the user is valid, or "403/Forbidden" otherwise.  It can be literally any web page you can direct users to, so any web page that will return "200/OK" for authenticated users, and "403/Forbidden" otherwise would work.

    As I mentioned before, I've never had a situation in which to test this, although looking at it some more, it should be easy to just create a web page to return either header response all the time.  Getting it to return "200/OK" only for valid users is a bit trickier, but should still be relatively simple if you know what you're doing, know how the authentication system works, and know how to access it.  I don't know how your authentication system works, and don't know how to access it via an API, so I'm probably not going to be able to help, but I'd love to hear how you made this work, even in general terms.

    Regards,
    Kael

    Terms & ConditionsCookie settingsAccessibility statement