Hyland Community
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Alfresco JS API Authentication Options

chao
Champ in-the-making
Champ in-the-making

‎11-29-2017 10:17 PM

Is there another option for ECM/BPM authentication without using username and password in the Alfresco Javascript API? Assuming the user is already authenticated through external identity access management system, is there API endpoint to retrieve API token for both ECM and BPM?

0 Kudos
9 REPLIES 9

eugenio_romano
Elite Collaborator
Elite Collaborator

‎11-30-2017 04:57 AM

If you are already auth you can just get the instance and perform the calls

0 Kudos

chao
Champ in-the-making
Champ in-the-making
In response to eugenio_romano

‎11-30-2017 07:54 AM

Thanks for the reply. What I mean is the user is authenticated for the ADF web application, but not authenticated to ECM/BPM.

0 Kudos

eugenio_romano
Elite Collaborator
Elite Collaborator
In response to chao

‎11-30-2017 11:51 AM

Sorry, is not clear to me the difference. The only authentication that ADF can perform is the one against BPM and ECM or both.

0 Kudos

chao
Champ in-the-making
Champ in-the-making
In response to eugenio_romano

‎11-30-2017 12:11 PM

Let's say the ADF web app is protected by IAM, a user logins through external custom interface, then redirected back to the ADF home. How does ADF in this case authenticate against ECM/BPM REST API without using username and password?  

0 Kudos

dvuika
Star Collaborator
Star Collaborator
In response to chao

‎12-01-2017 03:43 AM

JS-API uses basic auth to get the tokens for ACS and APS, and then uses tokens for subsequent calls. If you use external interface you still need a token to talk to ACS and APS. Both "ecmAuth" and "bpmAuth" from JS-API feature a method called "setTicket" that allows assigning a ticket from the outside: alfresco-js-api/ecmAuth.js at master · Alfresco/alfresco-js-api · GitHub 

Hope that helps.

0 Kudos

chao
Champ in-the-making
Champ in-the-making
In response to dvuika

‎12-01-2017 07:49 AM

Thanks Denys, that's helpful.

What kind of token (like JWT?) that ACS/APS can recognize? Is there custom code I need to develop from ACS/APS perspective? or just some configuration. 

0 Kudos

dvuika
Star Collaborator
Star Collaborator
In response to chao

‎12-02-2017 08:18 AM

JS-API just triggers public APS/ACS api, you can refer to the following links for more details on the api:

APS: https://activiti.alfresco.com/activiti-app/api-explorer.html

ACS: https://api-explorer.alfresco.com/api-explorer/

0 Kudos

dvuika
Star Collaborator
Star Collaborator
In response to chao

‎12-02-2017 08:41 AM

You can also read the docs for the JS-API, there are examples for using tickets: https://github.com/Alfresco/alfresco-js-api#login-with-ticket

0 Kudos

chao
Champ in-the-making
Champ in-the-making
In response to dvuika

‎12-02-2017 08:46 AM

Thanks, but I don't know what's the valid ticket to set. I may have the userid or some kind of token from the IDM, such as CA Siteminder.

0 Kudos
Getting started

Explore our Alfresco products with the links below. Use labels to filter content by product module.

Copyright © 2025 Khoros, LLC
li.common.scroll-to.top