cancel
Showing results for 
Search instead for 
Did you mean: 

How to call Alfresco Rest API's using OAuth instead of using Basic Auth?

talape_deepak
Champ in-the-making
Champ in-the-making
I have to integrate my external application with Alfresco using Alfresco Rest API's, Where I have to call these API's from my custom java microservices using OAuth/OAuth 2.0 instead of using Basic Auth. (There is a separate service account in AD which I have to use for calling ACS rest API's)
 
Please let me know, how can I get the Auth Tokens for my service account user, so I can pass those tokens while calling rest API.

Alfresco Version: Alfresco Content Service 6.2.2 (Enterprise Edition)

4 REPLIES 4

talape_deepak
Champ in-the-making
Champ in-the-making

@ilseva Thanks for the quick response.

Actually, we have already configured the identity service with keycloak, and all the AD user's are able to login to ACS Share using SSO.

But, I am not understanding which URL's I have to use for getting auth token before calling the ACS rest API from external application. 

Can you please share the API urls to get the auth token and the sequence in which I have to call them before calling Actual Alfresco API. 

If possible, please share the exact url which i can use from postman to get auth token's and later I can use those auth tokens to call Alfresco API.

Any suggestions or inputs will be really appreciated.

Thanks in Advance.

I think that the URL you have to call to obtain the token has nothing to do with alfresco.

You have to use Keycloak API: https://www.keycloak.org/docs/latest/authorization_services/#_service_overview

I'm struggling with same dilemma. We have SSO configured and working for both Share and ADW to use two factor authentication for our user accounts. But, the only way I can figure out to connect to REST API is to use an INTERNAL Aflresco account and Basic Authorization (single factor authentication; ID and password only). 

Have you figured out a way to connect to REST API through external authentication?

Support suggested using the ticket mechanism, but you have to make an API call to get the ticket and pass ID/password. I can't authenticate with my external user account with just ID/password; it requires 2FA through SSO.