05-24-2024 12:22 AM
Good morning,
Hope you are doing well,
We are currently in the process of setting up the REST API to integrate with SAML, there is however very little documentation on this, does anyone have a example perhaps of how this should be setup, IE grant type and paramaters required as well as to where the request should be made, or do we just use the standard url for this method of authentication: https://{dns}/idpdev/connect/token?
Any assitance would be perfect
Kind regards
Leon
05-24-2024 06:40 AM
Hi
The REST API requires authentication based on the OAuth2 standard as noted in the SDK ...
https://sdk.onbase.com/rest/OnBase/Foundation23.1/document/programmers-guide/authentication.html
There are two* authentication flows (grant types) which are primarily supported; Password (which passes a user name and password) and Authorization Code (which requires a redirect to a third party identity provider allowing the user to authenticated) (* there are others which are support - such as Token Exchange - since the Hyland Identity Service supports OAuth2, however, only ones which support OpenID can be used since the API Server requires a user account - e.g. Client Credentials is not support). As a developer, you would have to know which one you want to support in your application.
Here is a useful post which might be helpful ...
Further here are some articles which might be helpful related to OAuth2 ...
https://www.youtube.com/watch?v=t18YB3xDfXI - An Illustrated Guide to OAuth and OpenID Connect
https://auth0.com/docs/authorization/which-oauth-2-0-flow-should-i-use
... and here is a good one for SAML ...
https://duo.com/blog/the-beer-drinkers-guide-to-saml
Finally, here are some other links which might be helpful ...
https://community.hyland.com/blog/posts/77700-authentication-and-onbase-everything-you-need-to-know
https://university.hyland.com/courses/e5243 - OnBase REST API Sandbox
https://university.hyland.com/learn/course/e5451/lab/foundation-231?client=hyland - IAM Services: REST API Client Connection: Hands-On Lab
Best wishes.
05-24-2024 12:19 PM
Absolute legend, thank you. Will update when I get this working.
Thank you.
05-24-2024 01:09 PM
My pleasure
05-31-2024 11:46 PM
For those of you curious in the future, I managed to get the Oauth working,
My provider being Azure SAML.
I am using a angular application using the 'angular-oauth2-odic' package,
My issuer being my IDP Link
Client ID being that of the client created in IDP for this App. IE REST Angular app
Note I used "Implicit flow"
With a token of JWT for the response to make further API calls with that.
Kind Regards
Thank you for all the help
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.