08-25-2023 10:39 AM
In WSP, our experience is that the username and password must be passed in headers in order to run the web service. Unless I am missing something in documentation, I do not see a way around this. Can someone help clarify what information MUST be passed in the headers and what information, including authentication, may be able to be passed a different way?
Not sure if accurate, but I saw a Community post that said that if you want the user account to be authenticated with Active Directory then you MUST use IdP. If that is not accurate, what are best practices to have a WSP API create a session for the calling user and then execute the code? I am sure I am missing something obvious here, so help is appreciated.
08-25-2023 11:11 AM
Hi
The two options are Basic and the Hyland IDP. Basic Authentication is a standard supported by IIS where by you Base64 encode the credentials and use the Basic Authentication Header.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication#authentication_schemes
To use the Hyland IDP, you would need to authenticate against it in order to get an Access Token which could then be used as a Bearer Authentication Header. How to generate an Access Token from the Hyland IDP is a bit more involved as it requires an understand of OAuth (you'll need to configure a Client in the Hyland and configure it for a Grant Type which matches your custom application). Here is a post which might be helpful ...
https://community.hyland.com/forum/threads/76900-rest-api-authentication
You can find more information about Authentication for WSP in the MRG ...
Best wishes.
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.