This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Signing in Over REST API w/ Password auth

Conner_Phillis
Champ on-the-rise
Champ on-the-rise

‎02-14-2023 07:04 AM

In case anyone stumbles on here by searching, the following request format works.

 

```

POST https://<your-idp-url>/connect/token

=== HEADERS ===

Content-Type: application/x-www-form-urlencoded

=== Body (form fields) ===

grant_type: 

username: 

password:

client_id:

client_secret:

scope:

tenant:

```

 

Now - for the rant.

 

From the REST API Docs 

"""

Implementing Authentication Flows

Because OAuth 2.0 is an open and common standard, it's possible to research and implement these flows yourself.

 

"""

Really!?!? I spent hours trying to find what URL the password login request should be sent to, only to find that this information on is only (barely) documented in the MRG for the IDP server. There's not even an accepted content type listed there.

 

Also - because of the "tenant" parameter, it's non-trivial to figure out how to add that parameter when using C#'s IdentityModel.OidcClient library.

 

For people that are unfamiliar with OIDC, it's not really that easy to figure out what URL Hyland wants its auth requests to go to, or the content type that it accepts. Simply saying "Go figure it out yourself" is not acceptable.

 

Either

- Document that your IDP server is Identity Server 4, and let people search for that.

or

- Put a sample request like the one I put above so that people don't have to dive down rabbit holes to figure out how to get an API token for a web service. Even just a copy of the above would be way better than the nothing now.

Labels:
1 REPLY 1

AdamShaneHyland
Employee
Employee

‎02-18-2023 02:59 PM

Hi @Conner Phillis ,

 

While I know it is not exactly what you are looking for, here are some links ...

For the Hyland IDP, you can reference the following which document IdentityServer.  This is the framework which the Hyland IDP was developed upon to implement OAuth2 and OIDC ...

Also, we are looking into ways to improve our documentation with respect to the discussion of OAuth2 and the REST API. 

 

Best wishes.

0 Kudos
Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC