Die INUBIT Version 7.4 wird nicht mehr gewartet.

Sollten Sie diese INUBIT Version nutzen, empfehlen wir Ihnen eine Migration auf eine aktuelle Version. Die Dokumentation zur neusten INUBIT Version finden Sie hier. Sollten Sie Fragen haben, wenden Sie sich bitte an unseren Support.

Access with external frontend credentials

You need to access information that requires authentication with an external frontend user.

This is required for:

Access with Username/Password

Provide the username and password in Base64 format in the Authorization header.

For the combination username:password it looks like this:

Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=

Access with Token

You can use a token based authentication only if the Process User Server configured in INUBIT points to one of the following systems:

  • Business Process Center (BPC)

  • Keycloak

Provide the token in the X-AUTH-TOKEN header. For a Bearer token it would look like this:

X-AUTH-TOKEN: Bearer 1234567890ABCDEF

Enforce external frontend user management

Use query parameter ?userType=processUser to enforce external frontend user management to be used for credential validation.

Example

GET /ibis/rest/<endpoint>?userType=processUser HTTP/1.1
X-AUTH-TOKEN: Bearer 1234567890ABCDEF
Accept: */*
Cache-Control: no-cache
Accept-Encoding: gzip, deflate, br
Connection: keep-alive

Concept: Matching User Roles

The INUBIT needs to decide what data are related to the requesting user and should therefore be sent back in the response. As the data is displayed in an external frontend (e.g. portal) the requesting user information are stored in the external frontend user base.

In order to connect external frontend user base with data living in INUBIT the matching is applied by roles.

Therefore, INUBIT needs to be connected with the external frontend user base to fetch the roles. The external frontend system must use the same user base. This connection is covered in INUBIT by the Process User Server configuration. With a valid configuration INUBIT is able to fetch all roles from the external user base. Each place in INUBIT providing such data then needs to be connected to one or multiple user roles.

When a user request for such data comes in the requesting user’s role is used to find all matching places. All data assigned with a matching user will be sent back. If no matching data can be found the response will be empty.

INUBIT requirements:

  • Configure Process User Server to the same user base used in the external frontend

  • Assign one or more roles to each data you want to share (e.g. Task, Report)