Access with external frontend credentials
You need to access information that requires authentication with an external frontend user.
This is required for:
Access with Username/Password
Provide the username and password in Base64
format in the Authorization
header.
For the combination username:password
it looks like this:
Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
Access with Token
You can use a token based authentication only if the Process User Server configured in INUBIT points to one of the following systems:
|
Provide the token in the X-AUTH-TOKEN
header.
For a Bearer token it would look like this:
X-AUTH-TOKEN: Bearer 1234567890ABCDEF
Enforce external frontend user management
Use query parameter ?userType=processUser
to enforce external frontend user management to be used for credential validation.
Example
GET /ibis/rest/<endpoint>?userType=processUser HTTP/1.1
X-AUTH-TOKEN: Bearer 1234567890ABCDEF
Accept: */*
Cache-Control: no-cache
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Concept: Matching User Roles
The INUBIT needs to decide what data are related to the requesting user and should therefore be sent back in the response. As the data is displayed in an external frontend (e.g. portal) the requesting user information are stored in the external frontend user base.
In order to connect external frontend user base with data living in INUBIT the matching is applied by roles.
Therefore, INUBIT needs to be connected with the external frontend user base to fetch the roles. The external frontend system must use the same user base. This connection is covered in INUBIT by the Process User Server configuration. With a valid configuration INUBIT is able to fetch all roles from the external user base. Each place in INUBIT providing such data then needs to be connected to one or multiple user roles.
When a user request for such data comes in the requesting user’s role is used to find all matching places. All data assigned with a matching user will be sent back. If no matching data can be found the response will be empty.
INUBIT requirements:
-
Configure Process User Server to the same user base used in the external frontend
-
Assign one or more roles to each data you want to share (e.g. Task, Report)