Hi,
I'm looking for samples, how to manage external app integration with Viya.
In our scenario, external app and Viya 3.5 are configured
to authenticate with third party OAuth Authentication provider (Microsoft ADFS).
The scenario goes like this:
1. User logs into external app.
2. External app goes to the OAuth provider to authenticate user and obtain OAuth token.
3. User is loged into the external app.
4. External app calls Viya REST API to get list of the folders and reports on behalf of the user.
And here I'm stuck.
How should I register external app as the client in Viya?
I've found some examples how to register client:
curl -X POST "https://localhost/SASLogon/oauth/clients" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer <access-token-goes-here>" \
-d '{
"client_id": "app",
"client_secret": "<secret-goes-here>",
"scope": ["openid"],
"authorized_grant_types": ["password"],
"access_token_validity": 43199
}'
But as far as I understand, in this type of registration,
the external app in order to get access token for the resource,
it need to provide user name and password in the subsequent call, like in this example:
curl -X POST "https://server.example.com/SASLogon/oauth/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=password&username=<user-id>&password=<password>" \
-u "app:mysecret"
But in our scenario, the app has only OAuth token, not the password.
Documentation say, that there are some other types of authorized grants
in the client registration call (I suppose Token Grant would fit my case)
but I can't find the example.
And documentation also say, that currently only the user:password grant is supported.
I would be grateful for advice/examples, how to register client
and how to obtain access token from SASLogon having only OAuth token in hand.
Regards,
Jacek
... View more