It's all about the answers!

Ask a question

How to login from external application when using JAS

Benjamin Silverman (4.1k610) | asked Sep 06 '16, 7:16 p.m.
I'm attempting to access some CLM resources for monitoring from an external web application.  I have JAS successfully configured and am wondering what the best way is to authenticate.  Here's what I did:

1)  Registered a new client with mkclient -u user:password.  I did this because I don't know the client secret for the RM application I'm trying to access, and changing the secret through the rm/admin -> Advanced Properties seemed to break the application.
2)  Noted the client ID and secret
3)  Encoded the client:secret in Base64
4)  POST to https://localhost:9643/oidc/endpoint/jazzop/token?grant_type=client_credentials  with the following headers:

Authorization: Basic <encoded client:secret>
Scope: general

The response from the server is:

{"error":"unsupported_grant_type","error_description":"CWOAU0025E: The grant_type parameter was invalid: client_credentials"}

The JSA log has this:

[9/6/16 19:08:06:597 EDT] 00000a13         E CWOAU0038E: The client could not be verified. Either the client ID: null or client secret is incorrect.

I wonder if client_credentials is even the best method or not, given I'm not sure what resources I'd be able to access with the client I created using the mkclient utility. 

Is there a better way of authenticating from an external web application, perhaps using the "password" grant type?  Any information that could be provided on this would be helpful.  Thanks,

One answer

permanent link
Benjamin Silverman (4.1k610) | answered Sep 08 '16, 6:52 p.m.
 I was able to get past this by using the method described here.

Your answer

Register or to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.