How do I get/pass authentication for DNG using API calls?
I'm trying to access user roles and permissions on DNG. I've been able to access these websites manually, I've also passed the correct values in through Postman and got the expected results. I'm now using some older code given to me, JQuery, to download this data but I can't get the authentication to work. I keep getting 401 or 400 error codes. The codes a little scrambled right now because I keep trying new things and none of it is working. If anyone could point me in the right direction that would be great.
|
Accepted answer
Ralph Schoon (63.6k●3●36●47)
| answered Jun 07 '22, 1:49 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER It can get rather complicated. I have tried to explain how it works here: https://rsjazz.wordpress.com/2021/10/15/elm-authentication/ Michael Rowe selected this answer as the correct answer
Comments
Jacob Harland
commented Jun 07 '22, 11:07 a.m.
I will check this out and get back with you, thank you!
Ralph Schoon
commented Jun 07 '22, 11:22 a.m.
| edited Jun 07 '22, 11:22 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
The authentication you use in your snippet is form based authentication. This only works in some of the setups. If it does not (use Postman) to test, my understanding is that BASIC Authentication is the fallback for the other situations (e.g. Jazz Authentication Server/OICD).
Jacob Harland
commented Jun 07 '22, 1:51 p.m.
Sorry I'm totally new to this. Where can I see what type of auth is used in postman? Is it a cookie JAZZ_AUTH_TOKEN? I also see this: JazzFormAuth=Form. So can it be either token based or form based?
https://rsjazz.wordpress.com/2019/05/13/using-a-rest-client-to-authenticate-to-elm-clm-applications/ explains how this works. Note with BASIC Authentication, you have to send the authentication data with each call. So I actually looked at that link and was able to follow it and it works. But I pull the code from Postman and use it in Jquery and then it doesn't work. Why's it work on one but not the other? /jts/_j_security_check is fine on postman, but I get a 400 error when I'm using jquery. I can not help you with that. How the authentication works in your framework is not where I can help you, especially as "does not work" is not very useful.
Note, if you run out of a browser in a JavaScript or other framework, please check https://jazz.net/forum/questions/98072/x-jazz-csrf-prevent-header-is-required-to-create-a-work-item-via-oslc-on-version-4001
The server prevents cross site scripting if you come from the browser. There is a special header that is needed then.
Jacob Harland
commented Jun 08 '22, 10:11 a.m.
Yes I'm using JS through the browser, I'll check that link too thank you.
For examples on how Oauth1.0a and OIDC works, I have two blogs that include Postman files for experimenting with - https://michaelrowe01.com/index.php/day-job/ibm-elm/api-authentication-method-in-elm-oidc/ and https://michaelrowe01.com/index.php/day-job/ibm-elm/api-authentication-method-in-elm-oauth-1-0a/
showing 5 of 8
show 3 more comments
|
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.