REST call with logged in user (not technical User)

ThomasHe · 2022-12-21T07:41:03+00:00

There was an error rendering this rich post.

Hallo

is there a way to use REST Calls with credetials of the currently logged in User?

Until now, we use a technical User to communicate between a Java Solution and Contentserver. Now Business want to not use anymore the technical User but the currently logged in User. Bascically: is there a way, to get a Tocken of the logged in user (without knowing the PW)

Thomas

Find more posts tagged with

Content Server

Comments

appuq

Yes the easiest method one uses is called "Impersonation" your main application will have a defined technical user whose password is known to you. You will initiate a super user connection like your app is doing now but you will then ask for the other user's token. All audits will say Document actions were done by the real user and not the super user. This methods have been existing in CS API for years and is the preferred way for Integrated applications.

If you do not like that the more complicated way is to look the OTDS Authentication .Login with the oauth client of OTDS and then play with the GUI until you can find SSO based credentialling. For SSO to work the user is first vetted by a Directory service of some kind so either it is a DC application (typical AD based intranet) or a oauth application(like okta ,google, facebook etc) .When the user does that the "man in the middle" will issue a token, you will use that token to create a CS Application token within OTDS and call CS API. The theory sounds fine but if you are new to authentication you will find almost no examples etc. but all we do it by a lot of reverse engineering :)