-
Type:
Story
-
Status: Closed (View Workflow)
-
Resolution: Done
-
Affects Version/s: None
-
Fix Version/s: None
-
Component/s: None
-
Labels:None
-
Sprint:CFAMX 2020R4 Sprint 3
-
SCRUM Team:Brotherhood of Mutants
-
Story Points:5
-
Work Type Classification:Sustaining
Story
As an administrator, I would like a method to authenticate users who would like to access API.
UAC
Confirm
- Users with proper authentication are able to access InFORM API.
- Unauthenticated users can not connect to the API.
Developer Notes
For now, we are using our own developer Okta account for the auth server, configured to use the Client Credentials grant type.
To use PostMan to call the API, go to the Authorization tab, select "Auth 2.0" as the TYPE, click "Get New Access Token," and fill out the modal form as follows:
Token Name: (doesn't matter, pick anything you like)
Grant Type: Client Credentials
Access Token URL: https://dev-737058.okta.com/oauth2/default/v1/token*
Client Id: 0oamae3j1zHJ4OTUv4x6
Client Secret: MJy6OeN71RhAmUKxINLiVlG34NQwX_rAPr80xnPl
Scope: manage:reasons
Note that the client id, client secret, and scope may change. You can always find the latest information by logging into the Okta account here:
url: https://dev-737058.okta.com/login/login.htm*
login: david.nayyar@hotschedules.com
pwd: MyVoiceIsMyPassport13
- - the base url here may change as well, it will be in the Mx.config file under the appsetting key AuthServerUrl.
Okta's article here may be helpful if there are any questions: https://developer.okta.com/blog/2019/03/13/build-rest-api-with-aspnet-web-api
- implements
-
CFAMX-10366 Make the Waste API robust enough for chain-wide usage by Automated Holding Assistant to inject waste data
-
- Closed
-
