Create a New Web Authentication Method

The sub-branches beneath a newly created Web Service (as mentioned in Create a New Web Service - REST) allow you to create a Web Authentication Method.

 

Web Authentication methods can be used with services that expose a non-standard authentication mechanism, or an authentication type that is not in the supported list. The only requirement is that the service’s authentication method returns a JSON Web Token (JWT) in one of the properties of the authentication result.

 

Web Authentication methods are only used during configuration in Workbench, and are not exposed in runtime.

 

To Add a New Web Authentication Method:

  1. Right-click on a sub-branch beneath a Web Service and select "Add Web Authentication Method" as shown below.

Adding a New Web Authentication Method

 

-OR-

 

Select a sub-branch beneath a Web Service, then click on the Add Web Authentication Method button, shown below, in the Edit section of the Home button in the Workbench.

 

Add Web Authentication Method Button

  1. This opens the Web Authentication Method properties in the right-pane of the Workbench as shown below. Enter a Name in the top text entry field.

New Web Authentication Method Properties

 

General Settings

Parameters

 

Click the "+ Click here to add new item" link to add a new parameter. You can then enter a Name, Value, and Kind (using the pulldown menu, select from Query String or POST Body, Cookie, URL Segment, HTTP Header, Query String, or Request Body) and select whether the parameter will be Sensitive (by clicking the checkbox within that column).

 

When a parameter is marked as Sensitive, it will be obscured in the Workbench UI so that its value cannot be read. It will also be removed in runtime from the point name. For security reasons, unchecking the Sensitive checkbox will clear the parameter value.

 

As described above, the supported parameter types are:

 

Authentication Result

  1. Once you have completed making edits to the Web Manipulator, click Apply to save your settings and Close to exit.

JSON Web Token Authentication

Certain Web Services require an authentication object, as a method for representing claims securely between two parties. JWT (JSON Web Token) is a method that ensures authenticated communications for REST Web Services. Any communications utilizing this authentication method can now be permitted in ICONICS products when utilizing REST Web Services.

 

Before beginning, a user should ensure an authentication method is already created. If this is already configured, skip to step 5.

  1. Launch the Workbench.

  2. Navigate to the REST Service (Data Connectivity > Web Services) that has to be configured to use JWT (JSON Web Token) authentication. If the REST Service does not exist, right-click on any folder under Data Connectivity and select Add REST Service.

  3. To configure an authentication method, right-click on the service and select Add Web Authentication Method.

  4. A new form will populate. Fill out this form with the required settings to invoke the JWT authentication method exposed by the server you wish to interact with, and click Authenticate. If the authentication is successful and a JWT could be retrieved, the result will be shown in the Result Schema textbox. This Web Authentication Method will be used later.

  5. Within the Workbench, edit the REST Service (Data Connectivity > Web Services) that was created at step 2. This will open the service form.

  6. Within the General Settings section, there is a field for Authentication: Select JSON Web Token from the drop-down list. A new section called Connection Credentials will appear.

  7. From the Authentication Method drop-down menu, select the Web Authentication Method that was configured at step 4.

  8. The Token Property drop-down menu will automatically populate with the schema of the authentication’s method result. From within this drop-down menu, select the property that contains the JWT.

  9. With the next three fields (Authorization Parameter Kind, Name and Value), configure how the JWT will be sent to server with each request. The placeholder @JwtSecurityToken can be used in the Authorization Parameter Value field and will be replaced with the actual JWT in runtime. Apply to save changes

  10. All methods configured through this service will now use JSON Web Token Authentication.

See Also:

Create a New Folder

Create a New Web Service

Web Services Overview

Create a New REST Web Method

Create a New REST Web Manipulator