Web Authentication parameters

Use these parameters in the JSON data structure when you apply the Web Authentication policy (POLICY_CODE_WEB_AUTHENTICATION) to the app with app-market/policy.

clientId

Public OpenID identifier for the app. This can be found on the OAuth provider portal where your app is registered.

baseDiscoveryUrl

Required. Base URL for the web authentication server.

For example, if the OpenID well-known URI is oauth.example.com/.well-known/openid-configuration, the base discovery URL is oauth.example.com.

authTypeAuthentication type. Must be set to "openid".

Web Authentication API resources

To manage Web Authentication profiles:

  • profile: Use type="web_authentication" to create an Web Authentication profile. See example below.
  • profile/catalog/{policytype}: Use "web_authentication" for "{type}". GET returns an array of details for all policy profiles of the specified type.
  • profile/{GUID}: Use the profile ID to specify a policy profile. GET returns details for the specified profile, PUT updates the details in the specified profile, and DELETE archives the profile.
  • settings/web-authentication-default-profile (settings/{policytype}-default-profile: POST sets one of the Web Authentication profiles as the default. GET returns the GUID of the current default profile. DELETE archives the current default.

To retrieve details for the policy:

  • app-policy/{GUID} : Use the policy ID to specify a policy. GET returns details for the specified policy.
  • app-policy/code/{code} : UsePOLICY_CODE_WEB_AUTHENTICATION to specify the policy. GET returns details for the specified policy.

To secure apps with the Web Authentication policy:

Creating a Web Authentication profile

This example creates a Web Authentication profile with the profile API, specifying all options.

Note: To retrieve the Redirect URI, use the UI. (See Web Authentication profiles (UI).)

Request

curl -k -v -L -b c.txt -c c.txt -X POST http://bc.qwe.com/mocana-app-control/rest/profile \
  -F name="TestProfile" \
  -F type="web_authentication" \
  -F desc="Default Profile" \
  -F data="{\"clientId\":\"someClientId\",\"baseDiscoveryUrl\":\"https://someHost.com\",\"authType\":\"openid\"}"
BASH

Response

{
  "profiles": {
    "profile_name": "TestProfile",
    "profile_type": "web_authentication",
    "data": {
      "baseDiscoveryUrl": "https://someHost.com",
      "clientId": "someClientId",
      "authType": "openId"}
    "profile_url": "https://localhost:8443/mocana-app-control/rest/profile/d3d37266-9606-45b7-865e-09528c54dd32c",
    "profile_id": "d3d37266-9606-45b7-865e-09528c54dd32c",
    "profile_desc": ""
  },
  "message": "",
  "status": "OK"
}
JS

On this page

Related topics