If you have a comment on this topic, contact Aptify Documentation. If you want to return to the Aptify Community Site, please click here.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 13 Next »

Using Web User authentication currently gives you all the permissions of the User in Aptify that runs the eBiz web site. This user may have elevated permissions, so you will have to implement any limitations the Web User should have in your own logic. This should be addressed in future versions of the API.

Prerequisites

The Aptify database connected to Aptify SOA must support the Web Users Authentication Provider and have it linked to the HTML5 Web Service Application. The services layer in IIS needs anonymous authentication, and ONLY anonymous authentication, turned on. The services layer should be using HTTPS.

 

Types Of Authentication Provider

There are seven types of authentication provider available in aptify.

  1. SQL User Authentication Provider (SQL)

    With this provider a  non-trusted user is authenticated against a SQL server database. This provider expects the  two request parameters ‘Username’ and ‘Password’ in querystring. The user have logon authority against the database and also is user in Aptify. 

     

  2. Domain User Authentication Provider (Domain)

    Authentication based on Windows Domain. Authentication is performed by validating logon to the domain using user name and password provided. If it is successful then the user is logged in as trusted user to Aptify .This cannot recreate user credential on token validation if token is valid but credential have been lost.

     

  3. Web User Authentication Provider (Web)

    Authenticate an Aptify WebUser. Web User authentication relies on HTTPS for encryption. The Web User login endpoint supports both GET and POST actions. For GET, use query parameters to send the user name and password; for POST, send them as form data.This provider will recreate the UserCredentials on token validation if they have been lost.

     

  4. IIS Managed Authentication Provider (IIS)

    Authenticates  user using windows authentication provided by IIS.This provider relies on IIS to authenticate the user at the windows level, once that has been performed then this provider verifies user is a valid user in the Aptify Application.initial authentication is being performed by IIS. IIS resides outside the services layer. Any request denied by IIS will never reach this provider or the services layer.

     

  5. vNext Authentication Provider (vNext)

    Authenticates  user against Aptify Web.Once validated it produce some additional information corresponding to that user.

     

  6. Domain User(with container) Authentication Provider (DomainWithContainer)

    Authenticates a user against a windows domain and aptify.

     

  7. SQL User (needs input with container) Authentication Provider (SQLNeedsInputWithContainer)

    Authenticates a user using SQL Server database .

Endpoint

Cached?No

User authentication relies on HTTPS for encryption. Before attempting to authenticate, you should try the UserInformation endpoint. This is lighter-weight than authentication, and will give you your token if you've already authenticated.

The Web User login endpoint supports both GET and POST actions. For GET, use query parameters to send the user name and password; for POST, send them as form data.

https://<service base>/Authentication/Login/<authentication provider>

Parameters (GET, as Query Parameters)

Parameter Name
UserName
Password

Following example illustrated using web user authentication provider.

Example:

https://<service base>/Authentication/Login/web?UserName=username&Password=password

Request Body (POST, as Form Data)

{
	UserName: "username",
	Password: "password"
}

Response Body (Successful)

{
	UserId: 1,						// Web User ID
	UserName: "UserName",
	Email: "name@email.com",
	FirstName: "Firstname",
	LastName: "Lastname",
	Title: "Title",
	LinkId: 2						// Person ID
	CompanyId: 3
	TokenId: "abcdefg",				// Token to send with future service requests
	Server: "server",
	Database: "Aptify",
	AptifyUserID: 4,				// User ID of the master eBiz User
	AptifyUser: "AptifyUserName"	// User Name of the master eBiz User
}

Note that you will get back three separate IDs related to the Web User who is logging in. UserId is the ID of the actual Web User record in Aptify. LinkId is the ID of the Persons record in Aptify that is linked to the Web User. Most regions of Aptify use the Persons ID as the canonical representation of a person in the system. Finally, AptifyUserID is the ID of the User record in Aptify that runs the eBiz web site.

Response Body (Unsuccessful)

{
	LinkId: "",						
	ErrorInfo: {
		ErrorType: "W",
		ErrorMessage: "Incorrect User ID or Password"
	},
	Server: "server",
	Database: "Aptify",
	AptifyUserID: 4,				// User ID of the master eBiz User
	AptifyUser: "AptifyUserName"	// User Name of the master eBiz User
}

Note the lack of a TokenId, the empty LinkId, and the presence of an error message.

Do not rely on anything but the ErrorInfo and ErrorMessage; other information may be removed in future versions of the API.

 

Token Use

The TokenId you receive is a GUID you will use to make requests to authenticated endpoints. You send it as a header, prefixed by authentication provider and a single space character:

Header NameHeader Value
AptifyAuthorization<authentication provider> <TokenId>
  • No labels

Copyright © 2014-2017 Aptify - Confidential and Proprietary