Maximo

 View Only
Expand all | Collapse all

Will Maximo REST api service get authenticate with apikey to the Maximo SAML SSO enabled application

  • 1.  Will Maximo REST api service get authenticate with apikey to the Maximo SAML SSO enabled application

    Posted Thu August 17, 2023 03:36 AM

    Hi All,

    We have implemented SAML based sso in our maximo application(7.6.1.2) and installed workcenter also, we generated the apikeys for few users, we have rest api urls which are working initially with the basic authentication (with username and pwd) , we are trying to get the response for the REST api service with the apikey authentication from the sso enabled maximo application, it is giving 401 saml unauthorized error from postman, Want to understand if the rest api service will not or will work with apikey and will they get authenticate to the sso enabled maximo and get the response, Your comments and answers help us.

    401 error in the postman


    ------------------------------
    sivageetha gudivada
    ------------------------------

    #Maximo
    #MaximoEAM


  • 2.  RE: Will Maximo REST api service get authenticate with apikey to the Maximo SAML SSO enabled application

    Posted Fri August 18, 2023 10:09 AM

    I would use the /maximo/api (the /maximo/oslc API without security constraints) instead of the legacy /maxrest/rest API. But if you want to use API keys with the legacy maxrest you would have to comment out the security constraints in the web.xml for the applications\maximo\maxrestweb\webmodule\WEB-INF. We didn't always support API keys for the MAXREST but I think we had added by 7.6.1.2. When we first added API keys it was only for the new API (/maximo/oslc) and then we started adding it to the other web services.

    The reason you can't authenticate with an API key when you have the security constraints is the security constraints tell WebSphere to handle authentication but the API keys are specific to Maximo. By removing the security constraints, WebSphere won't try to authenticate the request and allows the request to make it to Maximo so that it can validate the API key. 



    ------------------------------
    Steven Shull
    ------------------------------



  • 3.  RE: Will Maximo REST api service get authenticate with apikey to the Maximo SAML SSO enabled application

    Posted Sun August 20, 2023 04:03 PM

    Hi,

    That's probably happen because your request is directed to SAML server.

    You can try set the filter like below for your REST endpoint in WebSphere which will direct it maximo application.

    sso_1.sp.filter : request-url%=maximo;request-url!=maxrest;request-url!=oslc;



    ------------------------------
    Cheers,
    Mikhail Pastushkov
    ------------------------------