IBM Asset & Facilities Management Your destination for peer and expert insights to help unlock the power of data with AI and Asset & Facilities Management to advance your digital reinvention. Join / Log in
We have implemented SAML based sso in our maximo application(220.127.116.11) and installed workcenter also, we generated the apikeys for few users, we have rest api urls which are working initially with the basic authentication (with username and pwd) , we are trying to get the response for the REST api service with the apikey authentication from the sso enabled maximo application, it is giving 401 saml unauthorized error from postman, Want to understand if the rest api service will not or will work with apikey and will they get authenticate to the sso enabled maximo and get the response, Your comments and answers help us.
I would use the /maximo/api (the /maximo/oslc API without security constraints) instead of the legacy /maxrest/rest API. But if you want to use API keys with the legacy maxrest you would have to comment out the security constraints in the web.xml for the applications\maximo\maxrestweb\webmodule\WEB-INF. We didn't always support API keys for the MAXREST but I think we had added by 18.104.22.168. When we first added API keys it was only for the new API (/maximo/oslc) and then we started adding it to the other web services.
The reason you can't authenticate with an API key when you have the security constraints is the security constraints tell WebSphere to handle authentication but the API keys are specific to Maximo. By removing the security constraints, WebSphere won't try to authenticate the request and allows the request to make it to Maximo so that it can validate the API key.
That's probably happen because your request is directed to SAML server.
You can try set the filter like below for your REST endpoint in WebSphere which will direct it maximo application.
sso_1.sp.filter : request-url%=maximo;request-url!=maxrest;request-url!=oslc;