Content Management and Capture

 View Only
  • 1.  API bearer Authentication

    Posted Mon August 19, 2024 08:26 AM

    Hi Team

    I want to configure and connect ADFS with my FileNetEngine so i can use authenticate to FileNetEngine using API Bearer without using the technical user.
                // Create instance of class used to pass OAuth token to WSI requests using CE API
              OpenTokenCredentials otc = new OpenTokenCredentials(username, authToken, null);

    Does anyone did this approach before if so how ? 

    thank you for your help





    ------------------------------
    Fred TOMMY
    ------------------------------


  • 2.  RE: API bearer Authentication

    Posted Tue August 20, 2024 10:14 PM

    See this documentation link on using the OpenTokenCredentials API

    https://www.ibm.com/docs/en/filenet-p8-platform/5.6.0?topic=authentication-single-sign-integrations-via-content-engine-api-bearer-token

    You are responsible for obtaining the OAuth access_token or id_token in your application code.  Consult ADFS documentation on how to obtain this token for your logged in user.  Once you have this token, you pass it along with the username of the logged in user to the OpenTokenCredentials API.  Then execute your FileNet API operations as shown in that documentation link.



    ------------------------------
    ROGER Bacalzo
    ------------------------------



  • 3.  RE: API bearer Authentication

    Posted Thu September 12, 2024 05:25 PM

    Thank you ROGER,

    I followed the documentation but when i attempted the process, i encountered the following error :
    FNRCE0040E: E_NOT_AUTHENTICATED

    it seems i may need to adjust my configuration in WebSphere. Do you have any documentation on how to configure ADFS with IBM WebSphere so that FileNet can validate the token ? 

    Thank you for your help,



    ------------------------------
    Fred TOMMY
    ------------------------------



  • 4.  RE: API bearer Authentication

    Posted Tue September 17, 2024 12:11 PM

    Hi Fred,

    If your FileNetEngine is running on traditional WebSphere, then you will need to configure it for OIDC authentication.  See one of these blogs on instructions to do this:



    ------------------------------
    ROGER Bacalzo
    ------------------------------