Maximo

Maximo

Come for answers, stay for best practices. All we're missing is you.

 View Only
  • 1.  Using API Key with meaweb/es

    Posted Wed May 25, 2022 03:35 PM

    Hello,
      We're on Maximo 7.6.1.2-IFIX20220330-1115. I have an Enterprise Service-based integration where an external system sends json messages to a URL - https://hostname/meaweb/es/ExtSys/EntServ. We would like to use an API Key for the authentication so that we are ready for a future upgrade to MAS 8. We're testing this in Postman but it seems like it doesn't work until we use Basic Auth to store a cookie (LtpaToken2) after which it really doesn't matter what type of authentication we use (even No Auth works!).

    How do I use API Key with a meaweb/es endpoint? I can't seem to find any documentation on the topic.

    Thanks in advance!



    ------------------------------
    Manu
    ------------------------------




    #MaximoIntegrationandScripting
    #AssetandFacilitiesManagement
    #Maximo


  • 2.  RE: Using API Key with meaweb/es
    Best Answer

    Posted Thu May 26, 2022 07:55 AM
    You have two options in how to handle this in 7.6.1.2. You can add additional servlet mappings that do not have a security constraint or remove the security constraints in the web.xml file. If you remove the security constraints, you would no longer be able to authenticate via LDAP directly to the meaweb endpoint (the basic auth header) but if you had established a session you'd be able to utilize the LTPA token. In the OSLC API scenario, we handle this in application server security auth scenarios by adding /api without security constraints while leaving the /oslc with the security constraints. 

    If you don't need to authenticate to the SOAP API directly (you'll either have a session interactively established or you'll be using an API key), then I would suggest removing the authentication. In MAS we don't configure security constraints for meaweb because every system is setup to utilize OIDC (even if the customer doesn't utilize an external identity provider). With OIDC/SAML it isn't possible to silently authenticate so we know they'll be using an API key or have already authenticated.

    ------------------------------
    Steven Shull
    ------------------------------



  • 3.  RE: Using API Key with meaweb/es

    Posted Thu May 26, 2022 04:00 PM
    Thanks, Steven. We'll use your suggestions and test it out. I'll get back with what worked for us in the near future.

    Manu

    ------------------------------
    MANU MAGANTI
    EMA Canada| Inc.
    OAKVILLE ON
    ------------------------------



  • 4.  RE: Using API Key with meaweb/es

    Posted Tue June 14, 2022 10:06 AM

    Just wanted to update this thread. We removed the security constraints from meaweb/web.xml and API Key authentication is working as desired.

    Thanks, Steven!

    M



    ------------------------------
    MANU MAGANTI
    EMA Canada| Inc.
    OAKVILLE ON
    ------------------------------