Hi Mukesh,
When the authentication service returns a page to a user, it will look for .json version of the page if you are connecting to the /apiauthsvc endpoint. If not found then it will use a default JSON response layout. So, it is possible to customize the pages returned by the password mechanism by creating a custom template page.
For example, to modify the JSON response for the password mechanism you could create this template page:
…/authsvc/authenticator/password/login.json
In this page you can use template scripting to modify the content (and set response code) based on logic you add. Here's an example login.json:
<%
templateContext.response.setStatus(401);
var errorMsg = templateContext.macros["@ERROR_MESSAGE@"];
if (errorMsg == "") {
output = "\"message\" : \"Provide username and password\"";
} else {
output = "\"error_message\" : \"" + errorMsg + "\"";
}
%>
{
<%=output%>,
"location" : "@ACTION@",
"mechanism" : "@MECHANISM_ID@"
}
Jon.
------------------------------
Jon Harry
Consulting IT Security Specialist
IBM
------------------------------
Original Message:
Sent: Wed November 11, 2020 04:31 AM
From: Mukesh Bhati
Subject: ISAM - Different Response Status Code In InfoMap.
Hello All,
I have few steps configured in the Info map to collect email, TOTP, and change password. I am calling these InfoMap steps using the REST API call from a custom application.
In the collect email page, I am calling below REST API from a custom application. https://REVERSE_PROXY_HOSTNAME/mga/sps/apiauthsvc?PolicyId=urn:ibm:security:authentication:asf:usc_reset_password I observed that when I provide the correct username to the above API it returns me the 200 response code with the next action(configured using MACRO) for the next step from InfoMap and it's working fine for me.
But when I provide an incorrect username to the above API it returns me 200 response code JSON response having error_msg(configured using MACRO) in it.
Here I need to parse JSON response and then got to know whether API call succeeds or fail as API response code is the same. Is there any way to return the appropriate response code from InfoMap?
------------------------------
Mukesh
------------------------------