Here's what I would do:
1. When you authenticate the user at the end of your successful infomap, put this piece of data that you want in the user's credential as an attribute.
2. You then have several options for how to get it back to the client including:
a) You can write a trivial stateless infomap based "collection" API to return it, which can be called by client-side JS in your post-authentication landing page
b) With the new Lua-based HTTP transformation rules, write a response HTTP transformation to include it in either the response body (re-writing the empty body 204 to something else), or as a response HTTP header.
------------------------------
Shane Weeden
IBM
------------------------------
Original Message:
Sent: Fri May 19, 2023 11:34 AM
From: Jerryt D.
Subject: ISAM - How to send data in a response to a success of infoMap.
Hi John,
I realize this is an older post. At the time of writing you mention it is the way to go using SCIM or a custom policy that returns a page with the required data (using Macro's). Is this still the case or are there other possibilities?
We are in a similar situation where we are trying to get a specific value back after using an InfoMap for authentication.
I noticed that macro's are not available within the Reverse Proxy except in the error-dir and mgt-pages-root.
Misusing these pages to return the value is possible, but not preferable.
What would be a good way to go about this?
Kind regards,
------------------------------
Jerryt D.
Original Message:
Sent: Wed November 11, 2020 08:25 AM
From: Jon Harry
Subject: ISAM - How to send data in a response to a success of infoMap.
Mukesh,
The way that the Authentication Service is designed, it is intended only to perform authentication and set up a session to the Reverse Proxy. Once this is complete, a 204 is returned to the calling client to tell it that authentication succeeded at that authenticated requests can now be made.
To get content returned from the Authentication Service in the way you describe would be complex today... it might not even be possible. It would likely be much easier to have the client make an additional call to obtain user data after receiving the 204. This could be a request to the /scim/Me endpoint (if you have configured SCIM) or it could be a request to a custom policy in the Authentication Service which returns a page template with the data you need (using macros to populate the data).
Jon.
------------------------------
Jon Harry
Consulting IT Security Specialist
IBM
Original Message:
Sent: Wed November 11, 2020 05:23 AM
From: Mukesh Bhati
Subject: ISAM - How to send data in a response to a success of infoMap.
Hello All,
I have created a custom infoMap for authentication. and it's working fine.
But after successful login. I want to send user detail in response.
As of now, the 204 status code is a return.
is this possible? to send user detail in response.
------------------------------
Mukesh
------------------------------