Versions Compared

Old Version 1

changes.mady.by.user John Jellema

Saved on

compared with

New Version Current

changes.mady.by.user ubisebastian

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of contents

...

In order to access the CustomerID API you need its client ID for the scope parameter of the OAuth2 Token Request. This client ID has been defined in your linux/win32.config file with setting: rest.oauth2.client.uuid and is visible in eIDM Services → Applications → CustomerID API as depicted here

Image Modified

Figure 1 The system internal CustomerID API client ID

Add SSO server certificate to Java trust store

...

  • When SSO is installed on different server than CustomerID copy the SSO certificate file to the CustomerID server
  • Add certificate to Java trust store and
  • Restart CustomerID i.e. WildFly

Verify the API works

The following examples use the REQ003 List Organizations API call documented in REST API 2.0 - CustomerID.

Test the connection

You can start testing the connection using curl. You may use the --insecure flag in case self-signed certificates are used:

Code Block
languagebash
$ curl --request GET 'https://<customerid-base-url>/customerid-rest/services/2.0/organizations?technicalName=not-found'

...

Code Block
languagebash
$ curl \
  --request POST 'https://<sso-base-url>/uas/oauth2/token' \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data-urlencode 'grant_type=password' \
  --data-urlencode 'scope=openid <customerid-api-client-id>' \
  --data-urlencode 'client_id=<oauth2-client-id>' \
  --data-urlencode 'client_secret=<oauth2-client-secret>' \
  --data-urlencode 'username=<customerid-api-user>' \
  --data-urlencode 'password=<customerid-api-password>'

Where

ParameterDescription
customerid-api-client-id
Is the client_id of the CustomerID API retrieved in Locate API scope section
oauth2-client-id
Is the client_id of your OAuth2 client application you created in Creating a new OAuth2 application section
oauth2-client-secret
Is the client_secret of your OAuth2 client application you created in Creating a new OAuth2 application section
customerid-api-user
Is the username of the user you created in Define API user section
customerid-api-user-password
Is the password of the user you created in Define API user section

Use the access token

Take the access token from the response and use in the CustomerID API request:

...

Tick from the SSO Management UI for the OAuth2 application you created e.g. password.2 method and click Update on below of the screen.

Image Modified

Figure 2. Enabling password method for the OAuth2 application

Using access token fails

If in step Use the access token HTTP 500 is returned instead of the expected HTTP 200 with the following error response:

...