I have a rest api which need to be hit through soap request.I have created wsdl and endpoint for soap web service but when i am hitting the rest web service using apache camel routing it giving error of Request is not authorized for given resource access
rest api is access token based so i am passing the access token in exchange headers while converting soap request to rest
Related
I'm designing a Web API that will be consumed by external web server.
Only the external web server must be authorized to access the internal API.
The end user will be authenticated against external web server, but the username must be forwarded to Internal API when requesting data, because there is some data filtering based on the username.
What authentication mechanism should in the internal web api server?
I started with X-API-Key header, but then how should I provide username? I would like to avoid passing username in querystrings
I was thinking about basic authentication, where password would be the X-API-Key
bearer token could theoretically work as well, but bearer tokens are usually generated by authorization server, which is not an option in this case.
EDIT:
Note, that the end user does not make any API calls. It simply access a website build using some CMS and the CMS internally fetches the data and generates HTML response.
currently working on wso2 identity servicer v5.7 . need a help to update service provider using soap request. i read the wso2 docs and saw the services provided by wso2 but did not find the right soap request. I want to update service provider all the details in one request: saml sso configuration as well.
You can use the updateApplication method of IdentityApplicationManagementService to update a Service Provider. To obtain the WSDL, use the following URL.
https://{IShost}:{port}/services/IdentityApplicationManagementService?wsdl
I could invoke service in soap ui with my credentials or calling same service with node soap package , but I need to invoke It by sending request with soap header, but I couldn't find any examples about that, so is It even possible?
We have enterprise connector that has been designed and developed to access SharePoint resources via standard REST API calls from our platform to SharePoint. The authentication mechanism utilized by the enterprise connector is a standard OAuth 2.0 authentication using Client ID, Client Secret and resource to obtain an access token from a known IDP (accounts.accesscontrol.windows.net). The access token obtained in the previous call is used, as an Authorization header, for authorization to the SharePoint instance in subsequent REST API calls. The REST API requests are sent to a direct SharePoint URL (i.e. ourcompany.sharepoint.com) and are serviced by that service instance.
In the case of trying to use the standard enterprise connector with the SharePoint Online instance for this customer, the SharePoint URL that we have been instructed to send API requests to is an internal URL and is using Auto-Acceleration. All requests to this URL are forwarded to a federated authentication system maintained by the customer. All API requests sent to this URL are answered with error code -2147024891 System.UnauthorizedAccessException - "Access denied. You do not have permission to perform this action or access this resource." This is the also the case when sending API requests from a tool such as Postman - as to eliminate the authentication used by the enterprise connector as root cause of the access denial.
The solution we're seeking is the proper avenue to access the REST API services on this SharePoint Online instance. Is there a different authentication mechanism required in this scenario? Are there different API endpoints required to access SharePoint resources in this situation? Additional configuration required to allow access?
Any suggestions and/or guidance are appreciated.
We have a requirement to expose SOAP service along with GET and POST Calls to the REST service on the same endpoint URI. Any inputs will be appreciated.
This needs to be achieved with oracle SOA