OAuth with IBM API Manager and IBM Mobile First - ibm-cloud

I would like to use OAuth as authorization system for my API created on the IBM API Manager (on Bluemix). Is it possible to use the IBM MobileFirst as OAuth provider? I have already tried inserting
mobile_first_context*/authorization/v1/authorization
as “Authorization URL”, after calling
advanced_developer_portal_context*/oauth/authorize
I obtain the form to insert the credentials, I enter a MobileFirst user and password (credentials are in basic user registry) but it seems to be always failing and the form is constantly visible.
What am I getting wrong?
Thank you in advance.

This is not possible through MobileFirst Platform Foundation at this time. The question should be directed at the API Manager product. You could probably open a PMR (support ticket) for that team.

To use OAuth to the secure the APIs in IBM API Management, please see the Securing an API by using OAuth 2.0 tutorial. As provided in the earlier answer it is not possible through IBM Mobile First Platform at this time.

Related

Enabling AAD federated SSO for Google compute engine hosted app

I have a Webapp hosted on Google compute engine. I am trying to list it on Microsoft AppSource. One of the mandatory conditions for listing is enabling Azure Active Directory federated Single Sign-on (AAD federated SSO) for the app.
Google Cloud platform supports SAML 2.0-based SSO. Hence technically this should be possible. Has anybody tried it and any has experiences to share. Thanks in advance.
In order for an application to integrate with Azure Active Directory - it is not required that you have an Azure Subscription, or even Azure Active Directory (specially if your application is a multi-tenant application) - you can host your application anywhere.
For AppSource, as long as your app integrates with Azure Active Directory, then you are able to list your app on AppSource - which means that the application does not need to be hosted in Azure. AppSource also requires Open Id Connect - SAML would not qualify. For more details please see this article.
To make it easier to test the Azure AD integration in your application, you can create/ use a test tenant with a Microsoft personal account (MSA), as well as use this MSA account to register your application for OAUTH2 flow.
You probably don't want to use GCP's SSO. This is really designed to allow your developers to use your organization's auth system while working on GCP. This is different than allowing your users to use their organization's AD while working within your web app.
Instead, I suggest you look to see if anyone has built AD or SAML integration for the framework your webapp is built with, or look to implementing it yourself. This allows the SSO auth to be used for the app itself, instead of in accessing GCP APIs.

Can i use my hosted WEB API (created in ASP.NET) in Mulesoft API manger?

I am trying to learn mulesoft AnyPoint Platform, and trying to host an API using API Manager.
I already have an API created in asp.net, can i use it in API manager, or i need to create new API.
Please help
Yes its possible if you are using Cloud based API Manager where below are the steps -
Click on the "Add New API" button.
Enter the API name of Mythical
Mobile Experience API (Replace Mythical with your preferred company
name)
Enter Version name of 1.0 Leave the the API Endpoint blank for
now.
Enter a description.
You should see the API administration page for your newly created API. From this page, you can Define API in API designer using RAML, publish an API portal, and Configure endpoint for the API.
Note, If you are using on-prem API Gateway then you need to develop a proxy Mule application which then need to be deployed using auto discovery component so that it will register under api manager then You should see the API administration page for your newly created API. From this page, you can Define API in API designer using RAML, publish an API portal, and Configure endpoint for the API.
Yes you can use the API Manager for hosting the API.
Yes you can use the API created.

Create a REST API from a Web Service Operation with IBM API Connect

I would like to create a REST API from a Web Service Operation with IBM API Connect.
On IBM API Management 4 we can create a REST API and assemble a Web Service Invoke Operation by wsdl.
We can connect, discover, define, configure and review operation into "Assemble" tab in API Manager console.
How can we do same thing with IBM API Connect? I have tried to create a REST API but I can't find the same functionality.
Thank you in advance.
This feature is still available in API manager in APIConnect
https://www.ibm.com/support/knowledgecenter/en/SSMNED_5.0.0/com.ibm.apic.apionprem.doc/tutorial_apionprem_expose_SOAP.html
In the latest release there is now the option to do this in the developer environment too https://www.ibm.com/support/knowledgecenter/en/SSMNED_5.0.0/com.ibm.apic.toolkit.doc/create_api_wsdl.html

IONIC | Login Authentication using Active Directory

Is it possible to use authenticate user from mobile application using Active Directory credentials in IONIC? I have gone through many google, but could not find any thing specific to Active Directory.
Ionic Framework is a front end framework. You can authenticate by any means that's available from your backend API.
auth0.com offers a soultion that might work for your needs if you want to integrate against a pre-baked solution rather that writing your own. They have a library for Ionic Framework.
You can find github repo here: https://github.com/auth0-samples/auth0-ionic2-samples
Auth0 offers identity management as a service (authentication). The Ionic Framework library claims that you can integrate against:
Google,
Facebook,
Microsoft Account,
LinkedIn,
GitHub,
Twitter,
Box,
Salesforce,
Windows Azure AD,
Google Apps,
Active Directory,
ADFS
or any SAML Identity Provider
Keep in mind that your Active Directory server will have to be available to Auth0 in some way in order for the integration to work. This may not be appropriate if you're building a purely internal enterprise app.

Is there any way to get domain users under google enterprise apps domain using OAuth 2.0?

Google Provisioning APIs use Google data protocol which requires admin userid and password. I looking for something like Google drive APIs so that I can use authority delegated service account to fetch entreprise info also. Idea is to avoid asking Admin credentials.
The Provisioning APIs support OAuth just fine. However, you should probably use the brand new Admin SDK Directory API which also supports the newer Google API similar to Drive SDK.