Authentications
Most of the action/triggers need some sort of authentication from users to function. IBM® webMethods Integration provides some methods to help add authentication for your actions and triggers. These methods are listed below:
- Basic: If your action/trigger only needs two pieces of information from the user, that is, Email ID and Password, you can use the basic authentication method. Below is the structure that should be used for basic authentication. You can add your custom code in this structure to create your own basic authentication mechanism. View the template for basic authentication.
module.exports =
{
label : 'Connect to Demo',
mock_input: {
"username" : "myuser",
"password" : "mypassword"
},
validate : function (input, output)
{
// auth data will be available in input.auth
// var username = input.auth.username
// var password = input.auth.password
// make call to third party api to validate user credentials
// and return callback output(null, true) in case of successful validation
// or return callback output(‘error message’) in case of unsuccessful validation
}
}OAuth: OAuth is a token-based authentication method that allows the user's account information to be used by any external service and subsequently provide secure access, without exposing the password. For example, many websites support multiple login methods. One of the login methods you commonly see is Login through Gmail or Login through Facebook. This is an example of OAuth. Given below is the basic structure for the OAuth authentication.
IBM webMethods Integration provides built-in OAuth authentication modules for a number of services. You can either use these built-in modules or create custom OAuth authentication modules as per your requirements.
When selecting the built-in OAuth authentication module for a connector, the OAuth services specific to your tenant will be listed. If you have not registered your own OAuth service, you will be prompted to create custom OAuth modules to use your own credentials for authentication.
Built-in module:
module.exports = {
label : 'Connect to Twitter',
mock_input: { access_token: ‘token’ }, //can be obtained from https://flowoauth.built.io
oauth: 'twitter',
input: {},
validate : function (input, output){
// auth data will be available in input.auth
}
}Custom OAuth module: You can also create custom OAuth modules to use own credentials for authentication. To do so, run the wmio auth command, select the OAuth authentication method, and then select OAuth 1 or OAuth 2 as per your requirements.
Here's the example code for creating Custom OAuth:
{
"type": "oauth2",
"title": "{{title}}",
"clientId": "<client id="">",
"clientSecret": "<client secret="">",
"authURL": "<authorization url="">",
"tokenURL": "<access token="" url="">",
"preAuthProcessing": {
// any processing or hashing of client_id, client_secret before authorization call
// available processingFunctions uuid, basicAuth, base64, sha256 case-sensitive
},
"authQueryParams": {
// Optional query params required to be in authorization request supports interpolation
},
"preTokenProcessing": {
// any processing or hashing of client_id, client_secret before accessToken call
// available processorApi uuid, basicAuth, base64, sha256 caseSensitive
// eg:
// headers: {
// 'Authorization': 'Basic base64({client_id}{client_secret})'
// }
},
"tokenParams": {
"method": "",
"headers": {},
"data": {
"client_id": "{client_id}",
"client_secret": "{client_secret}",
"redirect_uri": "{redirect_uri}",
"grant_type": "authorization_code"
}
},
"preRefreshProcessing": {
// any processing or hashing of client_id, refresh_token before refreshToken call
},
"refreshParams": {
// add additional keys required for refresh token process
"client_id": "{client_id}",
"client_secret": "{client_secret}",
"redirect_uri": "{redirect_uri}",
"grant_type": "refresh_token"
},
"requiredParams": [
// Optional json schema for rendering form before authorizing
],
"refreshURL": "<refresh token="" url,="" default="" to="" tokenurl="">", //<optional>
"scope": {
//<optional>
"READABLE SCOPE TITLE": "SCOPE"
},
"validate": {
"url": "ANY API URL TO VALIDATE TOKEN OF THIRD PARTY SERVICE",
"headers": {
//<optional>
"Authorization": "Bearer {access_token}"
},
"query": { //<optional>
}
},
"redirectURL": "{{redirectURL}}"
}Once you have created the custom OAuth, you need to deploy it to IBM webMethods Integration. To do so, run the following command:
wmio oauth deploy
- API Key: If your action/trigger requires an API Key to authenticate the user, you can use the API Key authentication method. Users can pass the API Key as a query string parameter or through an HTTP header. Below is the basic structure for the API Key authentication. You can add your custom code in this structure to create your own API Key authentication mechanism. View the template for API Key authentication.
module.exports =
{
label: 'Connect to Demo',
mock_input:
{
"api_key" : "my api key"
},
input: {},
validate: function (input, output)
{
// this function will be executed when running unit test cases and authData will
// be available in input.auth
}
}- Custom: If your action/trigger requires extra information such as access token, client ID, and client secret from the user along with the account credentials, you can use the custom authentication method. Given below is the basic structure for custom authentication. You can add your custom code in this structure to create your own custom authentication mechanism. View the template for custom authentication.
module.exports =
{
label : 'Connect to Test',
mock_input: {
"username" : "myuser",
"apikey" : "my api key",
"pass" : "my password"
},
input:
{
type: "object",
properties:
{
//input field definition
}
},
validate : function (input, output)
{
// auth data will be available in input.auth
// var username = input.auth.username
// var password = input.auth.pass
// var apiKey = input.auth.apikey
}
}Noauth: If your action/trigger doesn't require any authentication, you can use the noauth authentication method. This is useful when you are creating or customizing actions such as Logger, JSON Parse (or other utility in-house actions provided by IBM webMethods Integration) which do not contain an authentication field.
If you want to implement Noauth for custom connectors, follow the steps mentioned below:
Initiate the command
wmio auth.Select the basic auth option.
Add the key "auth_type": "noauth" inside your index.json file.
