OAuth 2.0 (Open Authorization) is standard to provide consented access and restricts actions of what a client application can perform on resources, hosted by other applications, on behalf of the user, without sharing the user's credentials.
OAuth 2.0 has different grant types to address different scenarios and they are the set of steps a client has to perform to get resource access authorization.
In this article, we will see client credentials grant type which is used for non-interactive applications e.g., automated processes, microservices, IoT etc.
Prerequisites:
- If the Oauth APIs are https, we need to upload the certificates in the Web Sphere server to avoid SSL certification error.
- OAuth 2.0 is supported only from Maximo 7.6.1.3 and MAS. For lower versions of Maximo, we need to customize the End point to make calls to OAuth enabled resources
- Common library script to retrieve token
- A HTTP End point with basic configuration (URL + HTTP_METHOD)
- A calling script to get token from library script, pass on token, URL parameter and header parameter to End point and store the response for more processing
A common library script to retrieve token from URL is written by a script without any launch point.
The variables defined in the statements left hand side are taken as input and those on the right side are output ones code common_lib_gettoken.py
The calling script of any launch point passes the required parameters to library script to get the token.
This token is used as the header parameter "Authorization". The token value is concatenated with String "Bearer".
Header params and URL properties (or query parameters) are defined as HashMap.
metaData.put(HTTPHandler.HTTP_HEADERPROPS, headers)
metaData.put(HTTPHandler.HTTPGET_URLPROPS, urlProps)
service.invokeEndPoint("ENDPOINTNAME",metaData,"") will call the end point by adding header and query parameters code oauthhttpendpoint.py
service.error("iface",response) will throw the output as error message in the Test script to validate the output during development phase.
Once you receive the required response, you can parse them for fields to be stored into Maximo.
