This section provides you with information about configuring the API.
Basic principles of API development
API Server basics
Examples and help – Software Development Kit
API configuration
General information about the API Server
Calling the API Server web interface
Encryption
General notes on programming your own API methods
Guidelines and conventions
Configuring primary authentication with single sign-on
Changing encryption
Configuring the compilation
Implementing your own APIs
API Designer
Quick start – Creating an API with the API Designer
Working with the API Designer
Starting the API Designer
Project types
User interface
Global settings
Database objects
API projects
Object properties
Managing objects in a project (solution)
Editing database objects (definition tree view)
Labeling changes
Find and replace
Multilingual captions
Creating multilingual captions
Searching for a multilingual caption
Editing a multilingual caption
Deleting a multilingual caption
Managing database queries
Displaying database queries
Creating a database query
Editing a database query
Testing a database query
Deleting a database query
Managing tabs
Managing layouts
Displaying the change history (command list)
Bookmarks
Compiling an API
Testing a compilation
Starting a compilation
Managing compilation errors and warnings (task window)
Opening the compiling log
Managing versions (compilation branches)
Selecting and using compilation branches
Creating compilation branches
Editing compilation branches
Deleting compilation branches
Testing an API
Linking C# projects to the API Designer
Creating API projects
Editing API projects
Deleting API projects
Assigning API files to an API project
Importing API projects
API methods
Creating API files
Editing API files
Deleting API files
Assigning API files to an API project
Importing API files
ImxClient command line program
API configuration
API configuration
Configuring primary authentication with single sign-on
You can configure single sign-on authentication for API projects with the Administration Portal. In this case, a separate request to the imx/login method is not required.
NOTE: You can configure authentication for the Operations Support Web Portal using the appropriate API project (see Configuring authentication for the Operations Support Web Portal).
TO configure primary authentication with single sign-on
-
In your internet browser, open the your API Server's webpage.
-
On the overview page, click Administration Portal.
-
On the login page, select which authentication method you want to use to log in to the Administration Portal.
-
Enter your user name and password.
-
Click Connect.
-
In the navigation, click Configuration.
-
On the Configuration page, in the Show configuration for the following API project menu, select the API project that you want configure with single sign-on authentication.
-
In the search box, enter Single sign-on authentication modules.
-
Expand the Single sign-on authentication modules configuration key.
-
Click New.
-
In the menu, select the authentication module you want to use.
TIP: You can specify additional authentication modules. To do this, click New.
-
Click Apply.
-
Perform one of the following actions:
-
If you want to apply the changes locally only, click Apply locally.
-
If you want to apply the changes globally, click Apply globally.
-
-
Click Apply.
Detailed information about this topic
Configuring authentication for the Operations Support Web Portal
API configuration > Configuring primary authentication with single sign-on > Configuring authentication for the Operations Support Web Portal
You can use the Authentication node in the API Designer definition tree view to specify how users can log in to the Operations Support Web Portal.
There are three authentication options that you can configure:
-
Standard: Only the authentication methods you list here are allowed. You can also enable single sign-on for this method.
-
Allow all manual modules: All manual authentication modules are allowed, provided they are enabled for the selected product. You can also enable single sign-on for this method.
-
Fixed credentials: This setting allows you to log in to the API with stored login credentials. To use this option, the login data must be stored in the web.config files on each API server.
To set the permitted manual authentication options
-
Start the API Designer program.
-
In the menu bar, click View > Navigation.
-
Click
API projects in the navigation.
-
In the tree structure, double-click the API project to be edited.
-
In the Definition tree view, click the
node (Authentication).
-
Click View > Node editor on the menu bar.
-
In the node editor view, perform the following actions:
-
In the Authentication type menu, select Standard.
-
Enter a unique ID for the node in the Control ID field.
-
(Optional) In the Authentication properties field, enter the properties for the authentication. For more information about the authentication modules, see the One Identity Manager Configuration Guide.
-
(Optional) If authorizations for users are controlled by a product, enable the Product option and select the required product in the selection list.
-
-
In the definition tree view, expand the
-
Right-click the
node (Manual authentication modules.
-
Click Authentication module in the context menu.
The Authentication module node is placed as a child to the node.
-
Click the Authentication module node.
-
In the node editing view, select the required authentication module from the Name selection list. For more information about the authentication modules, see the One Identity Manager Configuration Guide.
-
Enter a unique ID for the node in the Control ID field.
-
Repeat steps 8 to 12 until to add each authentication method you wish to use.
-
In the menu bar, click
(Save).
To permit all manual authentication options
-
Start the API Designer program.
-
In the menu bar, click View > Navigation.
-
In the navigation, click
-
In the tree structure, double-click the API project to be edited.
-
In the Definition tree view, click the
-
Click View > Node editor on the menu bar.
-
In the node editor view, perform the following actions:
-
In the Authentication type selection list, select Allow all manual modules.
-
Enter a unique ID for the node in the Control ID field.
-
(Optional) In the Authentication properties field, enter the authentication properties.
-
(Optional) Enable the Product option and select the product from the list.
-
-
In the menu bar, click
-
Start the API Designer program.
-
In the menu bar, click View > Navigation.
-
In the navigation, click
-
In the tree structure, double-click the API project to be edited.
-
In the definition tree view, expand the
-
Right-click the
NOTE: This node is only available if you have manually specified the authentication options yourself or you have permitted manual authentication options.
-
Click Authentication module in the context menu.
The Authentication module node is placed as a child to the node.
-
Click the Authentication module node.
-
Click View > Node editor on the menu bar.
-
In the node editing view, select the required authentication module from the Name selection list. For more information about the authentication modules, see the One Identity Manager Configuration Guide.
-
In the menu bar, click
Log in with stored login data
To approve a login with stored login data, perform the following two steps:
-
Store the credentials of the users with access in each of the API server's web.config file.
-
Configure authentication in the API Designer's API project.
To store login data in the API Server
- Connect to your API Server.
-
Open the web.config file in a text editor.
-
(Optional) If the file is encrypted, decrypt the file.
-
In the <connectionStrings> section, add the following entry:
<add name="sub:<NAME>" connectionString="Module=DialogUser;User=<USER>;(Password)Password=<PASSWORD>" />
-
<NAME> stands for the name/ID of the API project.
-
<USER> stands for the login name of the user.
-
<PASSWORD> stands for the user's password.
-
-
Save your changes to the file.
-
(Optional) encrypt the file.
To configure the login with the saved login data on the API project
-
Start the API Designer program.
-
In the menu bar, click View > Navigation.
-
In the navigation, click
-
In the tree structure, double-click the API project to be edited.
-
In the Definition tree view, click the
-
Click View > Node editor on the menu bar.
-
In the node editor view, perform the following actions:
-
In the Authentication type selection list, select Fixed credentials.
-
Enter a unique ID for the node in the Control ID field.
-
(Optional) In the Authentication properties field, enter the authentication properties.
-
(Optional) Enable the Product option and select the product from the list.
-
-
In the menu bar, click
Related topics
Changing encryption
You can change the encryption used for data by choosing another encryption certificate.
To change the encryption certificate
-
Connect to your API Server.
-
Open the web.config file in a text editor.
-
(Optional) If the file is encrypted, decrypt the file.
-
Change the value of the certificatethumbprint property to the thumbprint of the certificate you want to use.
-
Save your changes to the file.
-
(Optional) encrypt the file.