[midPoint] REST authentication

Petr Gašparík - AMI Praha a.s. petr.gasparik at ami.cz
Thu Dec 8 11:40:39 CET 2016

Hi Pertti,
My common approach is to create application user in midPoint, that is used
to call midPoint. Advantage is that you can limit privileges/rights to this

Is that suitable for you? Do you need to call midPoint on behalf of
particular user?

regards, Petr


s pozdravem

Petr Gašparík
solution architect

gsm: [+420] 603 523 860
e-mail: petr.gasparik at ami.cz

AMI Praha a.s.
Pláničkova 11
162 00 Praha 6
tel.: [+420] 274 783 239
web: www.ami.cz

[image: AMI Praha a.s.]

[image: AMI Praha a.s.]

Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá za
společnost AMI Praha a.s.
jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít výhradně
písemnou formu.

2016-12-08 10:43 GMT+01:00 Pertti Kellomäki <pertti.kellomaki at datactica.fi>:

> Hi Petr,
> 8.12.2016, 10:51, Petr Gašparík - AMI Praha a.s. kirjoitti:
> REST API does not work with browser, so what is the concept of "SSO" here?
> The setup is that there is an existing web application where the user
> interacts with the application using a browser. The application uses an
> external identity provider to authenticate the user, and the calls to the
> midPoint REST api come from the backend of the application. There is a 1:1
> correspondance between users in the identity provider and users in
> midPoint. "SSO" may not be the technically correct term here, but anyway I
> would like to let the application backend use midPoint REST api as the
> authenticated user. There is an Apache httpd in front of midPoint, so it
> can be used for verifying tokens or similar tasks.
> Pertti
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.evolveum.com/pipermail/midpoint/attachments/20161208/59bdd500/attachment-0001.html>

More information about the midPoint mailing list