I'm working with a customer who has an application API behind SiteMinder. That customer is interested in knowing if anyone else has developed a solution where "MyApp" API makes a call to the CA Access Gateway API for Auth/Az web services, using a service account, to complete the transaction.
We have an API called "MyApp".
The requirement is we need to authenticate before "MyApp" returns a response to the client calling "MyApp".
Our thought process is we could have two parts within MyApp API. On "MyApp" being invoked, Part-A would initiate a SOAP / REST call to AuthAzWS. Based on the Response from AuthAzWS, "MyApp" would decide if Part-B could be triggered to complete a response.
We know how to generate a SOAP / REST call to AuthAzWS. The question is more from the implementation methodology on the Client Side (MyApp is the Client for AuthAzWS, in this case making a call to AuthAzWS). Hence it is a tad outside the remits of CA SSO, because we are asking a Client Side Implementation question.
Would love to hear some thoughts on different approaches, on how to invoke a call to AuthAzWS on the "MyApp" API end.