I am using OTK 3.6.
We need to Authenticate the end user in the authorization code flow with the external service.
We have got the details for the external service from which the end users should be authenticated. The Username password entered in the above page to be transformed into XML and sent to the external service, the external service will return a 200 HTTP code by which we will determine if the user is authenticated or not.
So how can we achieve this scenario?
Which policy do we need to edit and what are the changes to be done if we are not using our Internal LDAP for authentication.
Dear irfan.mugale ,
Are you trying to use an external login server?
If yes, you may refer to Sascha's blog,
HowTo – Integrating OTK with external Login-Server
We dont need any external login page to pop up, we just need that the username and password entered in the below page should be authenticated.
The Username password will be converted to into XML
The External Service is just a rest service which can only authenticate the username from db through there query logic and send me a http response code 200 if successfull.
Thank you for the help.
The authentication is handled in the 'OTK User Authentication' encapsulated assertion. For newer, 4.x releases of OTK, please look to use the 'OTK User Authentication Extension' policy. You can add custom logic to format the user id and password as XML and route to your backend service to authenticate.
Support Optional Authentication Mechanisms - CA API Management OAuth Toolkit - 4.3 - CA Technologies Documentation