Help

Example of authenticating REST API with SAML from JavaScript?

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
haraldo
Member II
‎12 Dec 2019 8:03 AM

Example of authenticating REST API with SAML from JavaScript?

I'm developing an integration from our asset inventory system to and Alfresco installation at a client. The Alfresco site is set up with SAML SSO against Office365.

I need to authenticate to get a ticket as described in https://docs.alfresco.com/saml1.0/concepts/develop-saml.html

The description here simply states "your application will have to open an embedded browser" and "Pick up the ticket from the JSON response and close the browser". From a React JavaScript application this is easier said than done. There are resitrictions as to what JavaScript can do with embedded browsers.

Does anyone have samples or can point to more information as to how to go about this?

0 Kudos
2 Replies
afaust
Master
‎12 Dec 2019 10:00 AM

Re: Example of authenticating REST API with SAML from JavaScript?

With "application", I doubt the documentation was referring to other web applications, more like desktop / server applications, running in less restricted environments than browser-bound JavaScript.

I don't think there is any reasonable way to authenticate to Alfresco ReST API via SAML apart from actually, temporarily leaving your application and redirecting the browser through the authentication handshake.
I would certainly know how to achieve a clean integration without temporary redirects (after the initial user authentication in the React app), but that would require using a central authentication system (Keycloak) which federates authentications (including dealing with SAML), and having a unified user base across both the React app and Alfresco. Then the React app could just fetch an OIDC access token within the already established Keycloak session, and access Alfresco, all with just plain ReST (both Keycloak and Alfresco) and without redirects.

0 Kudos
haraldo
Member II
‎12 Dec 2019 10:27 AM

Re: Example of authenticating REST API with SAML from JavaScript?

OK, I feared something like that :-)

Perhaps another way to go would be to authenticate using basic authentication with some "service user" account. But then, would it be possible to somehow check the authorizations the logged in user has in Alfresco?

0 Kudos
Alfresco Content Services Forum

Ask for and offer help to other Alfresco Content Services Users and members of the Alfresco team.

Related links:

We use cookies on this site to enhance your user experience

By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods).   If you are not ok with these terms, please do not use this website.