Don't miss out Virtual Happy Hour this Friday (April 26).

Try our conversational search powered by Generative AI!

Service API Auth

Vote:
 

Hi!

We have a site with autentication via a thid party single sign on service. We use Owin and WSFederation for users and administrators to logon to the web page. 

At this point we need to add the service API and we would like to use a static username and password process for the Service API. Is it possible to configure the service API to use a different autentication provider?

Best regards, 

Henrik Bäck

#139302
Sep 29, 2015 12:44
Vote:
 

If you take a look at EPiServer.ServiceApi.IntegrationInitialization module there is an Owin startup class that is executed by default. You can have your own startup as well as described here: http://world.episerver.com/documentation/Items/EPiServer-Service-API/Configuration-and-overview/Setting-up-EPiServerServiceApi/

You will not be able to call base Service Api setup code as authentication filter is registered there. You may need to setup Service Api yourself and also add your implementation of System.Web.Http.Filters.IAuthenticationFilter.

#139930
Oct 10, 2015 11:44
Vote:
 

This is something I have on the backlog to  be able to change this.  Right now it is tied to Membership and would like to the ability to be able to use idenity

#140226
Oct 13, 2015 20:40
Vote:
 

Would be great if you could open up integration and for instance provice a callback, delegate or anything else that framework will call when making Service API registration. This would allow us to inject and *configure* necessary authentication mehanisms and providers for the site.

#140227
Oct 13, 2015 21:22
Vote:
 

Yeah the thought wsa to atleast to change the provider for the OAuthAuthorizationServerOptions.  Dont know yet if we should allow to change the whole Auhtorization scheme since itself if that was what you were referring to.

#140230
Oct 13, 2015 22:51
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.