Authenticate User with Window Authentication SSO

{ authenticateUserWindows }

Generates an access authentication token using windows authentication tokens

Method

/API2/auth/authenticateUserWindows

  • API Section: /API2/auth
  • API Version: 2.0
  • From Release: 2018.5
  • Can be used by Non-admin accounts
  • Method operates via POST actions only.
    • Output Response

    Successful Result Code

    200

    Description of Response Type

    The response is the security token as base64 string. It is usually stored in a cookie.

    Notes

    The security token is a string that needs to be embedded in every API call to ensure the API calls are authorized. For use in API calls, the token needs to be for an administrative user. If saved as a cookie in a web browser, it can be used (for the authenticated user) to auto-login into the application.Importantly, the web browser authentication METHOD must be set to Windows Authentication

    Examples
    User Client/API Authentication (C#):

    This example demonstrates how to authenticate users with Windows Authentication and run a query programmatically.

    using System;
using System.Linq;
using System.Web;
using Newtonsoft.Json;
using Newtonsoft.Json.Linq;
using System.Net.Http;
using System.Text;
using System.Threading.Tasks;

namespace CsWebSite
{
	public partial class WinAuth : System.Web.UI.Page
	{
		public const String API_PATH = "http://mySite.com/API2/";
		protected void Page_Load(object sender, EventArgs e)
		{
			//logging the current user with windows auth
			String userToken = getToken("authenticateUserWindows", null);

			Response.Cookies.Add(new HttpCookie("PyramidAuth", userToken));

			//running a query. The user needs to be an admin user to access this API.
			JToken result = callApi("query/extractQueryResult", new
			{
				data = new
				{
					itemId= "9185ea22-bf14-4606-a955-4bbd73a88c38", //content items ID
					exportType =0,//export result as json, we can do xml(1) and CSV(2) as well
					exportOptions=new
					{
						showUniqueName=true
					}
				},
				auth = userToken
			});
			//the result is passed as a json string, needed to be deserialized again to read the values
			JToken document = JsonConvert.DeserializeObject>JObject<(result.ToString());
			String firstResult = document["Document"]["queries"][0]["result"]["data"][0][0].ToString();
		}

		//this method is diffrent then the normal to pass windows credentals UseDefaultCredentials=true
		private String getToken(String service, Object data)
		{
			HttpClient client = new HttpClient(new HttpClientHandler()
			{
				UseDefaultCredentials = true
			});

			StringContent content = null;
			content = new StringContent(JsonConvert.SerializeObject(data), Encoding.UTF8, "application/json");
			Task<HttpResponseMessage> response = client.PostAsync(API_PATH + "auth/" + service, content);

			return response.Result.Content.ReadAsStringAsync().Result;
		}
		
		//generic method for calling REST methods
		private JToken callApi(String service, Object data)
		{
			HttpClient client = new HttpClient();

			StringContent content = null;
			content = new StringContent(JsonConvert.SerializeObject(data), Encoding.UTF8, "application/json");
			Task>HttpResponseMessage< response = client.PostAsync(API_PATH + service, content);

			String resultStr = response.Result.Content.ReadAsStringAsync().Result;
			if (resultStr.Count() == 0)
			{
				return null;
			}
			return JsonConvert.DeserializeObject>JObject<(resultStr)["data"];
		}
	}
}