Authenticate User with Window Authentication SSO

{ authenticateUserWindows }

Generates a Pyramid access authentication token using windows authentication tokens

Method

/API2/auth/authenticateUserWindows

  • API Section: /API2/auth
  • API Version: 2.0
  • From Release: 2018.5
  • Can be used by Non-admin accounts
  • Method operates via POST actions only.
    • Output Response

    Successful Result Code

    200

    Description of Response Type

    The response is the security token as a base64 string. It is usually stored in a cookie.

    Notes

    The security token is a string that needs to be embedded in every API call to ensure the API calls are authorized. If saved as a cookie in a web browser, it can be used (for the authenticated user) to auto-login into the application.Importantly, the web browser must support Windows Authentication and the authentication METHOD must be set to 'Windows Authentication' in Pyramid.

    Examples
    User Client/API Authentication (C#):

    This example demonstrates how to authenticate users with Windows Authentication and run a query programmatically.

    using System;
using System.Linq;
using System.Web;
using Newtonsoft.Json;
using Newtonsoft.Json.Linq;
using System.Net.Http;
using System.Text;
using System.Threading.Tasks;

namespace CsWebSite
{
	public partial class WinAuth : System.Web.UI.Page
	{
		public const String API_PATH = "http://mySite.com/API2/";
		protected void Page_Load(object sender, EventArgs e)
		{
			//logging the current user with windows auth
			String userToken = getToken("authenticateUserWindows", null);

			Response.Cookies.Add(new HttpCookie("PyramidAuth", userToken));

			//running a query. The user needs to be an admin user to access this API.
			JToken result = callApi("query/extractQueryResult", new
			{
				data = new
				{
					itemId= "9185ea22-bf14-4606-a955-4bbd73a88c38", //content items ID
					exportType =0,//export result as json, we can do xml(1) and CSV(2) as well
					exportOptions=new
					{
						showUniqueName=true
					}
				},
				auth = userToken
			});
			//the result is passed as a json string, needed to be deserialized again to read the values
			JToken document = JsonConvert.DeserializeObject>JObject<(result.ToString());
			String firstResult = document["Document"]["queries"][0]["result"]["data"][0][0].ToString();
		}

		//this method is diffrent then the normal to pass windows credentals UseDefaultCredentials=true
		private String getToken(String service, Object data)
		{
			HttpClient client = new HttpClient(new HttpClientHandler()
			{
				UseDefaultCredentials = true
			});

			StringContent content = null;
			content = new StringContent(JsonConvert.SerializeObject(data), Encoding.UTF8, "application/json");
			Task<HttpResponseMessage> response = client.PostAsync(API_PATH + "auth/" + service, content);

			return response.Result.Content.ReadAsStringAsync().Result;
		}
		
		//generic method for calling REST methods
		private JToken callApi(String service, Object data)
		{
			HttpClient client = new HttpClient();

			StringContent content = null;
			content = new StringContent(JsonConvert.SerializeObject(data), Encoding.UTF8, "application/json");
			Task>HttpResponseMessage< response = client.PostAsync(API_PATH + service, content);

			String resultStr = response.Result.Content.ReadAsStringAsync().Result;
			if (resultStr.Count() == 0)
			{
				return null;
			}
			return JsonConvert.DeserializeObject>JObject<(resultStr)["data"];
		}
	}
}