Post

2 followers Follow
0
Avatar

Execute API without login

I want to use a program to run a set of APIs in Clarizen using user's privilege. My requirement is that a function button in our in-house application calls a web service in our web server to execute a set of APIs in Clarizen on behalf of the user. I suppose that the SSO is configured in Clarizen and user's credential can be passed from Web Browser to Web Service and then to Clarizen for executing APIs. Is it possible to do so?

Bennett Answered

Please sign in to leave a comment.

1 comment

0
Avatar

Hi Bennet,

Clarizen's SSO support is mostly about using some identity provider's credentials to enter Clarizen's UI without logging in.
It's not exactly about sharing Clarizen credentials with API applications. SSO is achieved with SAML 2 protocol, which fits browser applications, not server side. 

However, I think you can go around it in one of 2 ways.

  1. A custom action (or other business rules) can issue an Outbound Call providing a session id for the API. A custom action can be accessed directly (you can find the custom action URL with the GetCustomActionUrl function). Your web application can access the custom action URL via the browser (login should be automatic if you use federated authentication). The custom action, in turn calls your web server with an api session. This requires you web server is accessible for such call.
  2. Clarizen does support OUath  providing. OAuth protocol allows acquiring of a token (per user) which can be used to get API access directly, with a one time user approval. However, registering new applications for OAuth is not provided. Contact your Clarizen customer success manager if you want to go this way.

Hope this helps,

Ophir

Ophir Kenig 0 votes
Comment actions Permalink