AdrianH
9 years agoNew Contributor II
Web Service Security
Does anyone have any material on enabling web service security above and beyond the OOTB Bearer token stuff?
Thanks!
Any help much appreciated.
Yours,
Adrian
Does anyone have any material on enabling web service security above and beyond the OOTB Bearer token stuff?
Thanks!
Any help much appreciated.
Yours,
Adrian
Adrian,
Assuming that you are talking about triggered or ultra tasks where you can run SnapLogic pipeline via REST call’s, at present you have two options
1 - bearer token
2 - http basic auth, where you set http authrization → Basic Auth → your snaplogic login creds i.e. username and pwd
You can also create a service account which can only run triggered tasks, http://doc.snaplogic.com/users
Service accounts need to be given permissions on a project or group basis just like regular user accounts. These accounts, however, cannot log into Designer or Manager and can only be used to run triggered tasks using basic authentication.
For additional security options you can try accessing SnapLogic tasks via 3rd party API gateway solution.
Hi,
Yes I was referring to triggered tasks.
Thanks, where or how is basic authentication set up for a triggered task?
Yours,
Adrian
Hi, is this still the case, the service account can only run triggered task?
Is ultra supported for service account?
Thanks
No.
Any user with a standard account (has username and password) that has been granted at least Read + Execute Access to the project where the trigger task resides can run that trigger task using basic authentication. This can be a standard user or a service account. Service Accounts are setup like a normal user, and permissions are managed like a normal user, but it is unable to log in to the UI.
Ultra only works with bearer auth.
you can use curl or any of your fav REST API testing client like postman https://www.getpostman.com/
curl https://pipeline-url?bearer_token=abc123
Bearer token is generated when you deploy your pipeline as a triggered task – see this link for more details http://doc.snaplogic.com/tasks → Running a Pipeline from a URL section
You can also invoke pipeline by passing your snaplogic cred’s as basic auth credentials and for that
curl https://uname%40domain.com:yourPassword@pipeline-url
more info HTTP Basic Authentication - what's the expected web browser experience? - Stack Overflow
Hi,
Thanks but the curl bit doesn’t look like a secure way as the credentials appear to be exposed.
The basic auth bit below assumes that a service account has been set up correct?
Thanks!
Yours,
Adrian
yes, I wouldnt recommend curl and service account is optional, have you tried postman? it lets you set basic auth in a secure way, pwd is masked
I guess there is none for standard pipelines