API Authentication

[PITS HKE]

Dear All,

I wish to retrieve my form data through the built-in API from other external system i.e.,  https://myfqdn/orbeon/fr/service/persistence/form/myapp/myform

However, 403 forbidden is returned (as expected) as no authentication factor is provided similar to other API services using “Bearer Token” or equivalent.

I have successfully setup an identity and access management (IAM) i.e., Keycloak for Orbeon’s login while token authentication is also supported.  May I know any insight for me to bring the authentication successful factor back to Orbeon for accessing the API?

Thank you so so much.

Regards,

Jonathan

[Alessandro Vernet]

Hi Jonathan,

Authentication for services works a bit differently, and goes through an "authorization service". You can find more about it on the page linked below, and of course just us know if anything isn't quite clear or doesn't work as you expect.

https://doc.orbeon.com/xml-platform/controller/authorization-of-pages-and-services

-Alex