Suppose our application(say myApp) is in SSO with lotus domino 9.0.1 server,is it required credentials while i am accessing rest APIs(calendar, data & core) from myApp.
1
votes
Can you specify more details? What kind of SSO are you using?
– Serdar Basegmez
SAML is the one we are planning to use. Basically our application was integrated with microsoft exchange. We are migrating to lotus domino. We are looking for a solution to successfully execute the rest API calls like data, calendar and core.
– Suresh Kumar
We are looking for a solution to successfully execute the rest API calls like data, calendar and core(without passing credentilas each time)
– Suresh Kumar
The answer might depend on how you are calling the REST APIs. If your call is going through the same http stack that the rest of your app is using, then the authentication information should already be present and you wont need to do anything. If your calls are going through a separate http stack, that would not be the case. For example, using Java to call the REST APIs in a windows app that is using the IE stack will not be automatically authenticated because Java uses a separate http stack (at least with some versions/configurations).
– Richard Schwartz
1 Answers
1
votes
Authentication is transparent to the REST APIs. The Domino web server authenticates each request, so it depends on how your server is configured. If you want to use SAML, you will have to configure web federated login. Follow the preceding link for a good overview. As shown in slide 9, your application needs to:
- Acquire a SAML assertion from the IdP
- Use the SAML assertion to acquire a session cookie from the Domino server
- Include the session cookie in each subsequent REST request
