Configure Local JWT Token Provider (Optional)

Configure OAuth2 OpenID Connect (OIDC) is the preferred method to obtain and validate tokens. If you do not have the capability to use or run an OpenID Connect provider or ADFS and wish to enable the REST API, built-in user name plus password and local token creation is a substitute option. The Colectica Portal REST API can use locally obtained JWT tokens for REST authentication from the Colectica Portal when this provider is configured. The local JWT provider can only be used if OpenID Connect is disabled. Follow these instructions to enable the local JWT Token Provider.

  1. In PortalDir\appsettings.json, find the OpenIDConnect section.

    "LocalJwtProvider":
    {
      "Enabled": "false",
      "SymmetricSecurityKey": "A secret string that must be at least 16 characters long"
    }
    
  2. Set the Enabled property to true.

  3. Set the SymmetricSecurityKey property to a secret string that is at least 16 characters long.

  4. To manage which local users map to the different Colectica roles, see Configure Active Directory.

Usage

To obtain an access token from the local provider, POST a json request to https://example.org/token/createtoken containing:

{
    "username" : "user@example.org",
    "password" : "examplePassword"
}

When you authenticate correctly, you will receive an access token:

{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6InVzZXJAZXhhbXBsZS5vcmciLCJuYW1laWQiOiI3YWNiOGJkZi00NjVlLTQ4ZmItOTIyYS0yODVkMWIzYjVlNWQiLCJqdGkiOiI0OTA4OTNkNi0yMGJjLTQ4MWUtYTEyMy1jODMyMTAzMWI2YzMiLCJlbWFpbCI6InVzZXJAZXhhbXBsZS5vcmciLCJyb2xlIjoiQ29sZWN0aWNhR3Vlc3QiLCJuYmYiOjE1OTA0NDYxMzYsImV4cCI6MTU5MzAzODEzNiwiaWF0IjoxNTkwNDQ2MTM3fQ.iCzQsJ_B5g_MgLJ4uLPBrsMOyhTOMlkrE_gA4aUB8x0"
}

When making requests to the Colectica Portal REST API, use the access token with bearer authentication in the request header.

Authorization Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6InVzZXJAZXhhbXBsZS5vcmciLCJuYW1laWQiOiI3YWNiOGJkZi00NjVlLTQ4ZmItOTIyYS0yODVkMWIzYjVlNWQiLCJqdGkiOiI0OTA4OTNkNi0yMGJjLTQ4MWUtYTEyMy1jODMyMTAzMWI2YzMiLCJlbWFpbCI6InVzZXJAZXhhbXBsZS5vcmciLCJyb2xlIjoiQ29sZWN0aWNhR3Vlc3QiLCJuYmYiOjE1OTA0NDYxMzYsImV4cCI6MTU5MzAzODEzNiwiaWF0IjoxNTkwNDQ2MTM3fQ.iCzQsJ_B5g_MgLJ4uLPBrsMOyhTOMlkrE_gA4aUB8x0