Community articleAuthorization
Added by IBM contributorIBM on September 12, 2012
Rate this article 1 starsRate this article 2 starsRate this article 3 starsRate this article 4 starsRate this article 5 stars

No abstract provided.


The primary means of interacting with Open Social APIs is through the use of OAuth as an authorization mechanism. There are however two other mechanisms for accessing IBM Connections, Basic and Form Based Authentication. It is also important to note that authentication is done over SSL, so accepting the certificate of the target server (generally supported by java libraries) is required.


Basic Authentication:

This is available by using slightly modified URLs that are configured to present the appropriate challenges. You simply introduce 'basic' to the url as follows:
Form Based Authentication:

This is used only by the IBM Connections components themselves when using the APIs from the browser (as they have an appropriate session available to them). Firebug can easily be used to determine requirements, but it should be noted that this means of authentication is subject to change.
OAuth Authorisation:
OAuth is used to authorize rather than authenticate as technically you have a consumer token that a given user 'authorizes' to act on their behalf in certain circumstances. This is covered separately. The PST requests should be directed at an oauth specific URL: