Authentication

When you make a REST API call, you must authenticate the user. The following provides an example of REST API authentication using JavaScript, Java, C# and Ajax.

Prerequisites

Good to Know

  • For jQuery version 1.9 and higher, for a REST service that returns a response of null or {}, The REST API call dataType must be Text.
  • Use this format to create authorization header for authentication. You must give a space before closing quotation marks ( " ) after Bearer in authorization header code.
    • For Microsoft Azure Active Directory, Microsoft 365, or Salesforce authentication, use this format:

      (Bearer (Access Token received from Microsoft or Salesforce))

      JavaScript Example:

      httppost.addHeader("Authorization", "Bearer " + "Access Token");

      Java Example:

      httppost.addHeader("Authorization", "Bearer " + "Access Token");

      C# Example:

      request.Headers[HttpRequestHeader.Authorization] = "Bearer " + "Access Token");

      To generate the access token, refer these web pages from Microsoft:

    • For AgilePoint ID or Active Directory authentication, use this format. The code examples in this topic use this format.

      (Basic (base64(domain\\username:password))

JavaScript Code Example

$.ajax({
  headers: {
    
    // To make cross-domain ajax calls. 
    // This is required if your front-end and back-end are in different domains.
    "Access-Control-Allow-Origin": "*",               
    
    // Supply your application name.
    appID: 'My Application', 
    
    // If your application is being served in multiple languages,
    // Call a method that returns the selected language id, for example (en-Us).
    locale: getLocale(),
    
    // Add implementation to obtain base64 encoded value of username and password. 
    Authorization: "Basic "+base64encode(UserName:Password)   
  
  },
  url: 'https://mydomain:9011/AgilePointServer/Admin/GetRegisterUser',
  
  // Pass username in JSON format {userName:'Domain\\UserName'}
  data: JSON.stringify({ userName: 'mydomain\\lily.allen' }), 
  
  // default HTTP verb is post. 
  // If the verb is GET, you must specify it.
  type: 'POST',
  
  // Response content type. By default it is json.
  contentType: "application/json",                            
  
  // The default data type for the request body.
  dataType: "json",
  
  // Set async to true to make a non-blocking or asynchronous ajax call. 
  async: true,
  
  // Set cache to false to make sure we are not getting the cached response.
  cache: false,
  
  success: function (data, status) {
    try {
    
    // Handle success callbacks.
    } catch (e) {
           
    }
  },
  
  error: function (xhr, status, error) {
    try {
    
    //Handle any request error message or authentication failure messages.
    } catch (e) {
            
    }
  }
});

Java Code Example

public String POSTMethod(String URI, String jsonRequestData) {
  org.apache.http.impl.client.CloseableHttpClient httpClient = null;
  org.apache.http.client.methods.CloseableHttpResponse response = null;
  httpClient = HttpClients.createDefault();
  org.apache.http.client.methods.HttpPost httppost = null;

  httppost = new org.apache.http.client.methods.HttpPost(URI);
  httppost.addHeader("content-type", "application/json;charset=UTF-8");
  httppost.addHeader("Authorization",
    "Basic "+ new String(Base64.encodeBase64((Username:password).getBytes())));
  httppost.addHeader("AppName", "My Application");
  httppost.addHeader("Locale", Locale.getDefault());

  try {
    org.apache.http.entity.StringEntity se = 
      new org.apache.http.entity.StringEntity(jsonRequestData,
      ContentType.create("text/plain", "UTF-8"));
    httppost.setEntity(se);
    response = httpClient.execute(httppost);
    return org.apache.http.util.EntityUtils.toString(response.getEntity());
  } catch (ClientProtocolException e) {
    e.printStackTrace();
  } catch (IOException e) {
    e.printStackTrace();
  }
  return "";
}

C# Code Example

public HttpWebRequest GetHttpRequest(string URI, string Method)
  {
    //Create a request with required URI
    HttpWebRequest request = (HttpWebRequest)WebRequest.Create(URI);

    request.Method = Method;

    //Set Content Type
    request.ContentType = "application/json";
    //Set Accept Type
    request.Accept = "application/json";

    //Setting Header
    //Creating Authorization header format (Basic (base64(domain\\username:password))
    request.Headers[HttpRequestHeader.Authorization] =
      "Basic " + Convert.ToBase64String(Encoding.UTF8.GetBytes(domain + "\\" + userName + ":" + password));
    request.Headers["appID"] = appID;
    request.Headers["locale"] = locale;
    request.Timeout = 100000;
    request.KeepAlive = false;
    ServicePointManager.ServerCertificateValidationCallback += new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate);
    return request;
  }

Code Examples in the AgilePoint NX Documentation

The AgilePoint NX Product Documentation is intended as a basic reference to help you understand how to complete basic coding tasks, such as make API or JavaScript method calls. Code examples that show specific use cases, the solutions to specific business problems, or detailed implementation scenarios are outside the scope of the AgilePoint NX Product Documentation. For specific and/or advanced types of examples that may better meet your requirements, AgilePoint provides several resources:

  • AgilePoint Community Forums - A free, AgilePoint-moderated, crowd-sourcing user forum where you can ask questions about specific techniques, the solutions to use cases, workarounds, or other topics that may not be covered in the Product Documentation.
  • Professional Services - If you can not find the information you need for your specific business problem, mentoring is available through AgilePoint Professional Services.
  • Personalized Training - AgilePoint can provide personalized training for your organization. To request personalized training, contact AgilePoint Sales.