cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Check out the JMP® Marketplace featured Capability Explorer add-in
Choose Language Hide Translation Bar
diz
diz
Level II

How to connect to API with windows authentification / NTLM / LDAP ?

Created: Jun 19, 2020 03:00 AM  |  Last Modified: Jun 10, 2023 1:37 PM (4380 views)

Hello jmp users, 

I try to connect to our internal services / api in JMP/JSL (JMP14) with HTTP request method 

like 

 

 

url = "http://192.168.1.1/api/getsomedata;
request = New HTTP Request(
        URL( url ),
        Method( "Post" ),
Form(
               Fields([[
                       "maxLimit" => "100"
               ]])
        )
);
json = request << Send();
jsl_json = Parse JSON( json );

 

The URL needs Windows Authentificaion (Ldap, NTLM).

Does somebody know a way, how to provide [username, password]  windows credentials  to access that ressource via  HTTP Request Method?

Related questions are discussed eg here:

http Request with authentication using windows identity 

Getting Started With REST in JMP 

Importing Web Service Data: The New HTTP Request in JMP® 14 ( US 2018 231 ) 

 

thank you diz

 

0 Kudos
2 ACCEPTED SOLUTIONS

Accepted Solutions
vince_faller
Super User (Alumni) vince_faller
Super User (Alumni)
Solution

Re: How to connect to API with windows authentification / NTLM / LDAP ?

Jun 23, 2020 01:19 PM (4263 views)  |  Posted in reply to message from diz 06-19-2020

Would Oauth2 be an option? JMP 15 has this in the scripting index. 

 

Names Default To Here( 1 );
/*
https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
*/
				 
/*
Note: the "code" parameter is set automatically after the redirect occurs
*/
auth_url = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize";
token_url = "https://login.microsoftonline.com/common/oauth2/v2.0/token";
redirect_url = "http://localhost/myapp/";
client_id = "6731de76-14a6-49ae-97bc-6eba6914391e";
client_secret = "JqQX2PNo9bpM0uEihUPzyrh";
scope = "openid offline_access https://graph.microsoft.com/user.read";
auth_fields = [=> ];
token_fields = [=> ];
				 
oauth2 = New OAuth2();
oauth2 << Grant Type( "Authorization Code" );
oauth2 << Auth URL( auth_url );
oauth2 << Token URL( token_url );
oauth2 << Redirect URL( redirect_url );
				 
auth_fields["scope"] = scope;
auth_fields["client_id"] = client_id;
token_fields["client_secret"] = client_secret;
				 
oauth2 << Auth Fields( auth_fields );
oauth2 << Token Fields( token_fields );
				 
auth_header = oauth2 << Get Auth Header();
request = New HTTP Request(
	URL( "https://graph.microsoft.com/v1.0/me" ),
	Headers( {auth_header} ),
	Method( "GET" )
);
data = request << Send;
Vince Faller - Predictum

View solution in original post

bryan_boone
Staff bryan_boone
Staff
Solution

Re: How to connect to API with windows authentification / NTLM / LDAP ?

Created: Jun 26, 2020 09:16 AM  |  Last Modified: Jul 1, 2020 5:47 AM (4182 views)  |  Posted in reply to message from diz 06-23-2020

Form based is one option.

Basic is another.

In a nutshell (examples to follow), form based is sending key/value pairs to your webservice much like logging in with a webpage form.

 

Basic authentication is in found in the header (HTTP Request << Headers option), where the authenitcation is

username:password (Base 64 encodeed). You can also use:

 

request << Username("my username");

request << Password("my password");

 

instead of setting the header information directly for Basic.

 

You'd want both, if possible to be over https.

Typically, your webservice would set a cookie to manage subsequent requests.

If you use Basic, then it wouldn't be required as long as you set the header information with each request.

 

If you go the Passport option for the webservice, Passport acts a a mediator, it can digest form and Basic(and others) and do the back-end authorization that you want.

 

Most webservices, like Office 365, Google, Spotify, JMP Live use OAuth2 (not form-based or Basic), but that's due to external visibility of the sites (which add complexity). If it's an in-house behind your firewall, etc, basic or form-based using https is your simplest option, in my opinion.

 

View solution in original post

Form-based Script.jsl
Basic-Script.jsl
0 Kudos
7 REPLIES 7
bryan_boone
Staff bryan_boone
Staff

Re: How to connect to API with windows authentification / NTLM / LDAP ?

Jun 19, 2020 09:17 AM (4341 views)  |  Posted in reply to message from diz 06-19-2020

HTTP Request doesn't authenticate with NTLM/LDAP directly.

You'd want to use something like Passport http://www.passportjs.org/

in your webservice, then use form-based authentication or basic authentication  over https.

-Bryan

0 Kudos
diz
diz
Level II

Re: How to connect to API with windows authentification / NTLM / LDAP ?

Jun 23, 2020 08:40 AM (4272 views)  |  Posted in reply to message from bryan_boone 06-19-2020

Hi Bryan, thank you for that Information, this is good to know!

Is there an example  or code snipplet in the JSL documentation about how to use the form based http Basic authentification with jmp? This i would like to try, before changing something in the server software.

thanks again diz

0 Kudos
bryan_boone
Staff bryan_boone
Staff
Solution

Re: How to connect to API with windows authentification / NTLM / LDAP ?

Created: Jun 26, 2020 09:16 AM  |  Last Modified: Jul 1, 2020 5:47 AM (4183 views)  |  Posted in reply to message from diz 06-23-2020

Form based is one option.

Basic is another.

In a nutshell (examples to follow), form based is sending key/value pairs to your webservice much like logging in with a webpage form.

 

Basic authentication is in found in the header (HTTP Request << Headers option), where the authenitcation is

username:password (Base 64 encodeed). You can also use:

 

request << Username("my username");

request << Password("my password");

 

instead of setting the header information directly for Basic.

 

You'd want both, if possible to be over https.

Typically, your webservice would set a cookie to manage subsequent requests.

If you use Basic, then it wouldn't be required as long as you set the header information with each request.

 

If you go the Passport option for the webservice, Passport acts a a mediator, it can digest form and Basic(and others) and do the back-end authorization that you want.

 

Most webservices, like Office 365, Google, Spotify, JMP Live use OAuth2 (not form-based or Basic), but that's due to external visibility of the sites (which add complexity). If it's an in-house behind your firewall, etc, basic or form-based using https is your simplest option, in my opinion.

 

Form-based Script.jsl
Basic-Script.jsl
0 Kudos
diz
diz
Level II

Re: How to connect to API with windows authentification / NTLM / LDAP ?

Jul 1, 2020 02:54 AM (4105 views)  |  Posted in reply to message from bryan_boone 06-26-2020

Hi Bryan, 

thanks for the update! This solution works  and is the real solution! I marked this as solution.

best, diz

0 Kudos
UersK
UersK
Level III

Re: How to connect to API with windows authentification / NTLM / LDAP ?

Feb 8, 2023 12:20 AM (1983 views)  |  Posted in reply to message from bryan_boone 06-26-2020

Thanks!

0 Kudos
vince_faller
Super User (Alumni) vince_faller
Super User (Alumni)
Solution

Re: How to connect to API with windows authentification / NTLM / LDAP ?

Jun 23, 2020 01:19 PM (4264 views)  |  Posted in reply to message from diz 06-19-2020

Would Oauth2 be an option? JMP 15 has this in the scripting index. 

 

Names Default To Here( 1 );
/*
https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
*/
				 
/*
Note: the "code" parameter is set automatically after the redirect occurs
*/
auth_url = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize";
token_url = "https://login.microsoftonline.com/common/oauth2/v2.0/token";
redirect_url = "http://localhost/myapp/";
client_id = "6731de76-14a6-49ae-97bc-6eba6914391e";
client_secret = "JqQX2PNo9bpM0uEihUPzyrh";
scope = "openid offline_access https://graph.microsoft.com/user.read";
auth_fields = [=> ];
token_fields = [=> ];
				 
oauth2 = New OAuth2();
oauth2 << Grant Type( "Authorization Code" );
oauth2 << Auth URL( auth_url );
oauth2 << Token URL( token_url );
oauth2 << Redirect URL( redirect_url );
				 
auth_fields["scope"] = scope;
auth_fields["client_id"] = client_id;
token_fields["client_secret"] = client_secret;
				 
oauth2 << Auth Fields( auth_fields );
oauth2 << Token Fields( token_fields );
				 
auth_header = oauth2 << Get Auth Header();
request = New HTTP Request(
	URL( "https://graph.microsoft.com/v1.0/me" ),
	Headers( {auth_header} ),
	Method( "GET" )
);
data = request << Send;
Vince Faller - Predictum
diz
diz
Level II

Re: How to connect to API with windows authentification / NTLM / LDAP ?

Jun 24, 2020 09:55 AM (4241 views)  |  Posted in reply to message from vince_faller 06-23-2020

Hi, thanks for that suggestion! Good, that this option could work, but it is not that what I was looking for originally. Anyway, since there are some workarounds given, I i will mark this discussion as solved! Thanks diz