Lately, we bought licenses for N2F, a travel expense solution.
They offer an API and postman proofs it is working well.
https://www.n2f.com/services/documentation/v2
i want to offer this API as services in Foundry so that our developers can use it in our apps.
First, I tried to authenticate with the client_id and client_secret from the account page. So I built an identity service that does a client credential oAuth flow. The API expects the client_id and client_secret as key value pairs in a json payload as a post against the /auth endpoint. The identity service does something different as it seems, not token comes back, instead error message „client_id missing“. How to do this right?
The best integration service type for this would be an API proxy service (it allows to set the N2F backend-token creating identity service to be selected regardless of what the user authenticating identity service in your app is, hopefully) - but there is no import of a swagger file or openapi spec on this service type, leading to typing the whole api definition by hand. Can’t we import a swagger file for an API proxy Service? Why? What is the recommended way to do this?
Please share a best practice.
Hi @Bernd Gewehr , I guess you are having a problem with the POST request to your desired endpoint. I also faced the same and you can refer to this post to understand how to set up the API PRoxy service to get things done: https://support.hcl-software.com/community?id=community_question&sys_id=ffb4716c1b3e2950574121f7ec4bcb7e
Most importantly, there are a couple of things that you want to consider while creating a POST request from Foundry to an endpoint:
1. Mark the request template section as SHOW & then append a proper JSON payload request
//For example: if your endpoint is expecting email and pwd as a JSON payload, then do this:
{
“email” : “$email”,
“pwd” : “$pwd”
}
2. $email & $pwd tells Foundry that the request parameters should be used in place of the placeholder values. It is better to provide some text value of the JOSN request.
@Bernd Gewehr For the APIs documented at https://www.n2f.com/services/documentation/v2, you should be able to use JSON adapter under Integration Services, including the Authentication API.
The Auth API (https://wwwdev.n2f.com/services/api/v2/auth) does not seem to support OAuth which might be the reason why Identity Service with OAuth is not working for you.
For post-auth calls, you have primarily 2 options.
Ideal way would be to create a Custom Identity service using the Integration Service (created using JSON adapter for the /auth call). You will have to extract response.token from the /auth call. By using Identity service you would have access to more API protection features in Foundry.
However, you can also simply use the Integration services for /auth and store response.token in Session (post processor: "Bearer " + response.token) which can be subsequently sent as "Authorization" header for all post-auth calls in Foundry.
I have been successful with the described method - but if all these APIs that we will need for what we do store their tokens indistinguishable in the session, how can I imagine the different APIs can find their respective token?
Imagine the following: A developer of an app (must not be an iris app at all) gets access to the Vössing UPS API by sending a tracking number to a foundry integration service of ours. This integration service posts that tracking number onto the foundry message bus with attributes like requestTracking and callbackResultUrl. A workflow in foundry shall now lookup the parcel tracking information and send the response back to the callbackURL. What’s the session? How to distinguish the tokens of different services in foundry if session is the solution…
@Bernd Gewehr This can be achieved in various ways, depending on the exact system design / architecture you are trying to implement. Here are few options worth exploring.
If you want to use Foundry Workflow services, then you can process incoming payload and save it to FOUNDRY_WORKFLOW_CONTEXT for any further access to the data till the workflow is completed. This would probably the right option for your requirements.
If you want to use Integration / Orchestration services, every request creates its session and if you want to trigger multiple APIs, then you would create Orchestration service which would allow you access data from request and response from individual API calls within that Orchestration service.
e.g. if I have a request coming from external system (not an Iris app) which needs to make 2 API calls, as follow.
1) Autheticate with passed input params - receive an API token
2) Get Weather details - using the API token received in the first call
In this case you can create an Orchestration service for 2 API calls in Sequence.
If you are looking to implement more complicated scenarios where the data needs to be persisted temporarily, you can also use Foundry caching mechanism.