AnsweredAssumed Answered

How to configure ADFS as our 3rd party OAuth server to our Atom Web server?

Question asked by cbeaudette606890 on Mar 25, 2016
Latest reply on Mar 28, 2016 by James Ahlborn

We are new to Boomi and have a requirement whereby a cloud POS system will be making requests to our Boomi integration tier and they use OAuth for their authentication, so we need Boomi to support it.  We also use Active Directory Federated Services (ADFS) for other, similar cloud services and would like to use it for our OAuth Auth Server (as described in this page):

 

 

  +--------+                               +---------------+

  |        |--(A)- Authorization Request ->|   Resource    |

  |        |                               |     Owner     |

  |        |<-(B)-- Authorization Grant ---|               |

  |        |                               +---------------+

  |        |

  |        |                               +---------------+

  |        |--(C)-- Authorization Grant -->| Authorization |

  | Client |                               |     Server    |

  |        |<-(D)----- Access Token -------|               |

  |        |                               +---------------+

  |        |

  |        |                               +---------------+

  |        |--(E)----- Access Token ------>|    Resource   |

  |        |                               |     Server    |

  |        |<-(F)--- Protected Resource ---|               |

  +--------+                               +---------------+

 

 

 

In our scenario, we'd like requests to our SOA Web server (the Shared Web Service in our Atom settings) to get a token from our ADFS (i.e. where ADFS would act as the Authorization Server in the diagram above), return that token to the client, and allow the client to make subsequent requests with the bearer token in an Authentication header to our Atom Web server (i.e. where the Atom Web server acts as the Resource Server in the diagram above).

 

Currently it looks like the only available authentication options for the Shared Web Service Settings are Basic, Client Cert Header, Client Certificate, and Custom, where Custom uses JAAS (only?).

 

Has anyone else been able to configure such a set up, or a similar setup?  Has anyone configured the ability to send bearer tokens in an Auth header to the Atom Web server and have the Atom Web server validate and use the token?

 

Any help would be much appreciated.

Outcomes