Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
560
Views
0
Helpful
5
Replies

Finesse server-to-server comms - authentication

Go to solution
connor.sadler
Level 1
Level 1

‎09-28-2015 06:50 AM

Hi,

We have developed some server to server comms with Finesse, making both REST calls and listening to XMPP events.

This works reasonably well so far.

We're being asked if Finesse can support different types of authentication, other than userid+password.

e.g. using tokens (JSON Web Token) or certificates of some sort.

In the future we may not even have a plaintext password on our side, if the customer uses Single Sign On.

Are there any plans to support different authentication methods in Finesse?

I imagine this impacts both the REST and XMPP sides of the comms.

Thanks,

Connor

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
ewindgat
Level 5
Level 5

‎10-02-2015 11:58 AM

Currently, there are no alternative ways to authenticate.

For version 11.5, SSO will be available. Details on that will be provided later.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
ewindgat
Level 5
Level 5

‎10-02-2015 11:58 AM

Currently, there are no alternative ways to authenticate.

For version 11.5, SSO will be available. Details on that will be provided later.

0 Helpful

Go to solution
connor.sadler
Level 1
Level 1
In response to ewindgat

‎10-06-2015 12:54 AM

Thanks for the information, I'll pick it up again when 11.5 is out

0 Helpful

Go to solution
stephan.steiner
Spotlight
Spotlight
In response to connor.sadler

‎01-29-2016 12:58 PM

Connor - as I'm doing the same thing architecturally (server to server, xmpp and rest), I'm wondering if you ever got to the bottom of the whole rights management issue.. which user is authorized to do what. I seem to slowly make my way from being able to perform operations just on the logged in user to performing more operations under a single user account (to me that's the core of server to server.. I should be able to do everything.. and my server limits what users working with it can do).

0 Helpful

Go to solution
connor.sadler
Level 1
Level 1
In response to stephan.steiner

‎02-18-2016 07:10 AM

Hi Stephan,

We've had no issues with what each connection can do, as we use a different connection for each user.

Each connection then only tries to access data or perform operations for that user.

Are you wanting to use one connection and perform operations for different users using that one connection?

Regards,

Connor

0 Helpful

Go to solution
stephan.steiner
Spotlight
Spotlight
In response to connor.sadler

‎02-18-2016 08:53 AM

Well - every connection takes resources so it's more efficient to share. E.g. we have a CTI client on another platform and we ran into resource bottlenecks using one connection per user. When we started sharing, those went away and we can now run a very slim server side app.

through trial and error I found that when I connect to xmpp using an agent's credential, I can then subscribe for notifications for any other agent - which seems to suggest there's no permission system in place (which I find weird). On the rest side, there seems to be a permission system - but it seems it is very user centric. Ideally for any server to server app there'd be a special role that grants you admin access. Like the axl and CTI roles for Cucm app users. Using those roles you can do everything for every user without having to bother with end user credentials. since such things do not exist in the c environment, I need to know how the permission system works so I can design my app accordingly (knowing user credentials is out..  the app needs to run at all times and without asking for end user credentials (which in my case would be the domain credentials and there's no way gathering and storing those is acceptable))

0 Helpful
Customers Also Viewed These Support Documents