Skip to content

How to Use Secure Web Services

Overview

This module allows calling any standard Etendo web service in the same way as calling the /ws endpoint, but using token authentication.

This authentication method also allows defining the context for the calls by choosing the role and or organization when requesting a token. It is also possible to renew a token to refresh the expiration date or change the role/organization.

Besides the authentication implementation, the module includes utilities for developers and useful web services, such as jsonDal (to access the OB Data Access Layer with json).

Initial Setup

Application > General Setup > Client > Client

It is necessary to configure the encryption key and the expiration time for the authentication tokens in the Client window with the System Administrator role.

If the Expiration Time field is equal to 0 the tokens do not expire.

Generate a random key with the Generate key button.

Info

By default, the ES256 encryption algorithm is used, it is possible to change it by setting a new preference with the Encryption Algorithm property and set its value to HS256 to use a legacy algorithm.

Warning

A valid domain name and SSL/TLS certificate are required to use Secure Web Services. Please install a certificate or contact your administrator to avoid runtime errors when generating tokens in server instances.

Secure Web Services Swagger

Info

For more information, visit Secure Web Services Swagger.

This work is licensed under CC BY-SA 2.5 ES by Futit Services S.L.