Fetch Authentication Token

A token based authentication has been introduced for the OMS order soap web service using JSON Web Token (JWT). The operation FetchAuthenticationToken has been added to fetch the token based on the existing username and password. This token can be used to invoke other operations of the order service.

In order to use this form of authentication, the client can keep the password empty and send the fetched token as the username in the SOAP request.

The request message format is: 

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ord="http://www.tibco.com/aff/orderservice" xmlns:aut="http://www.tibco.com/aff/authentication">
   <soapenv:Header/>
   <soapenv:Body>
      <ord:AuthenticateRequest>
         <aut:username>admin</aut:username>
         <aut:password>admin</aut:password>
      </ord:AuthenticateRequest>
   </soapenv:Body>
</soapenv:Envelope>
Fetch Authentication Token Request Data Model
Element Name Element Type Description
Username String Existing username.
Password String Existing password.

The response message format is: 

soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
   <soap:Body>
      <AuthenticateReply xmlns:ns8="http://www.tibco.com/aff/enrichedPlan" xmlns:ns7="http://www.tibco.com/aff/planfragments" xmlns:ns6="http://www.tibco.com/aff/plan" xmlns:ns5="http://www.tibco.com/aff/authentication" xmlns:ns4="http://www.tibco.com/aff/commontypes" xmlns:ns3="http://www.tibco.com/aff/order" xmlns:ns2="http://www.tibco.com/aff/orderservice/result" xmlns="http://www.tibco.com/aff/orderservice">
         <ns5:token>eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c3IiOiJhZG1pbiIsImlzcyI6Ik9NUyIsInJscyI6W3siYXV0aG9yaXR5IjoiUk9MRV9BRE1JTiJ9XSwidG50IjoiVElCQ08iLCJleHAiOjE0OTk3MTM5NzYsImlhdCI6MTQ5OTcxMzc5Nn0.NmLbv2yT5at1lE_DUyWfvjYdxvgv7TJk1utdv-YX-Fo</ns5:token>
      </AuthenticateReply>
   </soap:Body>
</soap:Envelope>
Sample Security Header with JWT 
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
    <wsse:UsernameToken wsu:Id="UsernameToken-F5E29770329D29B85614793195129081">
        <wsse:Username>eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c3IiOiJhZG1pbiIsImlzcyI6Ik9NUyIsInJscyI6W3siYXV0aG9yaXR5IjoiUk9MRV9BRE1JTiJ9XSwidG50IjoiVDEiLCJleHAiOjE0OTQyMTcyNjAsImlhdCI6MTQ5NDIxMzY2MH0.sW6zyVrPOV4g8hE-dItzriShWiT9XCVcDk0PMopm89g</wsse:Username>
        <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"></wsse:Password>
    </wsse:UsernameToken>
</wsse:Security>