OMS Web Service Authentication

A new token based authentication has been introduced for the OMS order soap web service using JSON Web Token (JWT). The operation FetchAuthenticationToken has been added to fetch the token based on the existing username and password. This token can be used to invoke other operations of the order service.

In order to use this form of authentication, the client can keep the password empty and send the fetched token as the username in the SOAP request.

Sample Request for FetchAuthenticationToken

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ord="http://www.tibco.com/aff/orderservice" xmlns:aut="http://www.tibco.com/aff/authentication">
   <soapenv:Header/>
   <soapenv:Body>
      <ord:AuthenticateRequest>
         <aut:username>admin</aut:username>
         <aut:password>admin</aut:password>
      </ord:AuthenticateRequest>
   </soapenv:Body>
</soapenv:Envelope>

Sample Response for FetchAuthenticationToken

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
   <soap:Body>
      <AuthenticateReply xmlns:ns8="http://www.tibco.com/aff/enrichedPlan" xmlns:ns7="http://www.tibco.com/aff/planfragments" xmlns:ns6="http://www.tibco.com/aff/plan" xmlns:ns5="http://www.tibco.com/aff/authentication" xmlns:ns4="http://www.tibco.com/aff/commontypes" xmlns:ns3="http://www.tibco.com/aff/order" xmlns:ns2="http://www.tibco.com/aff/orderservice/result" xmlns="http://www.tibco.com/aff/orderservice">
         <ns5:token>eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c3IiOiJhZG1pbiIsImlzcyI6Ik9NUyIsInJscyI6W3siYXV0aG9yaXR5IjoiUk9MRV9BRE1JTiJ9XSwidG50IjoiVDEiLCJleHAiOjE0OTQyMTcyNjAsImlhdCI6MTQ5NDIxMzY2MH0.sW6zyVrPOV4g8hE-dItzriShWiT9XCVcDk0PMopm89g</ns5:token>
      </AuthenticateReply>
   </soap:Body>
</soap:Envelope>

Sample Security Header with JWT

<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
    <wsse:UsernameToken wsu:Id="UsernameToken-F5E29770329D29B85614793195129081">
        <wsse:Username>eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c3IiOiJhZG1pbiIsImlzcyI6Ik9NUyIsInJscyI6W3siYXV0aG9yaXR5IjoiUk9MRV9BRE1JTiJ9XSwidG50IjoiVDEiLCJleHAiOjE0OTQyMTcyNjAsImlhdCI6MTQ5NDIxMzY2MH0.sW6zyVrPOV4g8hE-dItzriShWiT9XCVcDk0PMopm89g</wsse:Username>
        <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"></wsse:Password>
    </wsse:UsernameToken>
</wsse:Security>

Contents

Index

Search Results

OMS Web Service Authentication