Get information on an authentication type

Purpose

Retrieves information on an authentication type.

URL

https://<myserver>:<port>/api/admin/auth/types/{id}

Method

GET

URL Parameters

<myserver> is the hostname or IP address of the machine hosting the Hybrid Data Pipeline server for a non-load balancer deployment, or the machine hosting the load balancer for a load balancer deployment. For a non-load balancer deployment, <port> is the port number specified as the Server Access Port during deployment. For a load balancer deployment, <port> must be either 80 for http or 443 for https. Whenever port 80 or 443 are used, it is not necessary to include the port number in the URL.

The URL parameter {id} is required.


Parameter	Description	Valid Values
`{id}`	The ID of the authentication type.	`1` \| `2` \| `3` \| `4` \| `5` `1` is the ID for the internal authentication type. `2` is the ID for a service that uses a Java plugin. `3` is the ID for a service that uses LDAP. `4` is the ID for a service that uses a SAML plugin. `5` is the ID for a service that uses OIDC.

Response Definition

The response has the following format.

{
    "id": authtype_id,
    "name": "authtype_name",
    "description": "authtype_description",
    "authDefinition": {
        "className": "javaplugin_classname_info",
        "attributes": {authdefinition_attributes}
    }
}


Properties	Description	Valid Values
"id"	The ID of the authentication type.	`1` \| `2` \| `3` \| `4` \| `5` `1` is the ID for the internal authentication type. `2` is the ID for a service that uses a Java plugin. `3` is the ID for a service that uses LDAP. `4` is the ID for a service that uses a SAML plugin. `5` is the ID for a service that uses OIDC.
"name"	The name of the authentication type.	A string that specifies the name of the authentication type.
"description"	The description of the authentication type.	A string that provides the description of the authentication type.
"authDefinition"	Information that describes the authentication type.	The value of `authDefinition` varies depending on which type is queried. A value of `null` is provided for the internal authentication service. See the example responses below.

Sample Server Success Response

The response payload varies depending on which authentication type is queried.

Internal authentication type

Status code: 200
Successful response

{
    "id": 1,
    "name": "Internal",
    "description": "Password stored in service. The default HDP authentication.",
    "authDefinition": null
}

Java plugin authentication type

Status code: 200
Successful response

{
    "id": 2,
    "name": "Java Auth Plugin",
    "description": "An authentication service that implements a Java Authentication plugin interface.",
    "authDefinition": {
        "className": "Specify a concrete class name that implements Java Authentication Plugin Interface. Eg. com.sample.plugins.auth.JavaPluginAuthSample",
        "attributes": "This is optional. Attributes can take any valid JSON Object."
    }
}

LDAP authentication type

Status code: 200
Successful response

{
    "id": 3,
    "name": "LDAP Auth Plugin",
    "description": "An authentication service that authenticates User with LDAP.",
    "authDefinition": {
        "attributes": {
            "targetUrl": "ldap server url",
            "securityAuthentication": "auth mechanism none,simple,sasl_mech",
            "securityPrincipal": "dn with loginname token",
            "otherAttributes": "This is Optional. JSON Object with key and value pairs which needs to be passed in environment properties while creating InitialDirContext object."
        }
    }
}

SAML plugin authentication type

Status code: 200
Successful response

{
    "id": 4,
    "name": "SAML Auth Plugin",
    "description": "An authentication service that authenticates User with a SAML provider.",
    "authDefinition": {
        "attributes": {
            "assertingPartySSOUrl": "SAML_server_url",
            "assertingPartyEntityId": "client_entity_id",
            "assertingPartyCertLoc": "client_certificate_location",
            "relyingPartyEntityId": "relyingparty_entity_id",
            "assertionConsumerServicePath": "SAML_service_path",
            "hdpUsernameIdentifier": "SAML_authenticated_user"
        }
    }
}

OIDC authentication type

Status code: 200
Successful response

{
 "id": 5,
 "name": "OIDC Auth Plugin",
 "description": "An authentication service that authenticates the user with an OpenId provider.",
   "authDefinition": {
     "issuerUrl": "The URL used to access the OIDC server of the OpenID provider",
     "hdpUsernameIdentifier": "The specific key in the token containing the authenticated user name"  
       "attrValidation": {
         "type": "token_validation_method",
         "introspectAuthMethod": "authentication method_name",
         "clientid": "client_id",
         "clientSecret": "client_secret",
         "claimsToValidate": "A JSON object containing the claims in key-value pairs",
         "otherAttributes": "Optional. A JSON object with key and value pairs" 
        }
    }
}

Authentication

Basic Authentication using Login ID and Password

Authorization

The user must have either the Administrator (12) permission, or the RegisterExternalAuthService (26) permission and administrative access to the tenant.

Progress DataDirect Hybrid Data Pipeline User's Guide Release 5.0.0