Difference between revisions of "I2Rest Client"
Pavel.lobko (talk | contribs) (→Request authorization methods) |
Pavel.lobko (talk | contribs) (→Request authorization methods) |
||
Line 20: | Line 20: | ||
;OAuth2 Authorization Code Flow using i2Rest bridge mode | ;OAuth2 Authorization Code Flow using i2Rest bridge mode | ||
− | : allows an application to obtain an access token (which is a permition to deal with protected user data on remote resource) by exchanging an authorization code for it. In it turn, the authorization code is issued to the application by the authorization server after the resource owner's confirmation by redirecting the user agent to redirection URI with the authorization code attached. IBM i is not capable of interacting with the resource owner's user-agent (typically a web browser) and is not capable of receiving incoming requests (via redirection) so original Authorization Code Flow isn't possible using i2Rest client only. Nevertheless i2Rest Client together with i2Rest Server bridge can do some trick to reproduce this authorization scenario with the same result for the end user. Please look under the hood of [[Access_code_flow_description|Access code flow using i2Rest bridge mode]]. | + | :OAuth2 Authorization Code Flow allows an application to obtain an access token (which is a permition to deal with protected user data on remote resource) by exchanging an authorization code for it. In it turn, the authorization code is issued to the application by the authorization server after the resource owner's confirmation by redirecting the user agent to redirection URI with the authorization code attached. IBM i is not capable of interacting with the resource owner's user-agent (typically a web browser) and is not capable of receiving incoming requests (via redirection) so original Authorization Code Flow isn't possible using i2Rest client only. Nevertheless i2Rest Client together with i2Rest Server bridge can do some trick to reproduce this authorization scenario with the same result for the end user. Please look under the hood of [[Access_code_flow_description|Access code flow using i2Rest bridge mode]]. |
== Implementation == | == Implementation == | ||
<div id="implementation"></div>You can interact with i2Rest Client [[i2Rest_Client_command|with IBM i command]], or by the mean of it's [[integration API]].<BR/> | <div id="implementation"></div>You can interact with i2Rest Client [[i2Rest_Client_command|with IBM i command]], or by the mean of it's [[integration API]].<BR/> | ||
i2Rest Client command and API are installed in a single package along with i2Rest Server - see [[I2Rest_Install|i2Rest installation guide]]. All functions of i2Rest Client are available for free! | i2Rest Client command and API are installed in a single package along with i2Rest Server - see [[I2Rest_Install|i2Rest installation guide]]. All functions of i2Rest Client are available for free! |
Revision as of 16:48, 26 May 2020
i2Rest Client is a native IBM i tool for web communications via http/https requests. It was intended to extend IBM i interactive green screen and batch functionality with http client functions. i2Rest Client takes on all the difficulties associated with interaction between your programs and all the outside world - from providing transport functions to implementing various authentication and authorization scenarios (like OAuth2.0 flows), wich allows your IBM i to have access to almost any web service.
Request authorization methods
Depending on your target server requirements, you can choose one of the next request authorization metods provided by i2Rest Client:
- Simple request without authorization
- HTTP/HTTPS requests of any type, JSON messages, stream file upload - everything is here. Please explore typical use cases
- Basic access authentication
- Same options as above, but with Basic access authentication. Some use cases for a quick start.
The next three methods are the OAuth2.0 flows, wich are the way of enabling third party application to have limited access to protected user data on remote resource behalf of a data owner. The benefit of OAuth2.0 flows is that end users are not forced to share their usernames, passwords, and other private information to third party applictaions.
- OAuth2 Client Credentials flow
- Client Credentials flow should be used to authenticate your IBM i application on remote resource to work with its own data rather than a user's data. More about i2Rest Client Flow. Some use cases - here.
- OAuth2 Device flow
- OAuth 2.0 Device flow is a flow for those devices (like IBM i) that are not capable to perform a user-agent based authorization. This authorization flow instructs (by providing a URL) the user to review the authorization request on a secondary device with suitable input and browser capabilities to perform the user interaction. How to use i2Rest Client Device flow, typical use cases - here.
- OAuth2 Authorization Code Flow using i2Rest bridge mode
- OAuth2 Authorization Code Flow allows an application to obtain an access token (which is a permition to deal with protected user data on remote resource) by exchanging an authorization code for it. In it turn, the authorization code is issued to the application by the authorization server after the resource owner's confirmation by redirecting the user agent to redirection URI with the authorization code attached. IBM i is not capable of interacting with the resource owner's user-agent (typically a web browser) and is not capable of receiving incoming requests (via redirection) so original Authorization Code Flow isn't possible using i2Rest client only. Nevertheless i2Rest Client together with i2Rest Server bridge can do some trick to reproduce this authorization scenario with the same result for the end user. Please look under the hood of Access code flow using i2Rest bridge mode.
Implementation
You can interact with i2Rest Client with IBM i command, or by the mean of it's integration API.
i2Rest Client command and API are installed in a single package along with i2Rest Server - see i2Rest installation guide. All functions of i2Rest Client are available for free!