skip to main content
Hybrid Data Pipeline API reference : Administrators API : Authentication API : Register external authentication service
  

Try Now
Register external authentication service

Purpose

Registers an external authentication service. An external authentication service can be created using a Java plugin or LDAP.

URL

https://<myserver>:<port>/api/admin/auth/services

Method

POST

URL Parameters

<myserver> is the hostname or IP address of the machine hosting the Hybrid Data Pipeline server for a standalone installation, or the machine hosting the load balancer for a load balancer installation. For a standalone installation, <port> is the port number specified as the Server Access Port during installation. For a load balancer installation, <port> must be either 80 for http or 443 for https. Whenever port 80 or 443 are used, it is not necessary to include the port number in the URL.

Request Payload Definition

The request payload definition varies depending on whether the service is a Java plugin service or an LDAP service.
Request definition for Java plugin service
{
"name": "authservice_name",
"tenantId": tenant_id,
"description": "authservice_description",
"authDefinition": {
"className": "java_plugin_classname",
"attributes": {
"attribute_name": "attribute_value",
"attribute_name": "attribute_value",
...
},
"authTypeId": authtype_id
}
Property
Description
Usage
Valid Values
"name"
The name of the authentication service.
Required
A string that provides a name for the authentication service.
"tenantId"
The ID of the tenant.
Optional
A valid tenant ID. If the tenant ID is not specified, the authentication service will belong to the tenant of the administrator executing the operation.
"description"
The description of the authentication service.
Optional
A string that provides a description for the authentication service.
"authDefinition"
An object that defines the authentication service.
Required
The authDefinition property must include the className property for a Java plugin service. The attributes property can provide useful information, such as an authentication server name, to be consumed by the authentication service.
See authDefinition Object for details.
"authTypeId"
The ID of the authentication type.
Required
2 must be specified for a Java plugin service.
Request definition for LDAP service
{
"name": "authservice_name",
"tenantId": tenant_id,
"description": "authservice_description",
"authDefinition": {
"attributes": {
"targetUrl": "LDAP_URL",
"securityAuthentication": "LDAP_auth_mechanism",
"securityPrincipal": "LDAP_principal",
"securityCredentials": "LDAP_credentials"
}
},
"authTypeId": authtype_id
}
Property
Description
Usage
Valid Values
"name"
The name of the authentication service.
Required
A string that provides a name for the authentication service.
"tenantId"
The ID of the tenant.
Optional
A valid tenant ID. If the tenant ID is not specified, the authentication service will belong to the tenant of the administrator executing the operation.
"description"
The description of the authentication service.
Optional
A string that provides a description for the authentication service.
"authDefinition"
An object that defines the authentication service.
Required
For an LDAP service, the following attributes must be specified via the attributes object.
*targetUrl
*securityAuthentication
*securityPrincipal
*securityCredentials (optional)
See authDefinition Object for details.
"authTypeId"
The ID of the authentication type.
Required
3 must be specified for an LDAP service.

Sample Request Payload

Java plugin example request
{
"name": "jplugauth",
"tenantId": 1,
"description": "Java external auth plugin",
"authDefinition": {
"className": "com.test.hdp.plugins.auth.HDPUserAuthentication",
"attributes": {
"Server": "test-authentication",
"BackupServer": "test-authentication-backup"
}
},
"authTypeId": 2
}
LDAP example request
{
"name": "LDAP",
"tenantId": 66,
"description": "LDAP Auth plugin",
"authDefinition": {
"attributes": {
"targetUrl": "LDAP://123.45.67.899:389",
"securityAuthentication": "simple",
"securityPrincipal": "CN=%LOGINNAME%,OU=TestRuns,DC=testdomain,DC=local"
}
},
"authTypeId": 3
}

Sample Response Payload

Java plugin example response
Status code: 201
Successful response
{
"id": 43,
"name": "jplugauth",
"tenantId": 1,
"description": "Java external auth plugin",
"authDefinition": {
"className": "com.test.hdp.plugins.auth.HDPUserAuthentication",
"attributes": {
"Server": "test-authentication",
"BackupServer": "test-authentication-backup"
}
},
"lastModifiedTime": "2018-02-15T11:09:35.107Z",
"authTypeId": 2,
"tenantName": "OrgM"
}
LDAP example response
Status code: 201
Successful response
{
"id": 21,
"name": "LDAP",
"tenantId": 66,
"description": "LDAP Auth plugin",
"authDefinition": {
"attributes": {
"targetUrl": "LDAP://123.45.67.899:389",
"securityAuthentication": "simple",
"securityPrincipal": "CN=%LOGINNAME%,OU=TestRuns,DC=testdomain,DC=local"
}
},
"lastModifiedTime": "2018-02-14T11:34:13.009Z",
"authTypeId": 3,
"tenantName": "OrgT"
}

Sample Server Failure Response

Status code: 400
Bad request, payload issues.

Authentication

Basic Authentication using Login ID and Password

Authorization

The user must have either the Administrator (12) permission, or the RegisterExternalAuthService (26) permission and administrative access to the tenant.
* authDefinition Object