skip to main content
Administering Hybrid Data Pipeline : Authentication : Integrating external authentication with a Java plugin : Registering an external authentication service (Java authentication plugin)
  

Try Now
Registering an external authentication service (Java authentication plugin)
Once a Java authentication plugin has been built and added to Hybrid Data Pipeline, any external authentication service configured to use the Java plugin must be registered via the Authentication API before end users can be provisioned via the external authentication service.
An external authentication service registered in the default system tenant is available across all tenants, while an external authentication service registered in a child tenant is only available in that tenant. Once a service is registered with a tenant, the tenant administrator can provision end users in the tenant to authenticate via the service. A user with the Administrator (12) permission can register an external authentication service on any tenant within the system. A user with the RegisterExternalAuthService (26) permission can register an external authentication service on any tenant to which he or she has administrative access.

POST operation

The POST operation to register an external service will have the following syntax.
POST https://<myserver>:<port>/api/admin/auth/services

Payload definition

The payload used to register a Java authentication plugin service can be defined as follows.
{
"name": "authservice_name",
"tenantId": tenant_id,
"description": "authservice_description",
"authDefinition": {
"className": "java_plugin_classname",
"attributes": {
"attribute_name": "attribute_value",
"attribute_name": "attribute_value",
...
},
"authTypeId": authtype_id
}
Property
Description
Usage
Valid Values
"name"
The name of the authentication service.
Required
A string that provides a name for the authentication service.
"tenantId"
The ID of the tenant.
Optional
A valid tenant ID. If the tenant ID is not specified, the authentication service will belong to the tenant of the administrator executing the operation.
"description"
The description of the authentication service.
Optional
A string that provides a description for the authentication service.
"authDefinition"
An object that defines the authentication service.
Required
The authDefinition property must include the className property for a Java plugin service. The attributes property can provide useful information, such as an authentication server name, to be consumed by the authentication service.
See authDefinition Object for details.
"authTypeId"
The ID of the authentication type.
Required
2 must be specified for a Java plugin service.

Example

The following POST operation registers the jplugauth service. Note that the className property provides the class name of the Java plugin, and the attributes property provides the HashMap that will be processed by the authentication service.
POST https://MyServer:8443/api/admin/auth/services
Request payload
{
"name": "jplugauth",
"tenantId": 1,
"description": "Java external auth plugin",
"authDefinition": {
"className": "com.test.hdp.plugins.auth.HDPUserAuthentication",
"attributes": {
"Server": "test-authentication",
"BackupServer": "test-authentication-backup"
}
},
"authTypeId": 2
}
Response payload
Status code: 201
Successful response
{
"id": 43,
"name": "jplugauth",
"tenantId": 1,
"description": "Java external auth plugin",
"authDefinition": {
"className": "com.test.hdp.plugins.auth.HDPUserAuthentication",
"attributes": {
"Server": "test-authentication",
"BackupServer": "test-authentication-backup"
}
},
"lastModifiedTime": "2018-02-15T11:09:35.107Z",
"authTypeId": 2,
"tenantName": "OrgM"
}

What to do next

End users can now be provisioned to authenticate via the external authentication service.