Basic authentication for custom configuration services
The Creatio documentation suggests that basic authentication is only available for the OData API and not for a custom configuration web service. Anonymous/Forms authentication are the only 2 ways to authenticate for configuration web services. Would like to reconfirm this.
A typical system integration use case is the following -
1. Creatio pings an external product/system asking it to do some asynchronous processing.
2. External product/system pings a Creatio custom configuration call back to inform it regarding the status.
Typically, external products only permit registering a callback URL and do not provide for customization to do forms authentication with Creatio. How does one over come this? One way is to make the call back permit anonymous authentication but this is a bad security practice. Is there a way to enable basic authentication for custom configuration services on Creatio?
Custom configuration service becomes available after user authentication via the AuthService.svc. If you don't have a possibility to call it directly from your integration you can create another layer of service from your side to send a response from external product and call auth service and after that configuration web service.
Hi Dennis. We are not in a position to do any customization on the external system side.
Is there anything we can do on Creatio's side to facilitate this?
The only way to bypass the Auth service for configuration web services is to create an anonymous web service. As a workaround, you can path login and password to the method in this service and check the validity of credentials in this service using auth service.
Thank you Dennis!