OAuth 1.0a zero-legged authentication
OAuth 1.0a authentication is a signature that is computed using a consumer key and a matching consumer secret, along with the details of the request.
For the REST API, the OAuth 1.0 with HMAC-SHA1 algorithm is used when the REST API is being called through the ION API.
This authentication scheme uses these headers to create a session using the workstation logon mechanism:
| Header | Description |
|---|---|
| X-Infor-Identity2 | This header is a unique and immutable user identifier within a
tenant. This header is provided by the ION API. |
| X-Infor-MongooseConfig | This header is the configuration
name. This header is provided by the user. |
These properties must be configured in the IDO Request Service’s web.config:
| Property name | Property value |
|---|---|
| enableRestWorkstationLogon | True |
| restOAuthConsumerKey | Consumer key provided by ION API |
| restOAuthConsumerSecret | Consumer secret provided by ION API |