X-Infor-LnIdentity header and API identities

To perform traceability and accountability within the service provider, each user/machine must have an own unique identity. This identity must be specified in the requests that are sent by the invoker.

To realize this:

  • A separate LN user and API identity must exist for each invoker. These API identities must be linked to an API role.
  • A custom header, X-Infor-LnIdentity, must be added to the requests that are sent by the invokers. You must add this header to provide the identity to be used during the processing of the request. This identity must correspond with the API identity of the invoker that sends the request. For example:
    • The requests that are sent by machine 1 must contain X-Infor-LnIdentity = <API identity of machine 1>.
    • The requests that are sent by machine 2 must contain X-Infor-LnIdentity = <API identity of machine 2>.

In this way, you can perform traceability and accountability for the different invokers.

To successfully send the requests for the 2 machines mentioned above, the invoker must be authorized to switch its identity to the API identities of machine 1 and 2.