In the documentation of the web service, in addition to Token-based authentication, there is a description of the authentication method based on OAuth 1.0a
Here is a successful request to Postman
When I tried to send the same request from Creatio (I copied the parameters from Postman), I get an error
While setting up as per the article, there is one required field in the OAuth Setting fields which is "Auth code request URL".
But the API endpoints for which, I have to make use of Web Service OAuth Authentication, is not having settings for Auth code request URL required parameter.
Please guide and help me on this point that how I can set up OAuth Authentication in web service without Auth code request URL.
From the /ServiceModel/AuthService.svc/Login authorization API respond with 4 Set-Cookie headers in the response. But according to the spec [https://datatracker.ietf.org/doc/html/rfc6265#section-4.1] , "Servers SHOULD NOT include more than one Set-Cookie header field in the same response with the same cookie-name." From the client application, it can't get the all 4 header values, only first one retrievable. Could you please give a fix or suitable workaround for this.
8.1.2.5. Compressing the Cookie Header Field
The Cookie header field [COOKIE] uses a semi-colon (";") to delimit
cookie-pairs (or"crumbs"). This header field doesn't follow the
list construction rules in HTTP (see [RFC7230], Section 3.2.2), which
prevents cookie-pairs from being separated into different name-value
pairs. This can significantly reduce compression efficiency as
individual cookie-pairs are updated.
To allow for better compression efficiency, the Cookie header field
MAY be split into separate header fields, each with one or more
cookie-pairs. If there are multiple Cookie header fields after
decompression, these MUST be concatenated into a single octet string
using the two-octet delimiter of 0x3B, 0x20 (the ASCII string "; ")
before being passed into a non-HTTP/2 context, such as an HTTP/1.1
connection, or a generic HTTP server application.
Therefore, the following two lists of Cookie header fields are
semantically equivalent.
cookie: a=b; c=d; e=f
cookie: a=b
cookie: c=d
cookie: e=f
8.1.2.5. Compressing the Cookie Header Field
The Cookie header field [COOKIE] uses a semi-colon (";") to delimit
cookie-pairs (or"crumbs"). This header field doesn't follow the
list construction rules in HTTP (see [RFC7230], Section 3.2.2), which
prevents cookie-pairs from being separated into different name-value
pairs. This can significantly reduce compression efficiency as
individual cookie-pairs are updated.
To allow for better compression efficiency, the Cookie header field
MAY be split into separate header fields, each with one or more
cookie-pairs. If there are multiple Cookie header fields after
decompression, these MUST be concatenated into a single octet string
using the two-octet delimiter of 0x3B, 0x20 (the ASCII string "; ")
before being passed into a non-HTTP/2 context, such as an HTTP/1.1
connection, or a generic HTTP server application.
Therefore, the following two lists of Cookie header fields are
semantically equivalent.
cookie: a=b; c=d; e=f
cookie: a=b
cookie: c=d
cookie: e=f
I am trying to enable OAuth 2.0 authorization for configuration web services on a on-premises Creatio v7.17/MS SQL instance. I followed this article and got stuck at Point #3 (Creating default resource). Has anyone been able to enable OAuth 2.0 successfully?? Pls find below some details reg my use case -
On trying to add a default resource from the Creatio GUI, we get an error. Ref "Error.png". There is no mention of having to change/fix 'IdentityServerClientId' and 'IdentityServerClientSecret' system settings in the Academy article. The article only mentions OAuth2.0 settings. I went ahead and set the same ClientId & ClientSecret in the above two system settings also. The same error continues.
appsettings.json file used to setup IdentityService.
There is a console error which says Ext.JSON.decode is unable to decode the JSON string. However gives no info reg which JSON string it is speaking about. Ref "ConsoleError.png"
Pls find below value of all relevant system settings -
OAuth20IdentityServerUrl & IdentityServerUrl - "http://localhost:90" (This is where IdentityService is hosted)
There are a few possible root causes of the issue and it's hard to tell the exact one only with the information provided and with no access to the instance.
Please contact our support team via an email: support@creatio.com and submit the support request so we could check all the needed details.
I have successfully configured OAuth 2.0 authorization on my localhost. I had the same error as you, to check ClientId and ClientSecret. After checking with Creatio support, the problem was in appsettings.json with Clients part of configuration. I have copied Client block of code from Step 10 of this article into appsettings.json (\"AllowedScopes\": part was missing) and after that successfully Generated default resource. Please try that and let us know if it worked. Thanks.
In order to enable Anonymous service for .Net Core edition of Creatio all you need to do is to add information about this service to "AnonymousRoutes" block of ..\Terrasoft.WebHost\appsettings.json file.
The documentation clearly says that there is way to create a configuration service with Anonymous authentication. Hope you went through the Academy link I pasted in the question.
My question was -
The documentation only lists out the steps for the WCF based configuration services (Used by .Net Framework on Windows). How does one go about creating an anonymous service on a Linux installation of Creatio using .Net Core?
In order to enable Anonymous service for .Net Core edition of Creatio all you need to do is to add information about this service to "AnonymousRoutes" block of ..\Terrasoft.WebHost\appsettings.json file.
