This is a first...
-
We just updated an industry leading tool from version 2019 to 2022 (the latest). One new feature is a REST Web API, which is the main reason we're updating. It works through Swagger in the browser, but calling the API from code proved to be more of a challenge. Apparently, it authenticates using Kerberos or NTLM :| I wouldn't even think that was an option in 2022 (or even at all, for a Web API).
Best, Sander Azure DevOps Succinctly (free eBook) Azure Serverless Succinctly (free eBook) Migrating Apps to the Cloud with Azure arrgh.js - Bringing LINQ to JavaScript
-
We just updated an industry leading tool from version 2019 to 2022 (the latest). One new feature is a REST Web API, which is the main reason we're updating. It works through Swagger in the browser, but calling the API from code proved to be more of a challenge. Apparently, it authenticates using Kerberos or NTLM :| I wouldn't even think that was an option in 2022 (or even at all, for a Web API).
Best, Sander Azure DevOps Succinctly (free eBook) Azure Serverless Succinctly (free eBook) Migrating Apps to the Cloud with Azure arrgh.js - Bringing LINQ to JavaScript
Sander Rossel wrote:
Apparently, it authenticates using Kerberos or NTLM :| I wouldn't even think that was an option in 2022 (or even at all, for a Web API).
Yeah, that is _interesting_. I mean you're still passing a token to get authenticated, I'm guessing? Do you (on the cient side) have to do something special or is it all done on the server side? Is there a special process to generate a special Kerberos token on the client side? I don't know how that works. It sounds confusing. :confused:
-
Sander Rossel wrote:
Apparently, it authenticates using Kerberos or NTLM :| I wouldn't even think that was an option in 2022 (or even at all, for a Web API).
Yeah, that is _interesting_. I mean you're still passing a token to get authenticated, I'm guessing? Do you (on the cient side) have to do something special or is it all done on the server side? Is there a special process to generate a special Kerberos token on the client side? I don't know how that works. It sounds confusing. :confused:
Apparently, it works as follows:
var handler = new HttpClientHandler
{
Credentials = new NetworkCredential("username", "password", "domain") // Or use CredentialCache.DefaultCredentials for the current user
};
var client = new HttpClient(handler);
// Use the client here as you normally would.You can do this using DI and use the IHttpClientFactory to create your clients. You're not sending tokens, it's more like Basic Authentication.
Best, Sander Azure DevOps Succinctly (free eBook) Azure Serverless Succinctly (free eBook) Migrating Apps to the Cloud with Azure arrgh.js - Bringing LINQ to JavaScript
-
We just updated an industry leading tool from version 2019 to 2022 (the latest). One new feature is a REST Web API, which is the main reason we're updating. It works through Swagger in the browser, but calling the API from code proved to be more of a challenge. Apparently, it authenticates using Kerberos or NTLM :| I wouldn't even think that was an option in 2022 (or even at all, for a Web API).
Best, Sander Azure DevOps Succinctly (free eBook) Azure Serverless Succinctly (free eBook) Migrating Apps to the Cloud with Azure arrgh.js - Bringing LINQ to JavaScript
I hope your experience with Swagger is better than mine! X| IIRC, the real challenge was dealing with intermittent (>50%) timeout errors likely caused by the huge amount of data I was requesting. (caused by the inability to get proper summarized results in the outdated odata service provider) I emailed the vendor to ask for help and report the high occurrence of timeouts and got nowhere. That project was ultimately scrapped due to lack of support from the vendor/customer.
"Go forth into the source" - Neal Morse "Hope is contagious"
-
I hope your experience with Swagger is better than mine! X| IIRC, the real challenge was dealing with intermittent (>50%) timeout errors likely caused by the huge amount of data I was requesting. (caused by the inability to get proper summarized results in the outdated odata service provider) I emailed the vendor to ask for help and report the high occurrence of timeouts and got nowhere. That project was ultimately scrapped due to lack of support from the vendor/customer.
"Go forth into the source" - Neal Morse "Hope is contagious"
That's not really Swagger's fault. Swagger is just (generated) documentation of a web API with the ability to test the API. If the API sucks, so will Swagger. If anything, Swagger showed you the API sucked and that you didn't need to invest more time in it. The only "bad experience" I've had with Swagger was it breaking when doing some non-standard API development (like having a single endpoint for all functionality, don't ask...). I can't really expect Swagger to handle such weird edge cases.
Best, Sander Azure DevOps Succinctly (free eBook) Azure Serverless Succinctly (free eBook) Migrating Apps to the Cloud with Azure arrgh.js - Bringing LINQ to JavaScript
