Chapter 16. Authenticating third-party clients through RH-SSO
To use the different remote services provided by Business Central or by Decision Server, your client, such as curl, wget, web browser, or a custom REST client, must authenticate through the RH-SSO server and have a valid token to perform the requests. To use the remote services, the authenticated user must have the following roles:
-
rest-all
for using Business Central remote services. -
kie-server
for using the Decision Server remote services.
Use the RH-SSO Admin Console to create these roles and assign them to the users that will consume the remote services.
Your client can authenticate through RH-SSO using one of these options:
- Basic authentication, if it is supported by the client
- Token-based authentication
16.1. Basic authentication
If you enabled basic authentication in the RH-SSO client adapter configuration for both Business Central and Decision Server, you can avoid the token grant and refresh calls and call the services as shown in the following examples:
For web based remote repositories endpoint:
curl http://admin:password@localhost:8080/decision-central/rest/repositories
For Decision Server:
curl http://admin:password@localhost:8080/kie-execution-server/services/rest/server/